Alexander Ilin

Your suggestions on Kaspersky Security Center 9

56 posts in this topic

Hi everybody!

 

All forum users now have an opportunity to suggest improvements to our beloved product.

 

What would you like to improve in Kaspersky Security Center 9?

We are NOT speaking this time about adding new functions or making some revolutionary changes.

But maybe you would like to improve/make better some of its existing functions?

 

An example: “I am fine with the way the reports are, everything runs smoothly. But it would be absolutely legendary to have 3D reports with photos of viruses!”

Well we do not guarantee implementing every single suggestion, but we are very eager to hear them.

 

Thank you!

Share this post


Link to post
Share on other sites

Hi Alexander,

 

We use the new Kaspersky Security Center 9 since release. It's much more powerful than the Kaspersky Administration Kit 8.

 

I would welcome a few more detailed policy settings for the Kaspersky Endpoint Security 8 for Windows Workstations:

 

- add the possibility that the user can't abort the "Scan removable drives on connection". It would be great, if the user could only hide the scan window. He should not able to cancel the scan task.

- add the possibility that the administrator could define much more detailed settings for “Perform Idle Scan”. I would like to scan the machines every time automatically, when they are in idle mode. Currently it works only if the last full scan is a long time ago.

 

KSC 9.2.69

KES 8.1.0.646

 

Regards,

PoV

 

Share this post


Link to post
Share on other sites

Hi,

Force synchronization

I use the new Kaspersky Security Center 9 since beta release. KSC9 is more powerful than the Kaspersky Administration Kit 8.

 

In Admin kit 8 when we Force synchronization any system in the group it return an error if Force synchronization is not complete successfully. but in KSC 9 we did not get any error message although the Force synchronization not successfully done. So we don't understand that the Force synchronization is complete success full or not.

Edited by Mystery4u

Share this post


Link to post
Share on other sites

I'm not sure if some of these would fall under "new features" or "enhancements to existing features", but here goes:

 

In KSC9 being able to go to Applications and vulnerabilities | Application Registry, right click on an application, select properties | computers, and from the list of computers that have that application installed, on that screen being able to select them and create a task from here (ex: uninstall application, send message, reboot, install software, etc.). This would be an AMAZING feature that would save us a lot of time. :pray:

 

When running a report on virus activity, clicking on the virus name should perhaps send you to a Kaspersky web site that allows you to see more details on that virus. Same with the Secunia vulnerability ID (ex: SA41234) in the Application vulnerabilities section.

 

In KSC9 in the Applications and vulnerabilities | Executable files section, being able to verify a batch of MD5 hashes against an online reference like virustotal (although I realize that this probably has licensing or other implications or doesn't project the proper image, but I thought I'd throw the idea anyways). So perhaps if there was a "lookup this hash online" function that allows you to to populate that hash value into a URL that you define yourself in KSC9 in order to look it up online either on google (www.google.com/search?q=MD5) or on a sandbox web site like malwr.com (malwr.com/analysis/MD5/ )or threatexpert (www.threatexpert.com/report.aspx?md5=MD5). i.e. Kaspersky Labs would not be providing the URLs. The user would be the one who would define the URL parameter. Kaspersky would simply provide in KSC9 the ability to populate the MD5 column value into a URL that the user defines. It could perhaps even be used internally by the organization in order to create a ticket into a ticketing system (i.e. "get tech support to research this MD5).

Edited by No Network

Share this post


Link to post
Share on other sites

It's a good deal to ask the customers for their ideas and not only to "make something new"

 

1st:

Please add the path of an infected or suspicious file to the warning action mail.

I would like to see the full path of the infected file directly in the mail that is send when a virus is found not only after going into KSC.

 

2nd:

Please sort the events in the events selection by date. Latest on top. Currently some unsorted listing is done there so the first thing I have to do every time is sort that huge list, which takes some unneseccary time...

 

 

Would love to see this implemented...

Share this post


Link to post
Share on other sites

Hi,

 

It would be very usefull to be able to do a computer selection base on a specific registry value.

