home-A computer-Application management plug-in kaspersky security center 10. Installing Kaspersky Security Center. Do you like the video? we are also engaged in the supply of kaspersky products. and even more - we provide technical support. we care about our clients

Application management plug-in kaspersky security center 10. Installing Kaspersky Security Center. Do you like the video? we are also engaged in the supply of kaspersky products. and even more - we provide technical support. we care about our clients

The article reviews the product of "Kaspersky Lab" Kaspersky Endpoint Security and its use in a corporate environment, as exemplified by our clients

Good day, dear visitor. From the title of the article, you already understood that today we will be talking about protection. In one of the previous articles, I considered a product related to this field of IT, which showed itself well. Today I will tell you about an equally interesting product from Kaspersky Lab, of which we are partners, Kaspersky Endpoint Security. It will be reviewed in virtual environment Hyper-V, on second generation machines. The server side will be implemented on a Windows Server 2012 R2 domain controller, AD mode Windows Server 2012 R2, and the client side on Windows 8.1.

It should be noted that we constantly use this product in our IT outsourcing practice.

What is Kaspersky Endpoint Security?

In Kaspersky Endpoint Security for Windows technology world class to protect against malware can be combined with Application Control, Web Control and Device Control, and data encryption - all within one application. All functionality is managed from a single console, which simplifies the deployment and administration of a wide range of Kaspersky Lab solutions.

Possibilities:

  • Single application
  • Single console
  • Unified politicians

Kaspersky Endpoint Security for Windows is a single application that includes a wide range of critical security technologies, such as:

  • Anti-malware protection (including firewall and intrusion prevention system)
  • Control of workplaces
  • Application control
  • Web Control
  • Device control
  • Data encryption

Kaspersky Endpoint Security differs in the set of included modules containing a different number of modules depending on the edition:

In our case, we will use ADVANCED.

The following features are available as part of Kaspersky Endpoint Security for Business STARTING:

The following features are available as part of Kaspersky Endpoint Security for Business STANDARD:

  • Malware protection, firewall and intrusion prevention system
  • Control of workplaces
  • Application control
  • Web Control
  • Device control

... as well as other Kaspersky Lab technologies for IT security

The following features are available as part of Kaspersky Endpoint Security for Business ADVANCED and Kaspersky Total Security for Business:

  • Malware protection, firewall and intrusion prevention system
  • Control of workplaces
  • Application control
  • Web Control
  • Device control
  • Encryption
    ... as well as other Kaspersky Lab technologies for IT security.

Architecture

Server part:

  • Kaspersky Security Center Administration Server
  • Administration Console of Kaspersky Security Center
  • Kaspersky Security Center Network Agent

Client part:

  • Kaspersky Endpoint Security

So let's get started

Installing the Administration Server

In our case, the administration server will be installed on the AD controller in Windows mode Server 2012 R2. Let's start the installation:

I forgot to clarify, we will use Kaspersky Security Center 10. Install full distribution downloaded from the Kaspersky Lab website, which includes the installation package for Kaspersky Endpoint Security 10, respectively, and Network Agent 10

In the next window of the wizard, select the path for unpacking the distribution kit and click "Install".

After unpacking the distribution kit, we are greeted by the Kaspersky Security Center installation wizard, after clicking the "Next" button, the wizard asks "Network size", since We will have only two clients, one x86, and the other x64 bit, then we indicate "Less than 100 computers in the network."



Set the account under which the Administration Server will start. In our case Account domain administrator.



Kaspersky Security Center stores all its data in the DBMS. During installation, the wizard prompts you to install Microsoft SQL Server 2008 R2 Express, or if you have an already installed DBMS, you can select the name of the SQL server and the name of the DB.



At the “Administration Server Address” stage, the wizard asks you to specify the server address. we have AD and DNS integrated, it would be wiser to specify the server name.



After selecting the plug-ins for management, installation of Kaspersky Security Center will start.



After successful installation and the first launch of Kaspersky Security Center, we are greeted by the Initial Configuration Wizard, in which we can specify the key, accept the agreement to participate in KSN, specify the email address for notifications.




The update parameters are also specified and a policy with tasks is created.



After installation, our server will be installed:

  • Administration Server
  • Administration Console
  • Administration Agent

However, Kaspersky Endpoint Security will not be installed. Let's execute remote installation since Administration agent is already installed, then we can deploy Kaspersky Endpoint Security to the server. If there is no Network Agent and all incoming connections are denied in the Firewall Windows remote installation will fail. Expand the "Remote Install" node and select "Run the Remote Install Wizard". Select the installation package and click the "Next" button



In the "Select computers for installation" window, select the installation option for computers located in administration groups. Then select the server and click the "Next" button.



