Jump to content

How to configure KEA exclusions required for KEA on AD controllers [Kaspersky Endpoint Agent]


Recommended Posts

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.

Problem

How to configure KEA exclusions required for KEA installed on AD controllers to prevent its slowdown and high hardware resources consumption.

Step-by-step guide

Add the following registry key to affected AD controller registry:

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\KasperskyLab\SOYUZ\4.0\Environment]
"EnablePorts"=dword:00000001
"EnableSignatureLevel"=dword:00000001
"ServerProfile"=dword:0000000a

This operation should be done as Local System account (either locally via psexec or via .bat script (attached) deployed via KSC and Network Agent).

Please restart Endpoint Agent service after this change.

This option will make KEA exclude the ports:

Exclusions WinRM
Exclution DHCP
Exclude DNS
Exclude SSDP
Exclude mDNS
Exclude LLMNR
Exclusions RPC/NetBios
Exclude LDAP
Exclude Kerberos
Networking and RabbitMQ
Exclude     Delivery Optimization for Windows 10[244]
Exclusions Microsoft SQL Server database management system (MSSQL) server
Exclusions In Windows Server 2008 (and Windows Vista), the dynamic port range is 49152-65535, for both TCP and UDP.
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...