Jump to content
Alexander Ilin

Suggestions for Kaspersky Security Center 10. [In progress]

Recommended Posts

To perform constructive systems management functions you need to be able to target applications and devices - whilst you can create a Device Selection targetting Application Registry and then run a Task, like batch file uninstall, this does not always work if applications are not visible.

Feature Request - The ability in Device Selection to target executable files by file name, application name and applicatiton version , so that Tasks can then be run against the relevant machines.

image.png.b60772edd694d475329cae384430a1c7.png

Share this post


Link to post

Not sure how well this fits in this thread, but I've had to write a powershell script that handles some of the day-to-day troubleshooting of KES devices when methods provided in the GUI don't work.

Using powershell remoting or psexec, my script seems to do the job when KSC10 can't.

I'm putting the source code on GitHub eventually, will not be providing Kaspersky's executables though.

Can Kaspersky author a tool similar to this with some extended capability?

image.png.bf1f3f412c7c18e3b2e4f4d67dd93f05.png

Share this post


Link to post

KSC needs better reports integration with Kaspersky for File Server. Following reports should be available:

File Integrity Monitor - report on all files created, modified and which user/process did it etc

Log Monitor - detailed reports on different event types like brute force attack detection, anomaly detection etc. It should show all the detailed information (which user, which process, what was done to the system etc).

Currently there's no way to get any of this information except manually going through the logs and opening every single event to look at its details.

Share this post


Link to post

Another thing I would like to see Security Center is the  overview of system activity when a system was compromised. Eg exact visualization of what happened on the system: what was downloaded, what processes were started, what they accessed and so on. Like in the management console of SentinelOne and Cisco AMP for example.

A video of SentinelOne's management:

 

Share this post


Link to post
On 10/24/2018 at 1:27 AM, ForYouAreCrunchy said:

Not sure how well this fits in this thread, but I've had to write a powershell script that handles some of the day-to-day troubleshooting of KES devices when methods provided in the GUI don't work.

Using powershell remoting or psexec, my script seems to do the job when KSC10 can't.

I'm putting the source code on GitHub eventually, will not be providing Kaspersky's executables though.

Can Kaspersky author a tool similar to this with some extended capability?

image.png.bf1f3f412c7c18e3b2e4f4d67dd93f05.png

Hi,

I think I need this kind of tool because sometime KSC can't reach the client.
Would be nice if you can share the Github Link.

Thanks,

Share this post


Link to post
Le 09/05/2013 à 18:27, OneJeremias a dit :

I would like to see some extra tools built into the right-click options, such as shutdown, restart, force logoff, ping, test for logged-in users, wol, etc. Many of these I have configured manually using the "Custom Tools" right-click option in conjunction with PStools, but I think it could be done better if it were built-in.

 

Also, it would be nice to be able to add custom fields to machine records that would allow us to classify systems any number of ways, and make those available as sort options on the Computer list. Or perhaps be able to create folders that represent categories of machines that do NOT in any way affect which AV policies those machines operate under. I want to be able to classify some computers as "Sales", some as "Remote", some as "Marketing", and be able to dynamically add and remove computers from those categories via drag-and-drop, then execute tasks as needed for each of those groups. Exporting group lists to excel would be helpful for using these lists in other programs.

 

I realize these capabilities extend beyond the bounds of security, but since KSC is already a place from which I do much of my computer management, I figured I'd put it out there.

Please make sure in-place upgrade from kav6 and kes8 is tested and works well. You always advertise that it can be done but installing over an older version has not worked well for me in the past. I have about 19,000 devices and having to remove the old client first before I can install the new one creates additional work and a lot of time wasted.

Share this post


Link to post
il y a une heure, RACYGIGI a dit :

Please make sure in-place upgrade from kav6 and kes8 is tested and works well. You always advertise that it can be done but installing over an older version has not worked well for me in the past. I have about 19,000 devices and having to remove the old Torrent TurboTax Gogoanime client first before I can install the new one creates additional work and a lot of time wasted. 

  •  

 I want to be able to classify some computers as "Sales", some as "Remote", some as "Marketing", and be able to dynamically add and remove computers from those categories via drag-and-drop, then execute tasks as needed for each of those groups. Exporting group lists to excel would be helpful for using these lists in other programs.

  

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.