Jump to content
Kaspersky Support Forum

KEA on Exchange servers [Kaspersky Endpoint Agent]

Antipova Anna
 Share

Recommended Posts

Antipova Anna

Antipova Anna

Posted
Posted

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.

This article applies to KEA 3.10+

Problem

You need to install KEA on a host running MS Exhange 2013, 2016, 2019 server, and ensure compatibilty.

Solution

  1. Add the following values into registry (should be done with "Local System" rights):

    [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\KasperskyLab\SOYUZ\4.0\Environment]
    "EnablePorts"=dword:00000001
    "EnableSignatureLevel"=dword:00000001
    "ServerProfile"=dword:0000000a

  2. In KEA policy, add the following telemetry exclusions:

     We highly recommend NOT to exclude UmWorkerProcess.exe.

    C:\Program Files\Microsoft\Exchange Server\V15\Bin\ComplianceAuditService.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\EdgeTransport.exe
    C:\Program Files\Microsoft\Exchange Server\V15\FIP-FS\Bin\fms.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Search\Ceres\HostController\hostcontrollerservice.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Microsoft.Exchange.AntispamUpdateSvc.exe
    C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\agents\HygieneMicrosoft.Exchange.ContentFilter.Wrapper.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Microsoft.Exchange.Diagnostics.Service.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Microsoft.Exchange.Directory.TopologyService.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Microsoft.Exchange.EdgeCredentialSvc.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Microsoft.Exchange.EdgeSyncSvc.exe
    C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\PopImap\Microsoft.Exchange.Imap4.exe
    C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\PopImap\Microsoft.Exchange.Imap4service.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Microsoft.Exchange.Notifications.Broker.exe
    C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\PopImap\Microsoft.Exchange.Pop3.exe
    C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\PopImap\Microsoft.Exchange.Pop3service.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Microsoft.Exchange.ProtectedServiceHost.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Microsoft.Exchange.RPCClientAccess.Service.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Microsoft.Exchange.Search.Service.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Microsoft.Exchange.Servicehost.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Microsoft.Exchange.Store.Service.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Microsoft.Exchange.Store.Worker.exe
    C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\CallRouter\Microsoft.Exchange.UM.CallRouter.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeCompliance.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeDagMgmt.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeDelivery.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeFrontendTransport.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeHMHost.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeHMWorker.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeMailboxAssistants.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeMailboxReplication.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeRepl.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeSubmission.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeTransport.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeTransportLogSearch.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeThrottling.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Search\Ceres\Runtime\1.0\Noderunner.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\OleConverter.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Search\Ceres\ParserServer\ParserServer.exe
    C:\Program Files\Microsoft\Exchange Server\V15\FIP-FS\Bin\ScanEngineTest.exe
    C:\Program Files\Microsoft\Exchange Server\V15\FIP-FS\Bin\ScanningProcess.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\UmService.exe
    C:\Program Files\Microsoft\Exchange Server\V15\FIP-FS\Bin\UpdateService.exe
    C:\Program Files\Microsoft\Exchange Server\V15\Bin\wsbexchange.exe

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...