ElvinE5

этот функционал работает ТОЛЬКО на серверах (система Windows Servers) и при наличии соответствующей лицензии

Проверти настройки тут ... по умолчанию стоит "всегда проверять TLS" попробуйте "Если поддерживается ..... "

You can update KSC at any time when it is convenient for you (before the old server is disconnected or after) what is important is that you perform the "migration" procedure of the devices connected to the server that you plan to disconnect to the new one, this task must be run on the old server. specify your settings and the address of the new server, make sure that all devices have "moved" to the new server and after that the old server can be turned off.

тут

ок ... Let's try a simple rule to open RDP Make sure that the rule is enabled and at the top of the list, you can move it with the corresponding buttons BUT this allows anyone to connect to the server, if it is possible to specify the IP from which the connection will be made, do this ... also ...if you use one policy profile for all devices, then this rule will affect all devices. Check if it helps with your task

День добрый попробуйте в настройках утилиты указать локализацию для ваших баз выберете свой язык и укажите вторым параметром LangNone удалите все базы в хранилище утилиты и скачайте их повторно ... удалите базы в хранилище сервера перед запуском задачи. проверьте

День добрый Последние дистрибутивы можно получить тут в вашем случаи вам придется развернуть сразу новую версию и выполнить миграцию параметров из более старой версии. обновление между версиями не поддерживается. в справке описание для перехода в 2.0, думаю оно справедливо и для 2.0.1

What license do you have for kaspersky Securit Cloud or Cloud Plus, or Kasresky Cloud Console ? RDP, as I understand it, sticks out on your server and is available from the Internet?

Need more details... what did you install on the server? what version? Server with RDP and client device on the same network? what is their IP it is more likely that the firewall rule for applications is triggered, due to the fact that you are accessing it from the Public part of the network (but by the standards of the application). you will probably need to write a permissive packet rule ... but you need to understand how everything is configured for you now ...

most likely that the system cannot receive updates for anti-virus databases (including blacklists) you have an older version of the product (more than a year old), product is no longer supported, the databases for it are no longer released. update the product to the latest versions - https://support.kaspersky.com/us/kes-for-linux/11.4.0/245017

Проверьте настройки компонента "проверки подлинности" - какие действия стоят при обнаружении нарушения. Используете все механизмы проверки ? или только SFP Проверьте доставленные письма ...по какому правилу они были доставлены ...возможно до проверки подлинности не дошло. проверьте логи доставки. Соберите все данные и напишите в СА - https://companyaccount.kaspersky.com/account/login

If you consider the status unnecessary, disable the display of these statuses in the properties of the group of managed devices.

в системный событиях посмотрите ...ну и вот ...

перепроверьте правильность keytab, часто там именно ошибаются. окно ввода логина не должно появятся, настройки на клиенте сделали ? - https://support.kaspersky.com/KSMG/2.0.1/ru-RU/228052.htm проверьте что LDAP синхронизация без ошибок что бы все "взлетело" нужно что бы и LDAP и SSO были настроены корректно ...

There shouldn't be any particular problems. upgrading from 13.2 to 14.2 is carried out in a regular way, it does not matter if it is a slave or the main server. 1. Download the new version 2. Make a backup 3. Install the new version (on top of the old one, you don’t need to delete anything) to switch roles .. just break the chain of command. do not forget to check that you still have all the necessary policies and tasks to work with. note that devices from the server that you want to delete must be migrated to connect to a new server, otherwise you will lose control

I think in your case it would be more correct to contact LK directly and offer them your intelligence materials for inclusion in the response bases ... with leathering, adding from the file will not work rather, adding OpenIoC files for search tasks is possible ... but not in the permanent blocking rules.

