Jump to content
  • Announcements

    • Rodion Nagornov

      Долгое сохранение сообщений || Delays while posting   09/20/2017

      По техническим причинам возможно визуально долгое отправление сообщений на форуме. Фактически ваше сообщение публикуется мгновенно - долго отрабатывает графика. В случае подобной ситуации, пожалуйста, сначала обновите страницу (F5) и проверьте, появилось ли ваше сообщение. Не пытайтесь сразу отправить его заново.  || Due to some technical reasons visual delays are possible while message sending. Actually your message is published immediately - just interface works long. In such case, please, do not re-send your message immediately! Press F5 to reload the page and check if your message/topic is published.
Alexander Ilin

Suggestions for Kaspersky Security Center 10. [In progress]

Recommended Posts

I would like an option when i am doing a task with 10 computers for example, if it fails on 3 of them, to be able to start the task again with the remaining 3 machines.

 

I would also like this option. I was working with tasks today (updating Acrobat) and wondered why there wasn't an easier way to 'retry' the failed ones.

Share this post


Link to post
Share on other sites
fleon   

The KSC application installer also needs an overhaul. I recently created a company account ticket because ksc fails to properly install a custom MSI package that was created with the WIX toolkit. The msi should create a program group in the start menu with a link, startup icon and control panel uninstall strings, but somehow the only thing that works is the folder copy/creation. When installing the msi manually by double click everything works.

 

We also need logging features for third party packages installation

Share this post


Link to post
Share on other sites
turettim   

Hi,

 

since th eKES 8 CF1 :

In the context menu of the application icon located in the Microsoft Windows taskbar notification area, the Pause protection option is no longer accessible if a Kaspersky Security Center policy is applied and active

 

it would be nice to get this option back with a password!

Share this post


Link to post
Share on other sites

- IPv6 support. This will allow companies that utilize Microsoft DirectAccess to have less problems, such as critical event errors about updating, etc.

 

- Please allow us to filter out critical events we do not want to see, such as "network update error" events, etc.

 

- Make 'Check Connection' actually check for a connection again. It should ping the machine when you click that and then update the status. Not just go off what it might know from the last time it checked. Machines are sometimes online for awhile while Kaspersky still says they're not.

 

- Have a way to clear the vulnerability report.

 

 

 

PS: The List functionality of this forum does not work. When I use List, the post shows up blank.

Edited by FMcGovern

Share this post


Link to post
Share on other sites
theworkz   
The KSC application installer also needs an overhaul. I recently created a company account ticket because ksc fails to properly install a custom MSI package that was created with the WIX toolkit. The msi should create a program group in the start menu with a link, startup icon and control panel uninstall strings, but somehow the only thing that works is the folder copy/creation. When installing the msi manually by double click everything works.

 

We also need logging features for third party packages installation

I agree with having an installer overhaul. My suggestion would be to optimize it so it does not require so much space for a stand-alone installation package. Currently, we distribute the setup.exe (500MB) file locally to ensure its on the machine (for remote laptops) and then execute it with command line once it exists.

 

When this standalone setup executes, it immediately duplicates itself (SAME FILE) to C:\Windows\Temp and consumes 500mb more memory. Once that copy to TEMP completes, the installer extracts the contents of setup.exe (msi's) to subdirectories in the TEMP directory consuming an additional 500mb of memory.

 

Before the installation has even started, the installer files are now consuming 1.5GB. This slows down the installation of the product and makes it difficult for some older machines which have limited space availbility. Yes, we could execute from a network share, or extract the contents and install via the MSI's but we need the registration process to automate properly as well as the removal of our previous antivirus.

 

Just my two cents...

Edited by TheWorkz

Share this post


Link to post
Share on other sites
rob343   

Hi, i have started testing File and folder Encryption. i have a few suggestions around this. better reporting to identify what is encrypted on a machine. maybe some sort of icon overlay on encrypted files and/or folders. maybe something on the main client kaspersky gui to identify the machine has got encryption enabled.

 

On full disk encryption, how about a stand alone recovery web page so i don't have to give access to the security center.

 

reporting MORE out the box reports (look at SCCM they have 100's!!!!!! ) if your trying to compete with the big management suites we need to be able to produce report for management, they love pretty reports. these alone could make the difference when it come to renewal time.

 

hope somebody picks these up

Share this post


Link to post
Share on other sites
Alencar   

* I noticed that the last version updates (KSC9.2 to KSC10) the SQL service must be restarted. Every time I uninstall the old KSC and install the new restoring bkp, the console does not start.

 

* The status (Restart required) after installation in some stations do not change, even me doing the restart. The status changes only after reinstalling aplitativo.

Share this post


Link to post
Share on other sites
Hi,

 

since th eKES 8 CF1 :

In the context menu of the application icon located in the Microsoft Windows taskbar notification area, the Pause protection option is no longer accessible if a Kaspersky Security Center policy is applied and active

 

it would be nice to get this option back with a password!

 

Agree with the suggestion to get the pause protection without having to stop the Policy.

 

I would like also to be able to upgrade to KES10 without having to reboot multiple time.

Share this post


Link to post
Share on other sites

Not sure if this was mentioned before. But i find extremely confusing having to lock items in the policy in order to make them overwrite whatever settings I'm trying to push. And the fact that once you lock it, the user cannot make any changes to it.

 

Suggestion: Make it so the settings on the policy are what the clients should be using and use the "Lock" to prevent any changes.

 

This way, i dont have to lock everything down to make sure users are using the policy settings.

