Jump to content
Alexander Ilin

Suggestions for Kaspersky Security Center 10. [In progress]

Recommended Posts

When you delete items in "Unprocessed files" in the KSC it should delete those same unprocessed files on the workstation. Currently it only deletes the items from the console view but leaves the actual files on the workstations which makes no sense at all. Why would you do that? We are seeing about 5,000 'Unprocessed files' a week! Probably the same files over and over since they are never actually deleted by Kaspersky at the workstation. The unprocessed files are mostly in users Google Chrome extensions directories it seems. I can't go to hundreds of computers to delete these thousands of files manually. Please fix this issue so that Kaspersky KSC can be set to auto delete certain types of unprocessed files that end up as 'Unprocessed files' in the KSC or make Kaspersky KSC delete the 'Unprocessed files' on the workstation when you delete them from the KSC console. 

Share this post


Link to post

Yes that is so annoying when I can't get Kaspersky to delete a bad file remotely.  I had to manually remove those google extensions on dozens of laptops!

Share this post


Link to post

Hello,

Kindly add the  functionality where endpoint user cannot disable Network agent service from services.msc even if he is an administrative user.we can set the password where user cannot remove network agent but sometimes user simply disable the service of network agent.

Share this post


Link to post

Kaspersky apparently only scans   RAR, ARJ, ZIP, CAB, LHA, JAR, and ICE  archive files according to the help files. 

Please add 7zip scanning. It is one of the most used archive programs these days.

Share this post


Link to post

Under General Protection Settings, Objects for Detection, we need more selectable options under the adware section, such as....      1. Toolbars  2. Downloaders  3.Admin tools

The 'Other' is not much use in a large enterprise environment as-is since it includes admin tools. So we can't currently remove nasty toolbars, downloaders, etc.

Share this post


Link to post

Hi guys.

Can you add some options to see the Name of device, IP, OS,  Vendor, Hardware Configuration, Installed Software, etc in the same report please ?

In the attached report as an example I don´t know which devices Adobe is installed.

 

Spasibo.

Report.png

Share this post


Link to post

Hey guys,

it would be great if there was an alert message, poped-up when the user tried to shut down the machine during the execution of tasks, such as updates for example. Nowadays there's a problem to keep system management module working once user forgets about the updates.

Thanks in advance,

Valter Generoso.

 

Share this post


Link to post

Hi guys,

It would be better if there was a way to set the final cowntdown to reset the device under a task. Today we are able to set both the amount of time between the warnings and the time before shutdown, but when the second one is over, it takes only sixty seconds to the shutdown, and we could be able to increase this time.

Thanks in advance,

Valter Generoso.

2018-04-09_10-38-40.jpg

Share this post


Link to post

We need better options for assigning Update Agents. In a large enterprise the available options are very problematic. The auto-assign creates bandwith issues, as it isn't smart enough to select computers in the same IP network or same KSC computer group as the auto assigned update agents. I see computers in Texas updating computers in Florida on a completely different network. The manual assign option takes forever to define update agents if you have many KSC management groups and is not dynamic if computers leave the network. 

1. A good option would be a check mark available on the properties of each KSC computer management group to allow dynamic auto assign of update agents from only the computers in that KSC group it belongs to.

2. Another good option would be an 'Update Agents' selection on the properties of each KSC computer management group that listed all computers in that group and you can put a check mark on computers to be uses as update agents only for computers in that KSC group.

Edited by FLTech

Share this post


Link to post

dear kaspersky,

i will give my suggesstion about your product, the first think is "Better Management" :

1. Uninstall kaspersky without restart (so i can reinstall the kaspersky ASAP and notified to user for restart)

2. i hope the uninstall technology same as KAVREMOVER (very clean with no trace behind)

currently i manage over 3000 - 5000 user at the same time and the most problem when i want to reinstall kaspersky (kaspersky cannot initialize at first running) and many error (unload from ram etc wat ever) => please fix this.

regards,

MMW

 

Share this post


Link to post

MS Bitlocker

It would be VERY usefull if KSC could report on the encryption status of a device when it is encrypted with Bitlocker via AD GPO and not via Kaspersky Bitlocker Policy. 

 

This is because the Kaspersky BL policy is incompatable with MS Bitlocker Network Unlock. MS Bitlocker Network unlock is VERY usefull in corporate environment as it allows us to WoL PC;s in th enight to perform updates etc and on-boot the PC's will auto unlock using the network (no PIN required for BitLocker)  Only when the PC is removed from the corporate network is a PIN required. 

We have tested this with Kaspersky encruption policy and it works i.e. it will network unlock after Kaspersky implements the switchign on of encryption and PIN entry but kaspersky always reports a policy problem eventhough the disk is 100% encrypted. 

So either:

1) Amend the KSC policy so you can use AD Bitlocker Network Unlock

2) Provide a reporting mechanish whereby Kaspersky can show the OS disk encryption and its status (for GDPR reporting).


thanks

Share this post


Link to post

I would appreciate if you can support me by indicating how I can filter Kaspersky Security Center only laptops since I want to create a directive so that they can update their database when they are out of my network.

Thank you.

Share this post


Link to post

Reboot messages from Kaspersky installs should have a count-down time left until reboot. So as the user snoozes the warning prompt they know how much time is left before the reboot is forced. The current software I am using SP2, MR2 only has ability for one message and it does not indicate the actual time left until reboot. So user's may get a surprise reboot if they keep snoozing the prompt. For example, I would like something like this to be available:

Your Kaspersky administistrator has installed an update to your computer. Your computer will reboot in 120 mins. (Snooze or Reboot Now?) 