A system restart will be required after updating important modules of Kaspersky Endpoint Security. the package is new enough, no reboot is needed. In the choice of credentials, we will leave everything by default, i.e. empty. After clicking the "Next" button, we will see the progress of the installation of Kaspersky Endpoint Security.


Creation of groups

Because Since the policies and tasks intended for servers are different from the policies and tasks of workstations, then we will create groups corresponding to the type of administration for different machines. Expand the "Managed computers" node and select "Groups", click "Create a subgroup". Let's create two subgroups, "Workstations" and "Servers". From the "Managed computers - Computers" menu, using "drag and drop" or "cut & copy", move "DC" to the "Servers" group and create a policy and tasks for this group, different from tasks and policies in the "Managed computers" node ".

Installing Kaspersky Endpoint Security

To install Kaspersky Endpoint Security remotely, you need to disable UAC during installation. The requirement is "inconvenient", so we will create a policy for Windows Firewall in the GPO, in which we will allow an inbound connection according to the following predefined File and Printer Sharing rule.

After setup and distribution group policy, let's go to the administration console. Expand the "Administration Server" node and select "Install Kaspersky Anti-Virus", click "Run the Remote Installation Wizard". In the window of the wizard for selecting an installation package, select the required package and click "Next". Select clients in the "Unassigned computers" group and click "Next".

In the next window, we will leave everything as default and click "Next". After the window with the choice of the key, the wizard offers to ask the user about restarting the system after the installation of Kaspersky Endpoint Security is complete, leave it by default and click "Next". At the step "Uninstall not compatible programs»You can make adjustments, of course, if you need them. Further, the wizard offers to move the client computers to one of the groups, in our case, move them to the "Workstations" group.







As we can see, the console "speaks" about the successful installation of Kaspersky Endpoint Security on client stations.



As we can see, after the installation, the Administration Server transferred the client machines according to the conditions in the remote installation task.



Kaspersky Endpoint Security on a client machine.


Let's create a policy for client stations, in which we enable "Password protection", this is necessary, for example, if the user wants to turn off the anti-virus.

Let's try to disable protection on the client machine.



Rules for moving computers

On the administration server, you can set movement rules for client computers. For example, let's create a situation in which Kaspersky Endpoint Security will be installed on a newly discovered PC. This is useful in a scenario where the organization has a new PC installed.

To automate the deployment of Kaspersky Endpoint Security, we will set the rules for moving for computers. To do this, select the "Unassigned computers" node and select the "Configure rules for moving computers to administration groups" item and create a new rule.




In the created rule, the newly discovered PC will be added to the "Workstations" group from the specified range of IP addresses.

Next, let's create an automatic deployment task antivirus protection for machines on which it is not installed. To do this, select the "Workstations" group and go to the "Tasks" tab. Let's create a task for installing anti-virus protection with an "Immediate" schedule.

So, we can see that the client computer has been added to the Workstations group.

Let's go to the "Tasks" tab and see that the installation task has started.



Let me remind you that the situation was reproduced on a machine without anti-virus protection (although before that I demonstrated remote installation on one of them, after that, the antivirus was removed to demonstrate this scenario) and, as you can see, the installation takes place on a machine without anti-virus protection, a machine with anti-virus protection was not touched. After installing anti-virus protection tools, the KES policy will be applied to this client computer.

Reports

The reports in Kaspersky Endpoint Security are more than informative. For example, let's take a look at the report “About versions of Kaspersky Lab applications”.

The report, in some detail, displays information about installed programs Kaspersky Lab. You can see how many agents, client solutions and servers are installed. Reports can be deleted and added. You can also view the status of anti-virus protection using the "Computer selection", which helps to conveniently sort computers with infected objects or critical events.

In conclusion, I would like to say that only a small part of the Kaspersky Lab anti-virus complex has been reviewed. Management, indeed, is convenient and intuitive. But it is worth noting the huge workload of client systems during the search for viruses and potential threats, this workload is mainly due to heuristic analysis, which requires quite a few resources. The product is very easy to administer and is suitable for both AD and workgroup environments. This product is installed by many of our customers and shows itself only from the good side.

Everything, people, peace to you!

The larger the network, the more the system administrator (or IT department) tries to automate management software products... Antivirus software is no exception in this regard.

Many antivirus vendors have remote administration tools in their arsenal; today we will talk about a similar solution from Kaspersky Lab.

In general, Kaspersky Security Center is a rather serious application, which cannot be described in one article for sure. Therefore, in this article, we will analyze only its deployment.