Edited by carlosco612

Share this post


Link to post
Share on other sites

Hello every one this forum. I´m kind of new in this Kaspersky thing. I need to deploy KSC 10 on a windows server 2008 R2 working as a domain controller. But during the installation process i get the following error:

 

Error while installing: System error 0x534 (No mapping between account names and security IDs was done.).

 

Any help with this issue. Thanks.

Share this post


Link to post
Share on other sites
Hello every one this forum. I´m kind of new in this Kaspersky thing. I need to deploy KSC 10 on a windows server 2008 R2 working as a domain controller. But during the installation process i get the following error:

 

Error while installing: System error 0x534 (No mapping between account names and security IDs was done.).

 

Any help with this issue. Thanks.

Hello.

 

It is known issue. Will be fixed in CF1. As workaround you can do the follow:

1. Give thic DC PDC emulator role.

2. Install KSC

3. Return roles to default.

 

 

Share this post


Link to post
Share on other sites
etaftm   

Feature request would be VPN capability within KES. I have seen other companies like CheckPoint integrate VPN client-to-site into the security application. I think this would be the last piece to the puzzle to make this a complete solution for security.

 

Another feature request for application control: The ability when adding .exe as trusted, low restricted, high restricted in policy is to be able to select .exe that were on a particular machine OR have the ability in the application registry to personalize .exe as trusted, etc.

Edited by etaftm

Share this post


Link to post
Share on other sites
pcpranav   

Some suggestions, based on my low understanding of KSC, its regarding Update Agent.

 

Firstly, need a tree section in KSC console to highlight/manage specifically the UA machines. maybe show their state - active, offline, updated, etc.

 

Secondly, the current UA Options (any one):

(i) automatically select UpdateAgent within group(s), when ticked in the properties of AdminServer.

(ii) if above is not ticked, user can manually assign UpdateAgent to any machine.

 

in the (i), the UA is dynamically selected, for every group having 100+ machines, based on that machine's cpu/ram/no-laptop properties. Can this 100 limit be configured ? this would help in branch offices (groups) having less machines.

 

in the (ii), when manually assigning UA for a group, if that UA machine fails, if we can get option to assign secondary UA machine ?

Edited by pcpranav

Share this post


Link to post
Share on other sites

I would like to see the ability to select computers to be by default "never disconnect from the Administration Server".

 

A better upgrade process from 6>8 or 8>10, uninstalling each previous version on every machine is quite tedious.

 

Also an easier way to allow VPN clients, such as Cisco Anyconnect VPN, etc through KES, so that end users don't have to exit Kaspersky entirely to connect.

Edited by CripledCyclone

Share this post


Link to post
Share on other sites

- An option to generate a list with all policies and tasks and their location (full path)

 

- A "Full path" field in the file generated after export a search, not only "parent group", because in some extructures can be confuse..

 

Group 1\devices\computers

Group 2\devices\computers

Admin\users\computers

 

If you make a global search, all computers are listed with the parent group "computers" making difficult to know where really are located

 

Thanks.

Share this post


Link to post
Share on other sites
lincf   

Why policy and task Inherit from parent group, which set rule are different ?

 

can group task follow the same group other task?

 

client visible always more the policy 15 mins why?

which use SC9 don't have the same problem. had refresh MMC...

Share this post


Link to post
Share on other sites
Lovet1   

only question I have is since versions 8 endpoint release when are we (customers) going to be treated like customers and not test subjects. From Jan to April now to Aug fixes are always around the corner but a stable fully usable product has not been released. I started using Kaspersky when 6 was out and was told by sales that our next release will be way better. I have yet to use a version with all the monitoring in place because it slows the boot process down, slow the software down (even with exclusion list) etc. I just want a version that works WITH the Kaspersky Security Center. I have not been able to rely on it since 10 was released. Let us know what is really going on and if we are still customers to you. Cause I sure don't feel like one.

Share this post


Link to post
Share on other sites
jcdinpgh   

I'd like to see "OS restart" have an option to proceed only if no one is logged on locally. It would making reboots so much easier since I wouldn't have to manually check to see if someone is logged on and I could just force a reboot.

 

Share this post


Link to post
Share on other sites
Hi,

 

since th eKES 8 CF1 :

In the context menu of the application icon located in the Microsoft Windows taskbar notification area, the Pause protection option is no longer accessible if a Kaspersky Security Center policy is applied and active

 

it would be nice to get this option back with a password!

 

I definitely want this. We have many devs that need to disable protection sometimes for their projects, and this is really causing a problem.

Share this post


Link to post
Share on other sites
TnsScott   
Hi,

 

since th eKES 8 CF1 :

In the context menu of the application icon located in the Microsoft Windows taskbar notification area, the Pause protection option is no longer accessible if a Kaspersky Security Center policy is applied and active

 

it would be nice to get this option back with a password!

 

We would also like to see this capability added back into the product. In addition to needing to pause protection when doing installs and upgrades, it also is very valuable to be able to pause protection when troubleshooting various performance and other issues on the computer.

Share this post


Link to post
Share on other sites
khgiese   

I would like to see the local task schedules be set to manually, rather then every single deploy being on Monday at 7pm or having to use the outdated format of using the command-line.

Share this post


Link to post
Share on other sites

I second that. Allow the default scan tasks and update tasks to be set (or disabled) by either group tasks or through policy.

 

As well as that the bug fixes that I have that are curerently being looked at:

Not Scanned for a long time issue

RDP not working at all from admin console

"Force download of the installation package using network agent" not working

Wake on Lan sometimes shutting down Server 2003 File Servers

Update Source being Kaspersky Security Center rather than the Lab servers or directly from a shared folder.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×