ak01
-
Posts
257 -
Joined
-
Last visited
Posts posted by ak01
-
-
If that behavior is expected, it would be nice to have such a feature in one of the upcoming versions of KSE. However, it would be nice to have some sort of preview (list of mails which would be affected including From/To/Subject like in Backup), because when the keyword is too generic (e.g. company name, which is included in every signature), it would delete a lot of mails.
-
We use a connection gateway to manage computers outside the organization (KSC12.2). It works fine, however, if we would like to do desktop sharing, we have to activate “Do not disconnect from the Administration Server” and wait until the next sync period (max. 15 Min.) at least the first time.
https://support.kaspersky.com/ksc/12/en-US/13051.htm
I found the following information:
"KLHST_WKS_KEEP_CONNECTION"
Boolean
"Keep connection" flag – connection between host and administration server will be persistent if this attribute is set to true. Use with care – persistent connection took much system resources on server.
There may be no more than 100 hosts with this flag set.
Are the 100 hosts a hard limit or just an advice? What happens, if I activate that on 1000 computers?
-
It would be very nice if KSC MDM would also allow to deploy Miscrosoft PKI certificates to phones in order to access wifi networks (secured by 802.1x).
-
Does anyone know how this feature exactly work?
-
I used the new feature to block keywords (attachment and content filter) and it worked when an e-mail gets received. However, when a mail is already stored in the mailbox(es) and I do a manual scan, it seems that it does not use the attachment filter rules so that it does not find the blocked keywords/mails containing them. However, when the administrator wants to clear harmful mails within all mailboxes afterwards, it would be nice to be able to do that with a manual scan and such a keyword rule. Is this behavior as expected or a bug?
the rule:
manual scan:
nothing found ( but I sent a mail including that keyword and when I send that mail again after creation of that rule, it gets blocked):
-
normally not, but maybe you can ask for a test license at your kaspersky partner.
Which license do you have (select/advanced/total)?
see https://www.kaspersky.com/small-to-medium-business-security/endpoint-select
-
Could you please try KSWS11 on (one) server, just for testing (if that solves your issue)?
I habe hundreds of servers, all with KSWS (non with KES). KSWS is made for servers, KES for Clients/Workstations.
-
Have you also changed the AV on the server side? Did you use KES on the server? It is better to use https://support.kaspersky.com/ksws11 (KSWS11) for servers.
-
How does it exactly work? I have not found any additional explanation of that feature.
-
You can try do identify the process, which prevent the file change with process explorer. https://serverfault.com/questions/1966/how-do-you-find-what-process-is-holding-a-file-open-in-windows
You can also try to preview another pdf file and then switch back to the other one and make your change.
-
With process explorer you can see which process still keeps a handle (a file lock) on a specific file.
-
I think that the explorer keeps a handle on the last previewed file, even when it does not show any preview of that file anymore. In my case, it helps to preview another file in order to change something at the old file.
-
i mean right click on Systray Icon and Exit.
-
you could try to uninstall/install KES (I would suggest to use KES11.5, KES10SP1 is pretty old)
-
I think this is not a Kaspersky issue. Try to preview/mark another file and after that, try to rename/delete the previous one (I think the explorer keeps a handle on the last previewed file, even when you already highlight another file with no preview).
You could try to disable K and test it. If the problem does not occur in that case, try to disable single K components and so on (in order to find the component, which causes the issue).
-
Next step would be to disable each component and check if it works. When the component is found, which caused the issue, maybe there is an option for exclusions (maybe the WebAV or the “scan encrypted traffic” might cause that issue -> try to add an exclusion).
-
This does not really look like a Kaspersky issue/error message.
However, if you turn off KES temporarily, does the admin center work?
If yes, I would check scan encrypted traffic (put an exception for that server) or WebAV component.
-
-
Is it possible to deploy certificates from a Microsoft pki automatically to iOS devices in order to authenticate to 802.1x wireless networks (deploy a wifi profile and deploy an individual device certificate from a pki automatically)?
I found the possibility to do that for VPN and Active Sync, but not for wireless. Does it work?
When I configure an Active Sync or VPN profile, I can select certificate templates (“Zertifikatsvorlage”) for authentication, however, when I configure a wifi (WLAN) profile, I cannot select a certificate template (I guess that it only supports manually imported certificates).
I guess that this feature does not exist (yet) but it would be very useful for enterprise companies. Maybe you can consider adding that in the next KSC versions?
-
I found the announcement of the new feature “There is now protection against spoofing (faking the sender address for the purpose of concealing the actual author of an email message).” https://support.kaspersky.com/KS4Exchange/9.6/en-US/100302.htm
How does it exactly work? How does it recognize spoofed addresses? When it found a spoofed address, does it change the spam score (how does it look like for the user)? I have not found any additional explanation of that feature. Do I have to turn it on or is it turned on by default (where do I find the corresponding settings)?
-
The solution is to do it according to the manual. The laptops (wherever they are, they do not have to be member of the specific subgroup) should get a new agent policy. Within the agent policy, there must be a new network profile which points to the connection gateway (in the appropriate filed) and a rule which only switches to the CG e.g. when the Windows domain is not reachable anymore (otherwise, the default KSC is used -> I have not touched that).
Therefore, I created a subgroup “Notebooks” in every site subgroup and put a specific agent policy in every “Notebooks” subgroup (see above). However, the CG is only bound to a specific subgroup (e.g. “external devices”) and the laptops are not member of that subgroup (and it works as well).
-
you should use KSWS11 for server (https://support.kaspersky.com/ksws11)
-
unfortunately, same issue:
Because in the english forum, sometimes Kaspersky employees have a look (they helped me a lot in the past, thank you very much).
-
My Computer shows currently:
but in KSC:
KSN Servers unavailable
in Kaspersky Endpoint Security for Business
Posted
Are you using KSC as KSN proxy? Could it be possible that KSC server got rebooted or the backup task was running during that time (in both situations, KSC service gets stopped and therefore, ksn proxy does not work).