Jump to content
  • Announcements

    • Rodion Nagornov

      Долгое сохранение сообщений || Delays while posting   09/20/2017

      По техническим причинам возможно визуально долгое отправление сообщений на форуме. Фактически ваше сообщение публикуется мгновенно - долго отрабатывает графика. В случае подобной ситуации, пожалуйста, сначала обновите страницу (F5) и проверьте, появилось ли ваше сообщение. Не пытайтесь сразу отправить его заново.  || Due to some technical reasons visual delays are possible while message sending. Actually your message is published immediately - just interface works long. In such case, please, do not re-send your message immediately! Press F5 to reload the page and check if your message/topic is published.
Alexander Ilin

Suggestions for Kaspersky Security Center 10. [In progress]

Recommended Posts

Hi,

 

since th eKES 8 CF1 :

In the context menu of the application icon located in the Microsoft Windows taskbar notification area, the Pause protection option is no longer accessible if a Kaspersky Security Center policy is applied and active

 

it would be nice to get this option back with a password!

 

I definitely agree. I would also like to see a way to control pausing protection. There are three options right now when I disable my policy. Pause for a set duration, pause until next restart, and pause until resumed. If we can control these three options, that would be amazing. Such as limiting how long a set duration can be paused for and graying out the other two options.

 

My reasoning for this is some of our users are not very technically smart so enforcing anti-virus and firewall to stay on at all times but allowing users to build exceptions to the list can be way over their heads. When a program needs to be installed, downloaded, or just accessed and Kaspersky has a false-positive, it can be a pain to get them access. A few of our users are traveling, including myself sometimes, and our environment is pretty relaxed since many people need to install different programs for the projects they are working on.

 

With allowing users to pause protection, it will give them ability to access files that they mean to access with little to no technical knowledge. If we can control the options within the pause protection feature, I could limit the pause duration time to 15 minutes and gray out the other options. This will prevent users from just keeping Kaspersky constantly off since we know all users try their best to get around security measures =P

Share this post


Link to post
Share on other sites
Helmut   
Will CF1 allow Exchange 2010 SP2 compatibility?

Do you mean the centralyzed management of Kaspersky Security for Exchange within the KSC? I think not.

Share this post


Link to post
Share on other sites
kc_8002   

Suggestion

 

- For disk recovery there must be some sort of live cd which can be used to decrypt data without taking hard drives out of system as incase of laptops it's quite a mess to take drives out and place back after recovery. and there must be some sort of indication progress bar which showes how much encryption process has completed.

 

- support for blackberry like antimalware should be introduced.

 

- reporting section should be improved like Security Center should log the activities of kaspersky security center administrator and operators activity like who executed which task and who enforced or changed which policy and the time when it was changed

Edited by kc_8002

Share this post


Link to post
Share on other sites
Hi,

 

since th eKES 8 CF1 :

In the context menu of the application icon located in the Microsoft Windows taskbar notification area, the Pause protection option is no longer accessible if a Kaspersky Security Center policy is applied and active

 

it would be nice to get this option back with a password!

 

I am new KAS user and I am urgently missing this option.

Share this post


Link to post
Share on other sites
itsmarkk   

Fix the issues!

 

'Not scanned for a long time' error

'Protection is off' error

'There are unprocessed items' error

Installing KSC10 on a domain controller error

Pause Protection instead of having to turn off protection

 

I get tired of uninstall / reinstall to fix errors that end up just coming back a few days later.

 

Share this post


Link to post
Share on other sites
hvera   
I definitely want this. We have many devs that need to disable protection sometimes for their projects, and this is really causing a problem.

 

Same problem, we need devs pausing KES 10 protection option ASAP.

Share this post


Link to post
Share on other sites
I would like the same options to schedule all types of tasks (daily, weekly, every Nth..). In particular, the Start/Stop task type does not have these options, so I'm forced to add the start/stop tasks to another task's completion.

 

Thanks.

 

This is a big one. I have 180 endpoints and have no way to schedule when the tasks on the client machine run. Right now, all the clients use the default schedule which is awful (full scan every 3 days... users can't work under these conditions). Ideally, updates should be performed outside business hours so the slowness of the update doesn't impact productivity. Same for the full scan... the default setting should be once per month and only scan for new and changed files. You can create a group task in KSC, but this group task is in addition to the local scheduled tasks. So it essence, users complain because they have multiple tasks performing the same task. Basically what needs to happen is if KES is working under a policy, then all scheduled tasks should be controlled by the policy that is configured in KSC. Administrators should have full control over when endpoints update, when a full scan is performed, when the critical areas area scanned.

Share this post


Link to post
Share on other sites

I have about 30 groups setup and it would be nice to use the search box in the upper right hand corner of KSC10 to search for any computer using any search term and have the results be populated with the same speed and feel as Windows search. Sometimes clients get lost in the groups or you want to find one by computer name quickly. Using the existing search tool is too cumbersome. When managing hundreds of clients, search is an admin's best friend.

Share this post


Link to post
Share on other sites

Would love to be able to send events to my remote admins.

 

Currently events are configured by Policy. I have 2 policies...one for Computers and one for Servers. I also have sites all over the globe with admins at each of those sites. The way it is now I need a policy for every location (which means another place that needs to be updated multiple times if I have a change).

 

Would be nice if I could setup an event that gets mailed out every time a virus is found to whomever I wanted, not just to the address listed in the Event list.

