Jump to content
Kaspersky Support Forum

deployment standardization

kav_newbie

By kav_newbie
in Kaspersky EDR Optimum

 Share

Recommended Posts

kav_newbie

kav_newbie

Posted
Posted

Dear Expert,

What is the de facto for Kaspersky Next if the requirement is to look like this?

1. endpoints are located on-premise, and some endpoints are deployed remotely

2. endpoints on-premise; some have internet access, some are part of intranet only, having no direct internet access

3. single management console for endpoints situated locally and externally with centralized repository for signature updates

I am thinking of these approaches.

a. create a distribution point

b. creating a hierarchy of Administration Servers

Creating a hierarchy of Administration Servers: adding a secondary Administration Server

 

Tahmeed702

Tahmeed702

Posted
Posted
11 hours ago, kav_newbie said:

Dear Expert,

What is the de facto for Kaspersky Next if the requirement is to look like this?

1. endpoints are located on-premise, and some endpoints are deployed remotely

2. endpoints on-premise; some have internet access, some are part of intranet only, having no direct internet access

3. single management console for endpoints situated locally and externally with centralized repository for signature updates

I am thinking of these approaches.

a. create a distribution point

b. creating a hierarchy of Administration Servers

Creating a hierarchy of Administration Servers: adding a secondary Administration Server

 

Simply put, if every workstation in your infrastructure can be connected to a central server, it can be managed by on-premise KSC, you don't need to configure Distribution Point, Configuring DP/Master-Slave is difficult, and sometimes connections break down easily and are difficult to troubleshoot, I would recommend using on-premise KSC if all workstations have centralized connectivity with a server and not deploying through Master-Slave or DP Architecture until Workstations do not require internet access to stay up to date; updates are downloaded from KSC.

kav_newbie

kav_newbie

Posted
  • Author
Posted

Thank you.@Tahmeed702 for always giving your best shot.

Having said that, in your reply I haven't read how the KSC On-prem manages endpoints that are part of my network but spend most of their time working outside of our network. How our Kaspersky on-prem could enforce policies?

Tahmeed702

Tahmeed702

Posted
Posted
17 minutes ago, kav_newbie said:

Thank you.@Tahmeed702 for always giving your best shot.

Having said that, in your reply I haven't read how the KSC On-prem manages endpoints that are part of my network but spend most of their time working outside of our network. How our Kaspersky on-prem could enforce policies?

Then You may deploy in two schemas , One using KSC on-prem and for workstation which are out of network but has internet you can deploy using cloud.kaspersky.com or ksc.kaspersky.com

kav_newbie

kav_newbie

Posted
  • Author
Posted

Then You may deploy in two schemas , One using KSC on-prem and for workstation which are out of network but has internet you can deploy using cloud.kaspersky.com or ksc.kaspersky.com ---- the draw back here would be how to control the license. what would be the treatment in terms of licensing if I have one activation code loaded for on-prem and cloud management? e.g I have 350 endpoints.

 

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...