Cesare
-
Posts
51 -
Joined
-
Last visited
Never
Posts posted by Cesare
-
-
I guess that you could open a ticket to Companyaccount portal asking for that, but i’m not sure support team may share this info. Anyway you can approach this topic from another point of view: install KES for Windows and verify if everything is fine on your system; if yes, maybe an embedded exclusion already did its job; if not, you might manually add executables or\and other files to the trusted zone.
Cesare
-
Hi,
as far as i know latest version of KES 11 for Windows (11.7) already embed those exclusions (and Kaspersky’s ones too): this means that you have to add, if needed, your own custom exclusions only
Cesare
-
everything you’re reporting still leads me to say that KSC is not allowed to work with 15000UDP on clients’ side (again, we’re talking about traffic from KSC server towards Net Agents only).
That said, it would be better for you to open a ticket on K corporate helpdesk system, https://companyaccount.kaspersky.com/account/login
Cesare
-
well, you said it was working fine in the past and suddenly those icons went greyed out...as far as i know KSC12 did not received any patch recently, thus something has been changed within your network.
Have you tried to keep up the connection between remote host and KSC admin server? Does it work? Is the remote host able to synchronize to the admin server? Does this problem occur on all the managed devices?
You shouldn’t open the 15000UDP on the server side: this port is meaningfull at the client’s side only -
maybe KSC admin server cannot connect to that port due to a NAT\firewall\router? Maybe that machine is not in the same KSC’s subnet?
You can easily check if this is culprit of the problem: open the client’s properties window, tick the “do not disconnect from the administration server” checkbox; on the remote client send an heartbeat (from its utility within NA installation folder): now check if the play\stop buttons are still grayed out or are bright….if my theory is correct (not available 15000UDP port) those buttons should be bright and you can play with them
-
Hi,
this means that 15000UDP port is not open (or at least KSC cannot reach it) on the remote managed machine
Cesare
-
ok...you’re failing when pinging the KSC’s FQDN : and what if you ping its IP (10.14.11.50)? Does it fail yet? Have you checked that any firewall, installed on this machine (d6ivtiap01), is preventing some traffic? Does KSC host any Kaspersky solution yet? KES or KSWS….
Cesare
-
well….does “p2kscaap01.local.alto.id” exist in your network? Can you ping it from another machine?
-
Hello, i can imagine two possible reasons: that FQDN does not exist (unknown device...) or you’re facing with some troubles with DNS (failed to resolve address).
Cesare
-
Hi, as far as i know, installation wizard shows that “cluster option” only when the hosting machine already belongs to a MS cluster.
Cesare
-
attached screenshot
If locks are not closed the configuration you’ve just made won’t be deployed to managed applications (KS11 for Win Server in your case) -
Are you sure that related black locks are all closed?
Maybe the CoreFix6 might help you but this can be provided by K support onlyCesare
-
Hi,
try to disable DEP tecnique within Protected processes area (of course you have to work on the acrord32.exe record only)
Cesare
-
i just got a feedback from KL support: it seems that there was a problem on the server-side that has been fixed...hopefully ;)
Cesare
PS: if it’s an urgent issue it’s better to call KL support
-
Hi, unfortunately no one but the KL support may handle the server-side component of KES Cloud (and dive in deep seeking for any kind of problem). That said, i think it would be better for you to open a ticket to the Company account portal.
Cesare
-
Hi,
- yes, there’s a script that may help you but you have to open a ticket to the K official support. They will first ask you to run a script collecting infos about folders size: then they will give you the final script to clean up your current DB
- Yes, the only way to change the DBMS is to reinstall KSC pointing to the new DB and, finally, restoring KSC backup (if you want it)
Cesare
-
First of all “trusted applications” tab is dedicated to EXE files only, therefore folders or other file types cannot be excluded here: you have to do it within “Scan exclusions” tab\area.
Are you managing KES locally or even via KSC console? -
Hi, well...if that app works as soon as you’ve killed KES this means that it shouldn’t be a driver issue. If it’s not a driver issue than you should investigate at realtime protection level (one or more KES modules are interfering...)...and you highlighted that HIPS module might be our guilty. Usually it’s enough to exclude that\those executable file\s from being scanned at “trusted processes\applications” level...are you sure you’ve ticked all the exclusions checkboxes and closed all the black locks?
Are you sure that this application is based on that softphone.exe file only? Could you please check locally (on KES local GUI, i mean), “More Tools>Application activity monitor, if there are other processes referring to the same vendor?
Cesare
-
Hi,
every single installation package is tied to its workspace since the embedded Network Agent is preconfigured with workspace’s details (address, certificate, ports and so on).
Cesare
-
Hello,
bear in mind that KEA (Kaspersky Endpoint Agent) requires a proper license like Kaspersky Sandbox, EDRO, MDR Add-on (Optimum or Expert). That said, if you’re working with a “simple” Select or Advanced you’re not entitled to make it working.
Cesare
-
I just instaled KSC13 and it does show only kaspesky for windows server 10, not 11...
-
I do not see what you say...
first, i would recommend to install version 11
Then, you’ve begun yet the installation of the server component while you have to install Console outside this procedure...simply execute the exe you’ve downloaded from K website!
Here you have a better help: https://support.kaspersky.com/KSWS/11/en-US/148329.htm
-
well, “KSC Administration Console” is the MMC snap-in to manage KSC Server, yes it’s true.
But here we’re talking about another “administration console”...the one related to KS: i’m attaching a screenshot it might help you better than my words ;)
Cesare
-
Hi,
KS4WS does not automatically install\provide the full local GUI (it’s a MMC snap-in): you have to install it starting from the same exe file you’ve downloaded from K website. When you run it the “splash screen” provides an option like “Install Administration Console”: this is what you’re looking for.
Cesare
KES 11.X - Microsoft Recommended Exclusions from Scanning
in Kaspersky Endpoint Security for Business
Posted
Well, i suggest you to try to understand whick RTP module is causing the problem. You can firstly try to stop Mail Threat Protection (my favourite guilty!), then, if this does not fix the problem, you can proceed with File Threat Protection and so on. Since you’re working with Outlook (which KES version are you working with?) you may try playing with Outlook extension settings as well...maybe by avoiding to enable “Scan when reading” option might help you