-
Posts
128 -
Joined
-
Last visited
Everything posted by MilanBortel
-
Hello @rafa_64, there is a built-in task called “Uninstall application remotely”: New task wizard → KSC → AdvancedInside this task, you can then choose, what app you want to uninstall. If it’s another AV, I’d try to go for incompatible application: Let me know, if it works for you ;) Cheers, Milan
-
KSC12 shows wrong operating system type
MilanBortel replied to 0xDEADC0DE's topic in Kaspersky Endpoint Security for Business
I see.. Do you have all the NAgent repositories settings enforced? This is unlocked: This is enforced: -
KSC12 shows wrong operating system type
MilanBortel replied to 0xDEADC0DE's topic in Kaspersky Endpoint Security for Business
Hello @0xDEADC0DE, how about running Inventory task on the host? It might refresh info about installed apps and also OS .. #justguessing Cheers, Milan -
using TLS v1.2 strict on KSC server
MilanBortel replied to MilanBortel's topic in Kaspersky Endpoint Security for Business
Let me close this topic - see attached instructions which helped to solve the situation. Now, we are TLS 1.2 strict. Cheers, Milan -
Hello Bob, I think you can solve this with combo - Device Control + Disk Encryption: disable all Removable Drives.. allow trusted device by ID (that would make it read/write of course).. but then - apply Encryption for entire removable drive: When a user connects untrusted USB it would be blocked.. when user connects trusted device it will be by default READ only and in case user wants to write on the disk - it encrypts the entire drive - thus makes it impossible to read on other device 😎 Cheers, Milan
-
Update ksc agent 12 with gpo
MilanBortel replied to Fredrik Buchanan's topic in Kaspersky Endpoint Security for Business
Hello @Fredrik Buchanan, I haven’t used GPO, but I’d recommend trying to do via remote installation task, plus you can set it up, so the Agent would reinstall even if there is already one installed: Let me know, if it makes sense to you ;) Cheers, Milan -
using TLS v1.2 strict on KSC server
MilanBortel replied to MilanBortel's topic in Kaspersky Endpoint Security for Business
with “MSSQL communication can also be encrypted with SSL/TLS” you mean exactly what? I found this article and the way I see it - SQL 2016 supports TLS v1.2, you don’t need to explicitly set this up SQL is running, no problems at all.. -
using TLS v1.2 strict on KSC server
MilanBortel replied to MilanBortel's topic in Kaspersky Endpoint Security for Business
and after few seconds the event log displays: -
using TLS v1.2 strict on KSC server
MilanBortel replied to MilanBortel's topic in Kaspersky Endpoint Security for Business
Well, this event appears in the event log: KSC can’t connect to DB -
using TLS v1.2 strict on KSC server
MilanBortel replied to MilanBortel's topic in Kaspersky Endpoint Security for Business
I waited… and waited … and waited … trust me, that didn’t help 😥 -
using TLS v1.2 strict on KSC server
MilanBortel replied to MilanBortel's topic in Kaspersky Endpoint Security for Business
Hello guys, I want to use TLS v1.2 only on server with KSC. changed settings according to https://help.kaspersky.com/KSC/11/en-US/174316.htm restarted KSC service, everything is working fine when I set up the windows server to use only TLS v1.2 https://docs.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings then MMC console won’t connect to KSC server, restarting KSC service doesn’t help, restarting windows server doesn’t help: KSC fails to connect only allowing TLS v1.0 from step 3 helps to recover the KSC KSC is running on Windows Server 2016 Standard SQL is running on Windows Server 2012 R2 SQL 2016 Thanks for your ideas, Milan -
KSC11 MMC Shows Plugs Must Be installed
MilanBortel replied to PaulM444's topic in Kaspersky Endpoint Security for Business
Hello @guitardood, I might have found your problem - KES 11.3.0.773 is only compatible with KSC 12! You can find details in this article. My recommendations - upgrade KSC to version 12 (I have an easy to follow guide on my YT channel here), then your KES hosts will be fully compatible 😎 Cheers, Milan -
At least events “application uninstalled/application installed” for, e.g. Chrome update are being published. > Is it true, that there is no access for that machines using KSC diagnostic utilities? Ehm… how can I do it remotely? Right-click on the device in KSC and go Custom tools→ Remote diagnostics Remote diagnostics in KSC
-
Hi @aehrlich, I’ve been facing the same error on one particular machine - and it was after recent Windows Updates (Feature Update → 1903 → 1909) 😡 I’m afraid that the only thing that helped was a complete reinstall KES + NAgent (using stand-alone installation package). That machine was also connected via VPN to my KSC … after reinstalling, Network Agent finally recognized that there IS a KES installed..from that moment, it’s working now correctly .. Cheers, Milan
-
I’d also add to create and schedule regularly “Backup of Administration Server data” task - remember, when installing KSC it automatically generates unique certificate, which is then used for key features (SSL communication with clients, Data Encryption). Without having a backup, you lose the original certificate and you would need to reinstall KSC with all clients! 😈
-
Web console 11.1.144
MilanBortel replied to MilanBortel's topic in Kaspersky Endpoint Security for Business
Hello guys, I’m having an issue with logging in the Web console (11.1.144). No matter if I try to log in on the same machine as KSC is installed or from any other, the page displays an error: Information on your page is out of date. Please, refresh page and login again. Have anyone seen the same issue? Milan PS: yes, we tried reinstalling the web console already 😜 -
Hi Mario, you mean to prevent user from logging into Windows? This can be done on the Active Directory side … see https://community.spiceworks.com/topic/2054421-lockout-ad-user-without-disabling Or did you want to achieve something else? Cheers, Milan