Jump to content

Enable bad usb protection in Kaspersky Security Cloud admin panel [Solved][Closed]


jjb2
 Share

Go to solution Solved by Caos,

Recommended Posts

Hello, I have the Kaspersky Security Cloud (KES 11) deployed in our organization. I want to enable the BadUsb protection on all devices and I want to do it automatically on all devices. I was trying to login to some test machines remotely to enable this feature (modify the software settings using the control panel) however all our KES installations are running under "profile security" and thus "modify software" in control panel is disabled. Is there any way to enable this feature remotely by using some administrative templates like GPO's ? We've recently seen some BadUsb attacks therefore the case is urgent and any help will be greatly appreciated. Kind regards, Jacek
Link to comment
Share on other sites

Hi, This module is activated, from the moment than Kaspersky Endpoint Security Cloud is installed: https://help.kaspersky.com/KESWin/11/en-US/97194.htm From Kaspersky Endpoint Security Cloud it can be deactivated using the profile password https://help.kaspersky.com/Cloud/1.0/en-US/157977.htm Regards
Link to comment
Share on other sites

Hi I did a check on my lab pc. The BadUsb prevention is not available in the GUI and this functionality is not visible in the Security Cloud Panel either. I bought 35 licenses for Endpoint protection but this particular feature seems disabled (no BAD USB protection in the basic threat detection). It is also not possible to modify app settings - the modify and "repair" features are disabled. Finally - I bought myself a USB stick to emulate the "badusb" behavior. Windows successfully installed that USB and there was no action from KASPERSKY (it was not blocked - whilst it should be). Please help to fix. Kind regards, Jacek
Link to comment
Share on other sites

Hi, Yes - these are corporate laptops in corporate network. So we have a set of GPO's in our network (for example mass-storage devices are also locked using the GPO). All the devices are associated with specific profile in the Kaspersky Security Cloud (like content filtering, protection levels, ... ) and this functionality seems to work. All I want now is to enable the badusb attack prevention. Kind regards, Jacek
Link to comment
Share on other sites

Hi Kaspersky Team & Valued Supporters, Do You have any update regarding this problem ? The BadUSB protection should be installed and it should be working however we are struggling for the last few days and still no-go :( Looking forward to any reply. Kind regards, Jacek
Link to comment
Share on other sites

Hi, I just managed to fix the problem. The package downloaded from the distro center in the cloud does not contain the BAD USB component enabled by default. These are precompiled settings by Kaspersky Lab so it is not possible to modify this package on my Windows machines. My and my IT team decided that we will move away from the policy management directly from the cloud portal and we've deployed Kaspersky Security Center v.11 on one of our spare servers. Keep in mind that the standard package available in the deployment sub-menu does NOT contain BadUSB prevention enabled by default. However, this is a single click intervention and then !TADA! the bad usb protection is there and it is working quite well There is only one drawback of the entire situation - we must remove "old packages" from quite a few PC's and then install the KES again - but this is minor a minor problem because it will take about few hours to complete (as compared to potential security threats which are emerging).
Link to comment
Share on other sites

  • 3 weeks later...
  • Solution
Hi, This module is activated, from the moment than Kaspersky Endpoint Security Cloud is installed: https://help.kaspersky.com/KESWin/11/en-US/97194.htm From Kaspersky Endpoint Security Cloud it can be deactivated using the profile password https://help.kaspersky.com/Cloud/1.0/en-US/157977.htm Regards
Update: This mention in the help is wrong and as I have been told it will be removed from it in the next update of the online help. It is not scheduled to be included in the next version, therefore, the definitive response of the laboratory is that this product does not have badusb administration and it is not planned to include it, the mention in the online help will be deleted. The only "unofficial" way to use this KES capability would be if it is not managed from Cloud and manually activated locally (by uninstalling the network agent). Regards
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.