Jump to content
Alexander Ilin

Suggestions for Kaspersky Security Center 10. [In progress]

Recommended Posts

Hi,

 

Could you please attach illustrating screenshots?

 

Thank You!

 

I can't because i already reinstalled KSC and make sure language packs are deselected before first WSUS sync :cb_punk:

Share this post


Link to post

Hello,

 

I think KSC should quit using the Microsoft MMC framework, which is an ancient GUI technology and results in a very complicated operator's user interface.

 

The new graphic interface should provide a webbrowser-like end user experience and the new Kaspersky centralized management system should be platform independent, supporting both Windows Server and Linux Server OS.

 

The separation of Network Agent from the protection product should be discontinued, because the current situation is very complicated for operators.

(For example: KL has released a Windows 10 compatible KES version, but it only works if you have already augmented KSC 10 with Patch_D and also updated the Network Agent on the endpoint computers. For other vendors, there is no need for 3 different steps to be taken.)

 

An external (possibly foreign) consultant should be called-in to advise on ergonomics improvements, because Kaspersky products are still too complicated and cumbersome to administer. Both the graphical UI clutter and the underlying logic of operation should be revised from the ground up. In the era of one-finger controllable Apple smartphones, the complexity of operating the equiavlent of a telex-machine cannot be popular with american or scandinavian customers, for example. Excellent protection technology is one aspect, but the quality of life for IT operations people also matters a lot.

 

A "lite" version of KSC or a cloud-based adaptation should be developed, because the current KSOS offering is too weak for the important and strongly growing SMB sphere IT-security market. (There is essentially no centralized management in KSOS, almost only the licences can be adjusted remotely without visiting the individual endpoint computers.)

 

The practice of distributing one full installation package of endpoint protection per each national language should be discontinued. It is a solvable problem to create a single installation package which incorporates templates for all supported languages and user can choose vernacular during the installation wizard. Users in the smaller languages, which are currently left behind 1-2 months, complain and feel unhappy about the delays. In most countries people are proud of their national language, so thus issue isn't just a development/financial decision, but also has PR/marketing importance!

 

Thanks for your kind attention, best regards: Tamas Feher.

Share this post


Link to post
It would be nice to have a function in the management console to rerun a task with only machines that failed or did not complete. Otherwise you have to go in and remove the client computers manually or kick off a new scan.

 

Hi,

 

A task settings allow to enable option to Run missed tasks which means it will try to run at a different time in case it was not started for some reason. There is computer selections option that allows to find particular machines for this reason. Do I understand correctly that this option is not good enough and you would like to add the extra feature?

 

Thank You!

Share this post


Link to post
Hi,

 

A task settings allow to enable option to Run missed tasks which means it will try to run at a different time in case it was not started for some reason. There is computer selections option that allows to find particular machines for this reason. Do I understand correctly that this option is not good enough and you would like to add the extra feature?

 

Thank You!

 

Correct. Is there an option to add like a "Redeploy" button? This would remove the machines that were successfully completed from the client computers list in the task and run on the rest of the machines. Maybe it could even have an option to redeploy on failed machines or machines that never began the task. Just a thought :)

Share this post


Link to post
Correct. Is there an option to add like a "Redeploy" button? This would remove the machines that were successfully completed from the client computers list in the task and run on the rest of the machines. Maybe it could even have an option to redeploy on failed machines or machines that never began the task. Just a thought :)

 

I have submitted suggestion 3531

 

Thank You!

Share this post


Link to post
Hello,

 

I think KSC should quit using the Microsoft MMC framework, which is an ancient GUI technology and results in a very complicated operator's user interface.

 

The new graphic interface should provide a webbrowser-like end user experience and the new Kaspersky centralized management system should be platform independent, supporting both Windows Server and Linux Server OS.

 

The separation of Network Agent from the protection product should be discontinued, because the current situation is very complicated for operators.

(For example: KL has released a Windows 10 compatible KES version, but it only works if you have already augmented KSC 10 with Patch_D and also updated the Network Agent on the endpoint computers. For other vendors, there is no need for 3 different steps to be taken.)