You can download Kaspersky Security Center. The product itself consists of a server that will need to be deployed, an administration console that can be installed on another computer for remote server administration, a web console as an alternative to the usual one, and an administration agent that is installed on client computers and is responsible for communication between the anti-virus software and the server.

The server itself needs to be deployed only on operating systems of the Windows family. Moreover, the presence of a server edition is optional. Systems from XP and higher are supported, but only in Professional / Enterprise / Ultimate editions. WITH complete list Supported systems are available on the website.

In addition, the server needs MS SQL or MySQL for its work (you can also remotely). If finished server there are no databases at hand, the installer of Kaspersky Security Center will install MS SQL Express itself, which is quite enough for most organizations.

So, to deploy the server, download and run setup file(I recommend downloading the full distribution). As test bench we have chosen a computer with an operating room Windows system Server 2012 R2.

You will see a convenient menu in which we are currently interested in the "Install Kaspersky Security Center 10" item.

After starting the installation, you will be prompted to accept the license agreement and select the type of installation. For better control over the installation process, let's note the custom installation.

If the network has mobile devices, a separate component can be installed to manage their protection.

Indicate the size of your network. This point, however, does not carry any important determining force.

Next, the installation program will ask which user to run the Administration Server service from. You can specify an existing user with admin rights, or you can let the installer create a new one.

The next step is to choose a database server. As already mentioned, there are two options - MS SQL or MySQL. If you do not have a ready-made server, Kaspersky Security Center will carefully deploy MS SQL Express.

At this step in the installation process, you may be in for a small surprise in the event that it is not installed on your system. NET Framework 3.5 SP 1.

In Windows Server, the .NET Framework 3.5 SP 1 is built-in as a component and only needs to be enabled. If you do not have a server room operating system, then you need to go to the Microsoft website and download the installer.

Let's consider the option of including the component in Windows Server. To do this, open the Server Manager and select the "Add Roles and Features" item.

A wizard will start, in which we need to indicate that we are going to install roles or components.


Add Roles and Features Wizard in Windows Server

We select our server and skip the selection of roles. In the list of components we find Functions of the .NET Framework 3.5 and mark them with a tick.


Adding a Component to Windows Server

After that, we will return to the installation of Kaspersky Security Center directly.

We need to select the SQL authentication mode. It can be either a separate account or a current one.

The Kaspersky Security Center server needs a shared folder that client computers can access to receive updates and installation packages. You can create a new folder or specify an existing one.

We indicate the ports through which we will connect to the administration server.

We indicate the address of the server on the network. If the server has and will have a static IP address, you can limit it to it. Still, it is more convenient to define the server by name.

The last step before installing is choosing the required plugins. Plugins allow you to manage various anti-virus products of Kaspersky Lab. This is useful if you have a whole zoo of versions. Plugins can also be installed later additionally.

Now all that remains is to observe the installation process. Sometimes plugins require a separate license agreement.

Installation of Kaspersky Security Center is now complete.

Now let's go over the initial server setup. The administration console installed with the server looks like this:


Administration Console of Kaspersky Security Center

The console can be installed separately. And you even need not to log into the server every time for routine actions.

Servers are listed in the left column. So far, there is only our newly created server there. If you are administering several servers, then just click Add Administration Server.

So, click on the server you just created and the Quick Start Wizard will start. You will be asked to activate the program with a code or key. However, this can be done later.

In addition, the wizard will ask for your consent to participate in the Kaspersky Security Network program. In fact, this is another spy on your computers, which sends data to Kaspersky Lab about which resources you visit and where you catch the infection. This is motivated by the creation of a certain knowledge base. In my opinion, for the end user, the meaning of participation in such a program is questionable.

You will also be asked to indicate mailboxes for notifications from the Kaspersky Security Center server. You can skip this step.

After all these steps, the server will start downloading the latest updates from the network. In the future, it will be possible to configure as an update source not a Kaspersky Lab server on the Internet, but an upstream server, if there are several of them on your network.

After downloading the updates and polling the network, the wizard will display a success message and offer to launch the Protection Deployment Wizard on Workstations.

We will talk about deploying protection on workstations in.

A connection gateway is used if it is not possible to establish a direct connection with the Administration Server and the client computer. For example, the Administration Server is located in corporate network, and the client computer is not included.

How to install

To locally install Network Agent in connection gateway mode:

  1. Run the setup file on the device that will be the connection gateway.

By default, the installation file is located:
\\<Адрес сервера администрирования>\ KLSHARE \ Packages \ NetAgent_10.4.343.

  1. Read the terms of the License Agreement and check the box I accept the terms of the License Agreement.
  1. Select the installation folder.