 

THis is a feature we had in other vendors software, was hoping we would have it when we converted to Kaspersky.

Share this post


Link to post
Share on other sites
inv15   
since th eKES 8 CF1 :

In the context menu of the application icon located in the Microsoft Windows taskbar notification area, the Pause protection option is no longer accessible if a Kaspersky Security Center policy is applied and active

 

Yes please. Why is this disabled anyway? There could be an option in the policy to define whether this is allowed or not.

Share this post


Link to post
Share on other sites

Kaspersky does not ask for password to open the window (Endpoint Security 10). That is a big leak in the security as one can go through all the settings and see what rules are applied. Also, if the window is opened, if one can get the window to become unresponsive (happens quite easily on slightly slower systems), windows will ask to close the application as it is unresponsive, thereby crashing the AV. If one cannot open the window without a password, one cannot control its behavior.

Share this post


Link to post
Share on other sites
Kaspersky does not ask for password to open the window (Endpoint Security 10). That is a big leak in the security as one can go through all the settings and see what rules are applied. Also, if the window is opened, if one can get the window to become unresponsive (happens quite easily on slightly slower systems), windows will ask to close the application as it is unresponsive, thereby crashing the AV. If one cannot open the window without a password, one cannot control its behavior.

There is an option to disable the KES GUI.

Share this post


Link to post
Share on other sites
Caos   

About Kaspersky Security Center 10 SP1

 

http://forum.kaspersky.com/index.php?showtopic=307050

 

I don't really understand why you deleted the column Agent/Endpoint with the famous +/+

 

2 new columns "Agent installed" and "Agent running" are referring to "Network Agent" status and not about Endpoint installation :dash2: :dash2:

 

Regards

Share this post


Link to post
Share on other sites
About Kaspersky Security Center 10 SP1

 

http://forum.kaspersky.com/index.php?showtopic=307050

 

I don't really understand why you deleted the column Agent/Endpoint with the famous +/+

 

2 new columns "Agent installed" and "Agent running" are referring to "Network Agent" status and not about Endpoint installation :dash2: :dash2:

 

Regards

 

Hello,

did you ask this question in another topic?

Share this post


Link to post
Share on other sites
Caos   
Hello,

did you ask this question in another topic?

 

Hello.

 

It was actually organized like this in this version.

You can write about it in the suggestions for future versions.

 

Thank You for understanding.

Share this post


Link to post
Share on other sites
inv15   

Hi.

 

I have a report sent daily by KSC via email. It's the "Protection Status report". Very nice little report but has one major issue. I'm working in a company which has several PCs named "PC064", "PC908", "PC576", etc. In the report, the computer name appears 3 times ("Client computer", "NETBIOS name", "domain name"), however the Description of the computer (which happens to contain the name of the person using the computer) does not appear and cannot be manually added. :( Pretty disappointing...

 

I'm guessing this may be happening in other reports too. Please either add the Description field by default in all reports or at least give the user the ability to manually add it.

 

Thanks.

Edited by inv15

Share this post


Link to post
Share on other sites
xpreme   

Hi,

I have some suggestions which may be useful:

1) Possibility of installing Network Agent over an existing Network Agent (with the same version) without the need for uninstalling separately can be useful in some cases.

 

2) Protection deployment tasks need to be polished.

 

3) Possibility of creating a "task for specific computers" with no client. In other word, it should be optional to add clients to this task. After task is created we can delete its clients thus it can be optional while creating the task as well.

 

4) Creating a new task such as "Kaspersky User Account" with flexible options on clients in Workgroup environment so that protection deployment (specifically Network Agent) can be accomplished remotely through KSC 10 without annoying permission errors.

 

5) Possibility of deleting automatically-generated dump files on clients through KSC 10 or even on the client side.

 

6) Possibility of automatic creation of Tasks and Policies after installing a specific plug-in.

Share this post


Link to post
Share on other sites
xpreme   

7) Sometimes it is needed to reboot the system while installing KSC components (like windows installer 4.5). After reboot there is no automatic resume of installation. Hence, administrator has to start over the setup file!

Edited by xpreme

Share this post


Link to post
Share on other sites
inv15   
3) Possibility of creating a "task for specific computers" with no client. In other word, it should be optional to add clients to this task. After task is created we can delete its clients thus it can be optional while creating the task as well.

 

I have wished many times in the past this ability existed. I fully support it.

Share this post


Link to post
Share on other sites
fleon   

When using KSC to grant access to a user's removable drive, the documentation says to right click a computer, properties, then go to tasks, choose device control and from there click on the grant access button. This button doesn't exist on KES 10.2.1.23 clients, instead you need to right click on the computer and choose the autonomous mode option.

 

From a UI point of view this is a bug, because it's not in the documentation, and the info contained in the documentation works for other clients such as KES 8.1.

 

The UI should be the same , this should be fixed. I'm a programmer myself and i think you can internally map the button's function to the autonomous menu option if that's the only way to handle this, and it shouldn't be needed. Maybe you can fix this just in time for SP1.

 

See http://forum.kaspersky.com/index.php?showtopic=309531 for the post i made.

 

Also, as a suggestion, having to email the .akey back and forth it's cumbersome. Here's a simpler UI:

 

-The client just uses the "complain" button when they see the access denied error to request temporary access (change "complain" to "request temporary access")

-The administrator could use the "user request" option in KSC to grant the temporary access directly (this would be need to be implemented in that option, since right now that option doesn't offer much)

Edited by fleon

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×