in general terms, yes, the main thing is to ensure that the administration agent on the client can connect to the server on port 13000 I'll clarify... UDP 15000 from server to clients (clients will not call the server on this port, they will only listen on it) yes if all settings are correct ... and the server is available for clients

if there are many undetectable hashes... use the "Application Control" tool (as described above) to block launch attempts. the user cannot independently update the "bases" for the components so that they would detect them, this is the work of the Kaspersky Lab specialists. Also, if you have the appropriate licenses, for example, EDRO, KATA/KEDR, you can create blocking rules for hash amounts that your specialists have scouted using these products. Also, Sandbox products from the laboratory will help you study and automatically block new, unknown malware if they are marked as malware during the analysis process.

in principle yes, but in the future you may need something else TCP 13000 - both directions UDP 15000 - from server to clients (for sending push notifications, for forced synchronization)

Unfortunately, I'm afraid it won't work... in a solution with an internal KSC server (or Cloud Consol, i think), we can try to add this file (your program on the server) to the exclusion from checking by its hash sum but in the cloud version (the one you use) this functionality is not available. try contacting technical support through the portal, maybe they will have some solution for you https://companyaccount.kaspersky.com/account/login

для начало вам нужно ДВА файла keytab :), для LDAP и для SSO (с разными учетными записями) не ищите смысла ..просто верьте (с) - неизвестный мудрец Для интеграции LDAP https://support.kaspersky.com/KSMG/2.0.1/ru-RU/88722.htm Для SSO кроме второго keytab, необходимо настроить на клиентском устройству доп параметры https://support.kaspersky.com/KSMG/2.0.1/ru-RU/179052.htm

good day I think this is quite possible, requests are not particularly needed for echo to work ... here is a summary of all ports used by KSC https://support.kaspersky.com/KSC/14.2/en-US/158830.htm here is more detailed information on the interaction https://support.kaspersky.com/KSC/14.2/en-US/158520.htm in particular client-server https://support.kaspersky.com/KSC/14.2/en-US/158525.htm with such a spread of sites, I would suggest using a hierarchy of servers, if this is acceptable in your case and available in your license (not lower than advanced) https://support.kaspersky.com/KSC/14.2/en-US/3304.htm https://support.kaspersky.com/KSC/14.2/en-US/158529.htm in this way, clients will connect to their local server, and it will already be a slave to the server in the EC https://support.kaspersky.com/KSC/14.2/en-US/183051.htm

не насколько, не важно есть у вас домен или нет. Вероятно проблема просто с ОС, наверное проще с нуля переустановить систему, обновить ее , и поставить начисто KSC 14, восстановить настройки из бекапа (надеюсь вы их сделали)

Good day when specifying the path to the application, you must specify the path to the executable file by its location locally (by the path of its location on the server), not by the network path. For example C:\Windows\system32\r_server.exe or %SystemRoot%\system32\r_server.exe in the settings exclusion in "Advanced -> Threat detection and exclusions -> Trusted applications " you have examples of writing such rules if you select the specified settings, then the system will not control the actions of the program you specified, this should help with the slow operation of the application. and yes, if you make this exception in a general policy (applied to all devices), it will be applied to all, and if they have the same executable file located on the same path, this exception will be applied to them. if you only want the exception for one server, create a separate policy profile and apply to that server.

Good day Here are a couple of links to resources that you might find useful. help on external services that KSC uses - https://support.kaspersky.com/ksc14/settings/server/15052 about https://touch.kaspersky.com/ you can contact the support service to clarify information about what this resource is used for - https://companyaccount.kaspersky.com/account/login As for activation... I'm going to assume that you are using an activation code that must be checked against Kaspersky Lab's servers to ensure it's valid. according to the idea, the KSC server should act as a proxy for the activation server ... but you need to take care that TCP 17000 is available between the client and the KSC server (on the server it is open by default) ... this is provided that the KSC must have Internet access . https://support.kaspersky.com/KSC/14.2/en-US/158830.htm the second option (probably more simple) is to use not the code, but the activation file ... you can get it from the code on this resource. https://keyfile.kaspersky.com and already a keyfile to activate clients in a closed network. They, the code and the keyfile, are completely identical, you can use what is more convenient for you, while the keyfile already contains all the necessary information and does not require confirmation of validity.