 

An external (possibly foreign) consultant should be called-in to advise on ergonomics improvements, because Kaspersky products are still too complicated and cumbersome to administer. Both the graphical UI clutter and the underlying logic of operation should be revised from the ground up. In the era of one-finger controllable Apple smartphones, the complexity of operating the equiavlent of a telex-machine cannot be popular with american or scandinavian customers, for example. Excellent protection technology is one aspect, but the quality of life for IT operations people also matters a lot.

 

A "lite" version of KSC or a cloud-based adaptation should be developed, because the current KSOS offering is too weak for the important and strongly growing SMB sphere IT-security market. (There is essentially no centralized management in KSOS, almost only the licences can be adjusted remotely without visiting the individual endpoint computers.)

 

The practice of distributing one full installation package of endpoint protection per each national language should be discontinued. It is a solvable problem to create a single installation package which incorporates templates for all supported languages and user can choose vernacular during the installation wizard. Users in the smaller languages, which are currently left behind 1-2 months, complain and feel unhappy about the delays. In most countries people are proud of their national language, so thus issue isn't just a development/financial decision, but also has PR/marketing importance!

 

Thanks for your kind attention, best regards: Tamas Feher.

 

Hi,

 

Suggestion 3532 was submitted.

 

Thank You!

Share this post


Link to post

Hello,

 

It would be good to have the possibility to create a task for updating the light agent client database.

Edited by Romain S.

Share this post


Link to post

Hi,

 

Could you please describe with more detailes for what purpose that should be done?

Isn`t it enough to let SVM to update light agent client database?

 

Or different clients should use different sets of databases?

 

Thank you!

Share this post


Link to post

Hi,

 

I want to suggest that clients with KES 10 installed, wont be able to write data on CD/DVD ROM but can read data from it.

Is it possible at all ?!

Share this post


Link to post
Hi,

 

Could you please describe with more detailes for what purpose that should be done?

Isn`t it enough to let SVM to update light agent client database?

 

Or different clients should use different sets of databases?

 

Thank you!

 

It's to when managing the KSC when seeing a client which hasn't got the database updated to update him from a task on the KSC

Share this post


Link to post

Hi,

 

Can you clarify Isn`t it enough to let SVM to update light agent client database?

 

BR

Share this post


Link to post
Hello,

 

I think KSC should quit using the Microsoft MMC framework, which is an ancient GUI technology and results in a very complicated operator's user interface.

 

The new graphic interface should provide a webbrowser-like end user experience and the new Kaspersky centralized management system should be platform independent, supporting both Windows Server and Linux Server OS.

 

The separation of Network Agent from the protection product should be discontinued, because the current situation is very complicated for operators.

(For example: KL has released a Windows 10 compatible KES version, but it only works if you have already augmented KSC 10 with Patch_D and also updated the Network Agent on the endpoint computers. For other vendors, there is no need for 3 different steps to be taken.)

 

An external (possibly foreign) consultant should be called-in to advise on ergonomics improvements, because Kaspersky products are still too complicated and cumbersome to administer. Both the graphical UI clutter and the underlying logic of operation should be revised from the ground up. In the era of one-finger controllable Apple smartphones, the complexity of operating the equiavlent of a telex-machine cannot be popular with american or scandinavian customers, for example. Excellent protection technology is one aspect, but the quality of life for IT operations people also matters a lot.

 

A "lite" version of KSC or a cloud-based adaptation should be developed, because the current KSOS offering is too weak for the important and strongly growing SMB sphere IT-security market. (There is essentially no centralized management in KSOS, almost only the licences can be adjusted remotely without visiting the individual endpoint computers.)

 

The practice of distributing one full installation package of endpoint protection per each national language should be discontinued. It is a solvable problem to create a single installation package which incorporates templates for all supported languages and user can choose vernacular during the installation wizard. Users in the smaller languages, which are currently left behind 1-2 months, complain and feel unhappy about the delays. In most countries people are proud of their national language, so thus issue isn't just a development/financial decision, but also has PR/marketing importance!

 

Thanks for your kind attention, best regards: Tamas Feher.

 

Those are really good suggestions, agree with you 100% :cb_punk:

 

Share this post


Link to post
Those are really good suggestions, agree with you 100% :cb_punk:

 

Hello,

there is a web-console that is platform-independent.

Thank you.

