Jump to content
aalbrecht

Help Setting up Light Agent & SVM [In progress]

Recommended Posts

I have 5 thin client test VDIs I'm trying to setup with Kaspersky but am running into some problems.

 

Issue 1) Last week I deployed the SVM OVA and ran through the setup wizard from within KSC. I also made sure to install the necessary plugins for KSC. After the SVM setup it looked like it was fine, but then today when I opened up KSC it was showing as if it was powered off. I rebooted the SVM virtual PC and now it looks okay again - I'm not sure why it did that but I'm a little worried I might have to frequently reboot the SVM.

 

Issue 2) Last week I also installed Light Agent 3.0 and Network Agent 10.2.434 on the VDI master image. I've double checked on the network agent that both "Enable dynamic mode for VDI" and "Optimize settings for VDI" are checked.

I moved the VDI master image to my IT group for testing, but as soon as I reboot or shut down the master image KSC moves it back to "unassigned devices". Is this expected behavior? I also read something in another post that the VDI thin clients themselves don't need to be in any group, but I'm assuming at least the master does, correct?

 

Issue 3) Finally, if I start the master image Kaspersky shows its protection as being off. It also won't download any updates from the SVM, and Light Agent on the master image doesn't say that it is working under a policy, even though the network agent appears to be working. If I run klnagchk it appears to be running, but does say protection is off. Should the "current server" be KSC or the SVM server? The master image is currently showing KSC which is what I'm assuming it should be.

 

Any ideas?

 

post-537793-1459816250_thumb.jpgpost-537793-1459816269_thumb.jpg[attachm

ent=350193:ProtectionOff_02.jpg]

post-537793-1459816283_thumb.jpg

Share this post


Link to post

Hi,

 

What version of products do you use?

According screenshots you don't have a key deployed, can you clarify?

Could you please provide us a screenshot of management plugins installed?

 

BR

Share this post


Link to post
Hi,

 

What version of products do you use?

According screenshots you don't have a key deployed, can you clarify?

Could you please provide us a screenshot of management plugins installed?

 

BR

Kasp Security Center 10.2.434

Kasp Light Agent MR2 3.2.0.381

Kasp Light Agent MR2 Protection Server 3.2.63.0

Kasp SVM OVA 3.2.99.5024

Network Agent 10.2.434

 

I did just try to run a task to activate the gold image but the task results just say "modified" and the gold image still doesn't show a key installed. Oddly there doesn't appear to be anyway to manually add the key from the gold image either. But even without the key it should at least say I'm running under a policy shouldn't it?

 

Here are my KSC plug-ins:

post-537793-1459869153_thumb.jpg

Share this post


Link to post
Kasp Security Center 10.2.434

Kasp Light Agent MR2 3.2.0.381

Kasp Light Agent MR2 Protection Server 3.2.63.0

Kasp SVM OVA 3.2.99.5024

Network Agent 10.2.434

 

I did just try to run a task to activate the gold image but the task results just say "modified" and the gold image still doesn't show a key installed. Oddly there doesn't appear to be anyway to manually add the key from the gold image either. But even without the key it should at least say I'm running under a policy shouldn't it?

 

Here are my KSC plug-ins:

KSC_Plug_ins.jpg

 

Hello,

please perform the task of key deployment.

Thank you.

Share this post


Link to post

I've run the key deployment task multiple times but it's not doing anything. Is there a way to manually add it to the gold image?

 

Any idea how to stop KSC from removing the gold image from its group? Everytime I restart or shut down the gold image KSC takes it out and I have a feeling this is why the tasks aren't working.

 

Shouldn't I have an "Add a key" option for Light Agent in the task wizard? I only have this for the protection server, but Light Agent only gives me 'Change application components', 'Inventory', and 'Virus Scan' options.

post-537793-1459876017_thumb.jpg

Edited by Aaron775

Share this post


Link to post
I've run the key deployment task multiple times but it's not doing anything. Is there a way to manually add it to the gold image?

 

Any idea how to stop KSC from removing the gold image from its group? Everytime I restart or shut down the gold image KSC takes it out and I have a feeling this is why the tasks aren't working.

 

Shouldn't I have an "Add a key" option for Light Agent in the task wizard? I only have this for the protection server, but Light Agent only gives me 'Change application components', 'Inventory', and 'Virus Scan' options.

TaskOptions.jpg

 

You must deploy a key to SVM and not to light agents.

Thank you.

Share this post


Link to post

I have deployed the key to the SVM and it shows it is a success, but the light agent on the master image doesn't seem to get it from the SVM. The master image can ping the SVM, but I'm still confused how the Light Agent on the master image is supposed to know what the SVM's IP is.

