Jump to content
Alexander Ilin

Suggestions for Kaspersky Security Center 10. [In progress]

Recommended Posts

Forgive me if I have posted this in the wrong forum as my suggestion is related to Kaspersky Security for Microsoft Exchange Servers. I would like to see the ability to add the senders email address/domain/IP address to the white list directly from the backup node. Currently, you have to switch between the backup node to see what emails have been quarantined, then go back to the server protection node to add the exception. Being able to right click a quarantined email and add it to the white list would save a LOT of time!

 

Thank you for your consideration!

Share this post


Link to post

Hello,

 

I don't know if it has been reported or not so.. Another thing reported by our clients is each time they need to add nodes to their license they receive a new key file with X nodes. After some months they have 3-4 keys as the SMB/startups grow fast and it's difficult to manage those keys with the computers reinstallation and new ones, ... I think it isn't very complicated for a company like Kaspersky to have a license system based with only one key and the restrictions can be updated online or something like this?

 

Thank you in advance for your reply

 

Have nice day

 

BR

Share this post


Link to post
Kindly give us a option of auto update all new patches and new version of console and workstation kasper versions in my kaspersky console (Because every time download big setup from kasper sky website for console update) , new button (Check for Update) check here new version and patches if available then download and proceed for updation.this is my suggestion. if i said right then do this.

Share this post


Link to post

Please add icon animation in system tray for ver. 10.2.4.674 , as in ver. 10.2.1.23. via patch or via new version.

Thanks.

Share this post


Link to post

This is more a general problem:

Fortiguard offers a great possibility to request web control category change if this is wrong.

Since we use the web control module by Kaspersky, this happens very often to us and causes a lot of work in a >7000 user environement. Often common sites likes amazon or news sites are rated as casual gaming or weapons (??).

See here the fortiguard solution: https://fortiguard.com/webfilter

 

I would like to see such a feature for Kaspersky since the current solution using a companyaccount is absolutely unsufficient, same for setting up an email to newvirus@kaspersky.com.

This is something that is simply not working in a company environement. Please add a web based solution for this.

 

Supporters for this request are welcomed!

 

Share this post


Link to post

Hello,

 

After confirmation from Technical Support about a fixed optimization related to the backup process, we are adding here a request for feature: "Allow to define in the server backup task the option to do (or not) disk space de-allocation when using SQL Server".

 

Extended details available in https://forum.kaspersky.com/index.php?showtopic=349269

 

Regards.

Share this post


Link to post

It would be great if add the detailed audit logs of administrators activity in the KSC. In the current version you just get administrator/user modified the Policy and that's it, but what was modified in the policy remains the mystery.

 

Role based Access in the KSC is meaning less if the detailed audit logs are not available.

 

 

Hope you consider that before commercial release.

Share this post


Link to post

I am using KSC 10.2.434 Patch D to deploy KES 10 SP1 MR2. It works fine but when the target computers (system) hard disk is full, the installation task terminates and throws a general “fatal error”.

 

In this case, the following return code is thrown: 1603=Während der Installation ist ein fataler Fehler aufgetreten.

 

It would be nice to have an own error code which indicates that the hard disk is (almost) full and KES cannot be installed.

Could you please add such a hard disk fill level check to the installation process?

 

see https://forum.kaspersky.com/index.php?showtopic=349465

Share this post


Link to post

- in installation tasks it is possible to add a user that will be used for installation on target computer. Would be nice to save some user and passwords to choose it in this step

 

- when adding an automatic installation to a group it would be nice to add an user to this task that has admin rights on the computer

 

Share this post


Link to post

It would be nice to be able to optionally track the “return code” of own “installation package for specified executable file” (especially for own scripts).

 

For example: “return code” not equal to 0 (or less than 0) should be considered as failed (as it is done at Kaspersky Lab applications).

 

This “return code” track feature should be optional, because maybe some provided setup.exe or other applications could always return codes not equal to 0 (but the application finished successful).

Share this post


Link to post
It would be nice to be able to optionally track the “return code” of own “installation package for specified executable file” (especially for own scripts).

 

For example: “return code” not equal to 0 (or less than 0) should be considered as failed (as it is done at Kaspersky Lab applications).

 

This “return code” track feature should be optional, because maybe some provided setup.exe or other applications could always return codes not equal to 0 (but the application finished successful).

 

it already exists, see implementation guide page 51: http://docs.kaspersky-labs.com/english/kas...implguideen.pdf

Share this post


Link to post

Thanks to Tybilly.

I tested it and it works as expected.

 

summing up: Just add the following lines to kpd/kup File on the KL Share (folder of specific task):

[setupProcessResult]

Wait=1

Share this post


Link to post

Hi, my suggestions:

 

- easy plugin management (especialy uninstallation of old/unused plugins)

- configuration file removal of Installation package (now the package has to be recreated when I don't want to use cfg file)

- better patch management - when new patch appears in repo simply tick it and decide if create a new task or use present (Update) with selection of wich group/PC apply

 

BR

 

Share this post


Link to post

Hi,

 

Currently, in Application registry we can create an application category by device type, which means just "removable devices". Is should be useful if we could distinguish between removable devices, like usb pendrives and cd/dvd drives.