Share this post


Link to post
Hi,

 

Can you clarify Isn`t it enough to let SVM to update light agent client database?

 

BR

 

No sometime I need to do a manual task

Share this post


Link to post

It would be useful for me that update agent role would more flexible and intelligent.

Let me describe my problem.

 

I have defined a specific server in DMZ configured as Connection Gateway and Update Agent letting remote internet users connecting to Security Center even when they are out of office and be able to receive policy and whatever while they are out of office.

I have one group into the security center with all workstations and, for obvious traffic optimization, several update agent configured statically serving strategically all company sites.

 

My problem is that when one of this Workstations connects security center over internet (please note they switch to a different profile when they are out of domain) I'm able to see using netstat command that client try to contact randomly one of the update agent available for its group that for sure are not reachable from internet. This is obviously correct as long as the PC it is within the Corporate Wan but not so efficient when the user connect for instance from home. That PC try and try until it will contact the update agent is into the DMZ. Signature update might require minutes until the pc find the proper udpate agent.

 

I would like a way to configure the remote users to use a specific update agent while they are connecting from internet.

Moreover I would like that the connection profile may define a different synchronization interval to have a faster response for specific task when they connect remotely.

thanks a lot for your attention on my suggestion.

Riccardo

 

Share this post


Link to post
It would be useful for me that update agent role would more flexible and intelligent.

Let me describe my problem.

 

I have defined a specific server in DMZ configured as Connection Gateway and Update Agent letting remote internet users connecting to Security Center even when they are out of office and be able to receive policy and whatever while they are out of office.

I have one group into the security center with all workstations and, for obvious traffic optimization, several update agent configured statically serving strategically all company sites.

 

My problem is that when one of this Workstations connects security center over internet (please note they switch to a different profile when they are out of domain) I'm able to see using netstat command that client try to contact randomly one of the update agent available for its group that for sure are not reachable from internet. This is obviously correct as long as the PC it is within the Corporate Wan but not so efficient when the user connect for instance from home. That PC try and try until it will contact the update agent is into the DMZ. Signature update might require minutes until the pc find the proper udpate agent.

 

I would like a way to configure the remote users to use a specific update agent while they are connecting from internet.

Moreover I would like that the connection profile may define a different synchronization interval to have a faster response for specific task when they connect remotely.

thanks a lot for your attention on my suggestion.

Riccardo

 

Do you mean that external clients must address to hard-coded update agents ?

Thank you.

Share this post


Link to post

- Ability for exporting messages in Syslog format to external log management systems like Kiwi/SawMill/LogLogic/Splunk.

- Ability to integrate with SIEM solutions, other than Qradar, like ArcSight/Splunk Enterprise Security/Nitro.

- Ability to set logging levels with single drop-down for Global and for each modules/Add-In.

- Ability to export and import custom reports across KSC 10 deployments.

Share this post


Link to post
- Ability for exporting messages in Syslog format to external log management systems like Kiwi/SawMill/LogLogic/Splunk.

- Ability to integrate with SIEM solutions, other than Qradar, like ArcSight/Splunk Enterprise Security/Nitro.

- Ability to set logging levels with single drop-down for Global and for each modules/Add-In.

- Ability to export and import custom reports across KSC 10 deployments.

 

Hi,

 

Could you please clarify:

 

- Ability for exporting messages in Syslog format to external log management systems like Kiwi/SawMill/LogLogic/Splunk.

What messages are you talking about exactly?

- Ability to integrate with SIEM solutions, other than Qradar, like ArcSight/Splunk Enterprise Security/Nitro.

- Ability to set logging levels with single drop-down for Global and for each modules/Add-In.

Please provide us more details on this suggestion about how exactly it has to be implemented

- Ability to export and import custom reports across KSC 10 deployments.

What does it mean exactly? What is mean by custom reports and KSC deployments, what is the wished scenario in this case?

 

Thank You!

Share this post


Link to post
Hi,

 

Could you please clarify:

 

- Ability for exporting messages in Syslog format to external log management systems like Kiwi/SawMill/LogLogic/Splunk.

What messages are you talking about exactly?

- Ability to integrate with SIEM solutions, other than Qradar, like ArcSight/Splunk Enterprise Security/Nitro.