 

I just uninstalled and reinstalled LA and network agent from the master image, I couldn't get it to deploy from KSC so I had to create a stand alone image but I made sure it included the license key. Same thing, it installed but says there is no key and it doesn't show as being under any policy.

Share this post


Link to post

Is there anyway to test that the VDI clients are able to connect with the SVM? Do the light agent clients get the SVM IP from the network agent?

Share this post


Link to post

Hi,

 

I have deployed the key to the SVM and it shows it is a success, but the light agent on the master image doesn't seem to get it from the SVM. The master image can ping the SVM, but I'm still confused how the Light Agent on the master image is supposed to know what the SVM's IP is.

 

I just uninstalled and reinstalled LA and network agent from the master image, I couldn't get it to deploy from KSC so I had to create a stand alone image but I made sure it included the license key. Same thing, it installed but says there is no key and it doesn't show as being under any policy.

 

You probably have an issue with multicast protocol, which is being used by the SVM to inform Light Agent about their existence on the hypervisor.

Read more about this here: http://support.kaspersky.com/10811

 

Is there anyway to test that the VDI clients are able to connect with the SVM? Do the light agent clients get the SVM IP from the network agent?

 

You can have a look at the main GUI of the Light Agent and click on the "Technical Support" link. The new window should display if there is no connection or the IP address of the SVM which Light Agent is connected to.

If you can't enable multicast protocol on your virtual infrastructure for some reasons, then you have 2 options:

1- Bind Light Agent with the IP address of the SVM by modifying the corresponding registry key (see admin guide). Keep in mind that, by doing so, you will loose high availability of scan service and fault tolerance.

2- Wait for the release of the next version of KSV Light Agent (3.0 SP1), this should happens next week and offer new way of connecting SVM with Light Agents where multicast can't be used.

 

Hope that helps.

Edited by Tybilly

Share this post


Link to post

I figured out why the VDIs couldn't contact the SVM, I assumed the SVM IP address was provided via the network agent so the VDIs would know where to look, but instead a broadcast message is used. So in my case, if the SVM is on a different subnet then the VDIs will have no way of finding where the SVM is. Using a broadcast message to find the SVM seems like an odd option, is there any reason why the SVM IP isn't just provided via the network agent so they can be on different subnets? Will I need a different SVM for each subnet?

 

I'm also running into a separate issue that is making me want to pull my hair out - but every time I shut down a VDI KSC creates a duplicate in the 'Unassigned' section, and the restarted VDI will now be placed in that unassigned section - meaning that the restarted VDI no longer has a policy applied to it. What makes this particularly confusing is that the original VDI still shows up in the group it was manually put into, but KSC shows its agent as being offline, when in reality there is a duplicate in unassigned.

 

I've noticed KSC has a tendency to remove or duplicate devices and send them to unassigned. I'm not sure if this is a bug or what, but it's very annoying!

Edited by Aaron775

Share this post


Link to post

Hi,

 

You're right, in current version you need to use broadcast to find SVM. You can create a request in CompanyAccount to get a beta version of KSV3SP1 where this function will be implemented. But prior please tell us a hypervisor version you use.

 

The problem with duplicates is because incorrect installation of Network Agent.

Please check this guide (pgs. 48-49)

 

BR

Share this post


Link to post

I do have "Enable dynamic mode for VDI" and "Optimize settings for VDI" both checked in my network agent's install for the VDI clients as mentioned in the guide, other than that I can't figure out what I'm doing wrong.

 

I'm going to create a new installation package from scratch....where can I download the latest Network Agent? The version I have is 10.2.434 which I believe is the latest version, but I'd like to download a fresh copy anyway just to be sure. I did notice I was using an older version of Light Agent, I was using version 3.2.0.381 instead of the latest 3.4.4.194...so I hope maybe that resolves my issue. But I suspect the issue has to do with the network agent so hopefully rebuilding the installation package fixes it.

 

I can't seem to find the link for downloading the network agent by itself, or is that normally included with KSC?

Share this post


Link to post

Hi,

I can't seem to find the link for downloading the network agent by itself, or is that normally included with KSC?

 

Yes, Network Agent package is included at KSC package.

Share this post


Link to post

I just reinstalled a new SVM, created new policies, tasks, etc and reinstalled Light Agent on the VDI master image and I'm running into the same problem as before; After a VDI reboots KSC creates a duplicate in 'Unassigned' with some random numbers appended to the end. This new VDI in "Unassigned" seems to be associated with that VDI, while the original that I put in the VDI Group isn't - with it saying the agent is off.

 

The end result is that the rebooted VDI clients have Kaspersky Light Agent running, but no policy is applied since it's basically sitting in the "Unassigned" group.

 

Any ideas?

Share this post


Link to post

Hi,

 

In that case could you please create a ticket in the CompanyAccount and provide there a virtual machine?

Please tell us a number of the incident created.

 

BR

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.