For example, we would like to allow to run an application from DVD disk (a special app for MRI device) but nothing from pendrives.

Thanks!

 

BR

Share this post


Link to post

Hi

 

currently, when someone creates a computer selection with more conditions, the conditions get linked automatically with OR. It would be nice to also be possible to link them with AND (so that I can select between OR and AND).

 

For example:

One condition could be "Computers with Adobe Flash Player installed" and another one could be "not Version 21.0.0.213" -> all computers which do not have the latest Flash Player. (=condition 1 AND condition 2)

Currently I have two conditions: "computers with Flash Player Version 1*" or "computers with Flash Player Version 20.*".

 

Share this post


Link to post
Hi

 

currently, when someone creates a computer selection with more conditions, the conditions get linked automatically with OR. It would be nice to also be possible to link them with AND (so that I can select between OR and AND).

 

For example:

One condition could be "Computers with Adobe Flash Player installed" and another one could be "not Version 21.0.0.213" -> all computers which do not have the latest Flash Player. (=condition 1 AND condition 2)

Currently I have two conditions: "computers with Flash Player Version 1*" or "computers with Flash Player Version 20.*".

 

Hello,

suggestion № 3897.

Thank you.

Share this post


Link to post

Hello everybody!!! :bt:

 

In installation window of standalone packages, when happens errors in the local installation.

The system create a log errors in %temp% on c:

i suggest to be created a link for better access this file, because there are users with many difficulties to find this file

Or create a "save button" for the file be created and saved in desktop screen of computer

post-537632-1462825725_thumb.png

Share this post


Link to post

Hi,

 

-The task wake on lan can not be scheduled periodically and the check of perform tasks not performed can not be unchecked

 

-If i program a task of memory scan after the computer is on with wake on lan it doesn't work. It starts after

finishing the task creation and the check of "start the task after finishing the task creation" is not marked.

 

BR

Share this post


Link to post

Hi

 

I would also appreciate if "tasks for special computers" can be scheduled periodically.

There is a workaround to use "When new updates are downloaded to the repository" (but it should be possible to define it every hour/day/week and so on) or to use KSC automation (rather difficult for non programmers).

This can be useful for tasks which apply on computer selections (which apply on a special computer tag).

 

 

I would like to make a suggestion about inheritance.

 

My aim is to reduce the amount of policies of KES product for simplicity.

Current functionality (as I understood that): In order to do that, I have to put one general policy within “managed computer” and open all the locks (so that these settings can be overwritten by sub- policies). The locks currently also control if the user on the Endpoint can change settings (which should be denied) so I have to add a policy within every subfolder where all the locks must be closed (Users should not be able to change anything and I would like to apply most of the settings from the main policy).

 

It would be nice if that can be changed so that I only have to create a new policy within a subfolder if I want to change anything. The double functionality of the lock should be divided into two symbols.

Example: The main policy defines for example that the new Badlock USB Feature is generally disabled, but computers within one subfolder should get that feature and therefore the folder contains a Policy which enables that (but gets all the other settings from the main policy).

In order to make it easier to manage exclusions, it would be nice if the exclusions in the policy under “managed computers” and the exclusions within a policy in a subgroup can be combined (main exclusions + special exclusions for special computes).

 

Share this post


Link to post

Finetuning the "Network attack protection"

 

reference: https://forum.kaspersky.com/index.php?showtopic=351331

 

I lately ran into the following problem (only brief description): We are running a email server (for many years without problems), with KES10 as firewall/virusprotection included. Starting this weekend, suddenly various users (including me as the administrator) were blocked from accessing their email accouts through IMAP, POP3, SMTP. In my case, I was also blocked from connecting to the server by RDP to troubleshoot the issue!

 

After a lot of research, I found that KES10 "network attack protection" blocked us due to a "Intrusion.Generic.IMAP.COPY.buffer-overflow.exploit" as a "false positive"

 

Shortterm solution was to "deactivate" the "network attack protection", but I like to reactivate this protection of course, but the "finetuning" of that functionality seems to be targeted only at "allowing certain IP addresses".

I would rather prefer to exclude the "Intrusion.Generic.IMAP.COPY.buffer-overflow.exploit" on the relevant port, as we cannot predict wherefrom (in terms of IP adresses) legimit users like to connect to the mailserver.

 

Share this post


Link to post

I have new information for post #251 and suggestion 3913:

Basically, the (lately introduced) policy profiles do the job for me:

Small changes can be overwritten when the lock is closed according to for example computer tags

All the other settings are the same like the main policy

Several policy profiles can be combined as long as different settings get overwritten (for example one enables usb stick scanning, the other one enables bad usb protection, …)

The only thing which does not work at the moment is to combine exclusions. The exclusions get overwritten at the moment (by a policy profile) and if several profiles are defined (with exclusions), the first one wins.

 

It would be nice if exclusions would be combined (main policy and policy profile and different policy profiles).

This could be for example interesting if one has different applications with different exclusions. In this case, a computer tag for one application can define if the corresponding policy profile (which implements the exclusions for that application) will be used. The main profile includes the default Microsoft exclusions and the applications, which are installed on every computer.

 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.