Your Kaspersky administistrator has installed an update to your computer. Your computer will reboot in 100 mins. (Snooze or Reboot Now?)

Your Kaspersky administistrator has installed an update to your computer. Your computer will reboot in  80 mins. (Snooze or Reboot Now?)

This issue may have been mentioned before, but there are too many pages to read through. Thanks

Edited by FLTech

Share this post


Link to post

SP1-MR2 and SP2-MR1  issue. Maybe other versions as well.

I really need some sort of auditing in the local workstation event log to show how/why or who disabled the Kaspersky. We have small number of random computers show up with disabled Kaspersky and there is no way to know how or why it is disabled. Is a user doing it? Is sleep mode? Some other cause? Some Kaspersky A/V protection can be remotely started again. Some can't.

Desired log examples..

1) User domain\username disabled/stopped Kaspersy A/V with the authorized disable login/password
2) Kaspersky is now disabled/stopped. Last known Kaspersky A/V state before OS sleep or suspend mode was enabled/running.
3) Kaspersky services not started after reboot for unknown reason.
4) Conflicking software  xyz  caused Kaspersky A/V protection to stop.
You get the idea,  whatever can be detected for a reason that Kaspersky A/V stopped would be helpful...

 

Share this post


Link to post

Hi team!

It would be nice if we had a way to set a time window or several time Windows at System Management for the cases when KSC is unable to start or complete an update. Using the "run missed tasks" flag sometimes slows down the computer on a critical business hour.

Thanks in advance,

Valter Generoso

Share this post


Link to post

When it comes to reporting I would like to see is a better integration with Kaspersky for File server. For example:

Show all the information of Log inspection and File Integrity events - at the moment you see that event is logged in Security Center but you have to open the local server to see any meaningful information about the event contents. Currently you see that event is logged but there's no quick way to see what's it about. There should be a way to access event contents directly from KSC.

Also it would be great if there would be ability to create reports on File Integrity monitoring to see all the files created and modified during certain time frame with all the user info of who created the files and when. 

 

SecCenter.PNG

ServCenter.PNG

Share this post


Link to post

I would LOVE a report that shows me who does not have Kaspersky AV installed on my network.

I have AD Scanning turned on

Kaspersky knows about every computer in my Domain

I can setup a Tagging Rule for Network Agent Not Running - which will also include those that do not have a network agent, and then create a report based on Tags - and this is a decent measure of who does not have KES installed, but not 100%.... a lot of times I find that KES is installed, but the network agent is broken, or not reporting into the KSC (again).

If you know the name of every computer on my domain, and I have it listed as what should be a 'Managed' computer - then tell me that it doesn't have AV Installed so I can get a good report out to my local admins all over the world for what they should be looking to fix.

There HAS to be a way for me to pull this information from Kaspersky - maybe I'm writing my query wrong?  Maybe there is already a report and I"m just not finding it?

I know you cannot get a report from a new computer on the domain (someone got a new laptop, joined it to the domain, but didn't get Kaspersky Endpoint Security or Network Agent installed on it yet) - but I should be able to get a report that says "Hey, your AD Scanning just found this new PC and we have NEVER gotten a report from it about its status.... maybe someone should look into that'

Share this post


Link to post

1. Support for Wildcard SSL certificates on the MDM platform please. All enrollment links for profiles come through as https://*.exampledomain.com/123456789 which is useless. There is no mention of this limitation on the Kaspersky documentation.

2. A simple report showing devices with all available updates applied and ones with updates required. The existing reports show this but can be hundreds of pages long as they list each and every updates/vulnerability separately.

thanks

Edited by stevmorr

Share this post


Link to post

1. When a master KSC connects to a a slave KSC, allow administrator to define the NIC used to contact said slave KSC server, currently KSC blindly uses default route and potentially fails because the server cannot be contacted using default NIC.

2. Allow to choose NIC used to download definition updates from KL servers.

3. Allow to choose NIC used to download MS updates.

Share this post


Link to post

Hi,

 

i have upgraded my  client windows10 build 1803 after that my endpoint showing malfunction and protection off. unable to do any thing from administrative console.

kaspersky version 10.4.343.

 

error attched.

 

please replay ASAP

 

Thank you

 

 

 

kaspersky error.odt

Share this post


Link to post

Hi team,

Please improve the way KSC System Management deal with updates and vulnerabilitie fix. There is tons of customers complaining about the growing of temporaries folders placed on ProgramData, when using SM. I've opened a support ticket INC000009446569 and got a feedback saying that:

"Hello.

Usually no longer required Windows updates will be deleted within 30 to 60 days from installation date.
There is currently no easy way to remove updates from workstations."

Well, if you are talking about a fresh Windows installation these folders can be over 40GB!

Thanks in advance.

Regards,

Valter Generoso.

Share this post


Link to post

Please give me an option to uninstall previous Kaspersky version itself instead of give me an error of "Please uninstall it before installing XXX" when I deploy KES into out clients, thanks.

Edited by HserHK

Share this post


Link to post

How about integrating LAPS Local Admin Password Solution into your deployment model. Companies are moving away from having one account with rights to deploy to computers. Too vulnerable. 

 

https://technet.microsoft.com/en-us/mt227395.aspx

Share this post


Link to post

Need to be able to set computer status to Critical (or) warning if this error is found in the dat update task:     Not all components were updated
 

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.