 

By example:

HKEY_USERS\.DEFAULT\Control Panel\International\LocalName=fr-CA

 

To list the computers with French UI

 

Or add a criteria to filter the OS language. But, to be able to filter on a specific registry value will give a lots of granularity to the Selection feature.

 

Also, in a list of computers, when we click on a letter, the list just go back to the first computer of the list. It would be nice that the list goes to the first computer starting by the pressed letter like in Windows explorer

 

Thanks for asking.

 

 

Share this post


Link to post
Share on other sites

A feature that would be Very helpful would be to have a Search feature to show Devices without kaspersky then be able to Right Click on it and Select a few options like: 1) Install Agent, 2) Remove incompatable application, 3) Install KES, 4) Do all the above.

 

This would be sweet !

This would same Lots of Time !

Share this post


Link to post
Share on other sites

As a new user still in the deployment phase, I have some input about tasks.

We are currently using one task to remove our existing AV product and another to deploy KES. It's nice that we can chain the two together by setting the deployment task to run upon completion of the removal task, but I think there is a better way. Since many of the settings are the same between the two tasks, I would like to see the removal and deployment done as separate steps within a single job.

 

For instance: I would define a job and name it something like "remove old AV and deploy KES"

For the job as a whole I would set things like notification, client computers, accounts, etc.

Then I would define steps such as:

Step 1: remove incompatible apps

Step 2: deploy KES

Step 3: perform full scan

The individual steps would have settings specific to each (OS reboot, etc).

 

This would remove some redundancy and prevent one of my current fears, which is that I will accidentally choose the wrong client computers in two tasks that I intend to link together.

 

TK

 

Share this post


Link to post
Share on other sites

it is very good but their is some bugs ,when i run a task for a several computers the task result tells me it is running on some computers and finished on some and i wait for about an hour and the task is running this problem is on pushing net agent ,and packeges i search for the computers needed to control them buy agent i find the agent installed him self but the task keep telling me that he is running ,this is a bug maybe need to be fixed quickly ,another thing i noticed when working on events or any category like managed computer ,repositories,and event and computer selection ,the graphic interface for the kit become scratched i don't know how to explain but like this i move the mouse the phases on the kit move wrong i end task the kit then the desktop appears normal ,no auto refresh for categories this needed for everything to refresh ,so please this is a major problem and at the first the task problem

Edited by WinBug

Share this post


Link to post
Share on other sites

Add more detail to email notifications.

 

Where exactly was the virus found in the local computer? What type of malware is it?

 

 

Remote installation:

Remote installation of agent for Mac OS X (if possible)

Edited by carlosco612

Share this post


Link to post
Share on other sites
Add more detail to email notifications.

Where exactly was the virus found in the local computer? What type of malware is it?

 

+1 to the more details in email notifications

Share this post


Link to post
Share on other sites

You should be able to highlight an item by typing while in any detail/list view in KSC9 and KES8.

 

For example, if you are in the "Computers" tab, you should be able to start typing the computer's name instead of scrolling to its location in the list.

Share this post


Link to post
Share on other sites

When in create task wizard, it will be nice to be able to go back a step sometime. The only option we have is the Next button. If you did a mistake in the previous step, we need to cancel and we loose all our work.

Share this post


Link to post
Share on other sites

3. Create an option for the offline rules, that a online rule client will only switch to the offline rule, if the admin server is not reachable for X seconds. That would make it more possible to restart the server during working hours!

 

4. in the Files section under Unprocessed files create an option to make an exception for a file listed there.

 

5. in the Files section under Unprocessed files make it possible to delete only the log entry in the console and on the client not the file itself on the client. The client can then report the file, if it is found again, if the admin has not created an exception in the meantime.

Edited by stelektro

Share this post


Link to post
Share on other sites

Hello,

 

Here are some changes wich should improve the product :

 

1) Make "Computers" Tab the one displayed by default in KSC.