- Ability to set logging levels with single drop-down for Global and for each modules/Add-In.

Please provide us more details on this suggestion about how exactly it has to be implemented

- Ability to export and import custom reports across KSC 10 deployments.

What does it mean exactly? What is mean by custom reports and KSC deployments, what is the wished scenario in this case?

 

Thank You!

 

1. 'Messages'= 'Events' generated and/or captured by KSC.

2. The logging (from INFO to DEBUG) levels could be set under a Global Settings section within KSC which would be inherited (by default and can be further customized to stop inheriting these settings) the currently installed Add-Ins as well as any/all Add-Ins installed in future.

3. When a customer or partner creates new custom reports within KSC, these reports could be exported or simply copied from a particular folder location within KSC installation folder, for importing them for another deployment of KSC within the company or for another customer or even as a backup purpose. These exported/backup copies can be imported or restored at another KSC deployment or after fresh install/upgrade.

Share this post


Link to post
1. 'Messages'= 'Events' generated and/or captured by KSC.

2. The logging (from INFO to DEBUG) levels could be set under a Global Settings section within KSC which would be inherited (by default and can be further customized to stop inheriting these settings) the currently installed Add-Ins as well as any/all Add-Ins installed in future.

3. When a customer or partner creates new custom reports within KSC, these reports could be exported or simply copied from a particular folder location within KSC installation folder, for importing them for another deployment of KSC within the company or for another customer or even as a backup purpose. These exported/backup copies can be imported or restored at another KSC deployment or after fresh install/upgrade.

 

Hi,

 

1. It is possible to store events in event log

2. SIEM system export is available for QRadar along with ArcSight

3. Reports are based on the current situation thus there is no point exporting it to other KSC machines. Reports itself can be exported to a file that can be opened without KSC. Backup of KSC is a different thing and it is already available.

 

Thank You!

Share this post


Link to post

In Security Center, improve the ability to share policy settings across multiple policies for desktop clients.

 

In our setup, we have our Windows clients divided into six groups, and each group has two policies (Active and Out of Office), so twelve policies total. Having to maintain things like firewall settings, web control allowed site lists, and application privilege control settings takes a lot of time. Trying to implement something like your advice here in each policy would be very time-consuming (e.g. having to enter *.doc, *.docx etc in every policy): http://support.kaspersky.com/us/10905#block2

 

Policy inheritance is all or nothing and defeats the purpose of having multiple groups. The new policy profile settings could help, but they depend on our Active Directory groups, which are different from our Kaspersky groups.

 

So maybe some ability to choose which policy settings you can inherit, and override some in the child policies. Or maybe some library or repository of policy settings that you can link to any given policy.

 

 

 

 

 

 

Share this post


Link to post
In Security Center, improve the ability to share policy settings across multiple policies for desktop clients.

 

In our setup, we have our Windows clients divided into six groups, and each group has two policies (Active and Out of Office), so twelve policies total. Having to maintain things like firewall settings, web control allowed site lists, and application privilege control settings takes a lot of time. Trying to implement something like your advice here in each policy would be very time-consuming (e.g. having to enter *.doc, *.docx etc in every policy): http://support.kaspersky.com/us/10905#block2

 

Policy inheritance is all or nothing and defeats the purpose of having multiple groups. The new policy profile settings could help, but they depend on our Active Directory groups, which are different from our Kaspersky groups.

 

So maybe some ability to choose which policy settings you can inherit, and override some in the child policies. Or maybe some library or repository of policy settings that you can link to any given policy.

 

Hi,

 

There was a similar suggestion submitted related to applying a single list of trusted networks and other settings in Firewall for all policies.

 

We have submitted your suggestion as well with number 3698

 

Thank You!

Share this post


Link to post

How about adding more Relocation rule options depending on Kaspersky application version? For example, if client = KES 8 move to Managed computers\KES8, if client = KES 10.2.4.674 move to Managed computers\KES10MR2, if agent = 8.0.2177 move to Managed computers\Outdated, etc.

Share this post


Link to post

Please bring back the task you removed when installed on terminal servers(Citrix), especially the Mail Anti-Virus. This is a deal breaker for my business. The techs I have spoken to tell me it was removed because of issues, but I didn't experience any.

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.