 

2) Include the possibility of hiding KES tray icon/Start-All Programs icons through policy

 

3) Give administrator an option to disable the automatic installation of update agent under certain conditions. Disabled it by default would make sense. Critical issue imho.

 

4) A lot of space is wated on the top of the right panel in KSC, this could be improved.

 

Thanks,

Share this post


Link to post
Share on other sites
4. in the Files section under Unprocessed files create an option to make an exception for a file listed there.

 

5. in the Files section under Unprocessed files make it possible to delete only the log entry in the console and on the client not the file itself on the client. The client can then report the file, if it is found again, if the admin has not created an exception in the meantime.

 

 

I can only agree with that. This is one of the most annoying points in KSC atm. I am not willing to add these files found by heuristics to every ruleset. We need a possibility to add these files to some kind of whitelist.

 

I want to be informed about "not a virus:" like files but i also want to be able to whitelist them easily.

Share this post


Link to post
Share on other sites
+1 to the more details in email notifications

 

Agree to this as well. Should be easy to do.

Share this post


Link to post
Share on other sites
A feature that would be Very helpful would be to have a Search feature to show Devices without kaspersky then be able to Right Click on it and Select a few options like: 1) Install Agent, 2) Remove incompatable application, 3) Install KES, 4) Do all the above.

 

This would be sweet !

This would same Lots of Time !

 

You can create corresponding computers selection or sort list of computers by 'Agent/Antivirus' column. After that you can run any task for that selection.

 

I recommend to configure automatic installation at least Network Agents on the new managed computers and to deal only with problem cases of broken installation.

Share this post


Link to post
Share on other sites
As a new user still in the deployment phase, I have some input about tasks.

We are currently using one task to remove our existing AV product and another to deploy KES. It's nice that we can chain the two together by setting the deployment task to run upon completion of the removal task, but I think there is a better way. Since many of the settings are the same between the two tasks, I would like to see the removal and deployment done as separate steps within a single job.

 

For instance: I would define a job and name it something like "remove old AV and deploy KES"

For the job as a whole I would set things like notification, client computers, accounts, etc.

Then I would define steps such as:

Step 1: remove incompatible apps

Step 2: deploy KES

Step 3: perform full scan

The individual steps would have settings specific to each (OS reboot, etc).

 

This would remove some redundancy and prevent one of my current fears, which is that I will accidentally choose the wrong client computers in two tasks that I intend to link together.

 

TK

 

Removing incompatible apps is part of KES installation, you need additional step 'remove incomatible apps' only when you are having some problems with corresponding KES functionality or want to configure that step by some special way. Step 3 can be done by scheduing corresponding 'Full scan' task with option 'Run missed task'. It will start immediately after KES installation.

Share this post


Link to post
Share on other sites
Hello,

 

4) A lot of space is wated on the top of the right panel in KSC, this could be improved.

 

Thanks,

 

You can hide top part of right panel by clicking on corresponding 'hide' control on the panels delimiter. The same is true for all panels in the SC interface.

Share this post


Link to post
Share on other sites

Thanks kulaga, i know that already. But even with everything hidden it still feels more bloated than KAK 8.

 

Share this post


Link to post
Share on other sites
3) Give administrator an option to disable the automatic installation of update agent under certain conditions. Disabled it by default would make sense. Critical issue imho.

 

Thanks,

 

This option already exists in the properties of administration server. Why do you think it should be disabled by default? What kind of problems do you have?

Share this post


Link to post
Share on other sites

Add some kind of condition task or rule, whereas if a client is found within this subnet, install the agent. Or if a client is found using an older version of the software, install a new version.

Share this post


Link to post
Share on other sites
Add some kind of condition task or rule, whereas if a client is found within this subnet, install the agent. Or if a client is found using an older version of the software, install a new version.

 

Why can't you use automatic installation option in the administraton group properties?

Share this post


Link to post
Share on other sites

6. make it possible to edit exports of the exception lists of the trusted zone with an external editor. Currently, the .dat exports are encrypted or so and cannot be read. But this would be helpful when creating a huge list of exceptions e.g. from an other AV programm or for a special application.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now