  1. Ask Server address and uncheck the box Allow Network Agent to open UDP port.

  1. Skip step Proxy configuration.
  2. Please select Use as a gateway for connections in the DMZ.

  1. Please select Get from Administration Server.

  1. Set tags if you use them. For more information on using tags, see For more information, see the article How and why to use tags in Kaspersky Security Center 10.

  1. Skip step Extra options.
  2. Check the box Run the program during installation.

  1. Click on Install.

How to setup

  1. Open Kaspersky Security Center 10.
  2. Open the context menu of the node Managed devices and press CreateGroup.

  1. Enter a name for the new group and click OK.

  1. Open up Properties knot Administration Server.
  2. Go to section Update Agents and uncheck the box Assign Update Agents Automatically.Click Add.

  1. In the field drop-down menu, click Add a connection gateway located in the DMZ at.

  1. Enter the connection gateway address and click OK.

  1. Select the set of devices associated with this connection gateway. Click on OK.

During the next scan of the network, the Administration Server will detect the connection gateway added by the IP address and place it in Unassigned devices.

  1. Add connection gateway to group External devices created in step 3.
  2. Open up Properties knot Administration Server and go to section Update Agents... Click on Add.
  3. In the drop-down menu of the field A device that will act as an update agent click Add a device from the group. Add connection gateway from the group Externaldevices and press OK. Repeat step 8.
  4. Select the added connection gateway and open it Properties.

  1. Go to section Gateway... Check the box Connection gateway and Initiate creation of a connection to the gateway from the Administration Server side... Ask Gateway address for remote devices, for example, abc-lab.kaspersky.com. Click on OK.

You can create a Network Agent policy for the connection gateway. When creating in step Network uncheck the box Use UDP port.

This material was prepared for specialists involved in the management of antivirus protection and security at the enterprise.

This page describes and analyzes the most interesting functionality of the latest versions of Kaspersky Endpoint Security 10 and the Central Management Console of Kaspersky Security Center 10.

The information was selected based on the experience of communication between NovaInTech specialists, with system administrators, heads of IT departments and security departments of organizations that are just switching to Kaspersky anti-virus protection, or are going through the process of switching from using the 6th version of the anti-virus on client computers and the Administration management console Kit 8. In the latter case, when anti-virus protection from Kaspersky Lab is already in use, it is also common that IT specialists do not know the most interesting points in the work of new versions of products that really help make life easier for these same IT specialists, and at the same time improve level of safety and reliability.

After reading this article and watching the videos, you can briefly familiarize yourself with the most interesting functionality provided by latest version Kaseprky Security Center and Kaspersky Endpoint Security management consoles and see how it works.

1. Installing the Administration Server of Kaspersky Security Center 10.

The required distributions can be found on the official Kaspersky Lab website:

ATTENTION! To the distribution full version Kaspersky Security Center already includes the latest version of the Kaspersky Endpoint Security distribution kit.

First of all, I would like to tell you about where to start installing anti-virus protection from Kaspersky Lab: Not from the anti-viruses themselves on client computers, as it might seem at first glance, but from the installation of the administration server and the central management console of Kaspesky Security Center (KSC ). With the help of this console, you can deploy anti-virus protection on all computers of your institution much faster. In this video you will see that after the installation and minimal configuration of the KSC administration server, it becomes possible to create an antivirus solution installer for client computers that even a completely unprepared user can install (I think every administrator has such "users") - the installation interface contains everything 2 buttons - "Install" and "Close".

The administration server itself can be installed on any computer that is always turned on or as accessible as possible, this computer must be visible to other computers on the network, and it is very important for it to have access to the Internet (for downloading databases and synchronizing with the KSN cloud).

Watch the video even if you have installed the center console before, but previous versions- perhaps you will hear and see something new for yourself ...

LIKE THE VIDEO?
We also do delivery of Kaspersky products... And even more - we provide technical support. We care about our clients.

2. Setting up centralized management on computers with Kaspersky already installed.

It is often found that in small organizations, system administrators install and configure anti-virus protection on each computer manually. Thus, the time they spend on maintaining anti-virus protection increases and they do not have enough time for some more important tasks. There are cases when administrators, simply due to lack of time, simply do not know that corporate versions of anti-virus protection from Kaspersky Lab generally have centralized management, and do not know that they do not need to pay anything for this miracle of civilization.

In order to "connect" the already installed client antiviruses with the administration server, you need very little:

  • Install the Administration Server (Section 1 of this article).
  • Install the Administration Server Agent (NetAgent) on all computers - I will describe the installation options in the attached video below.
  • After the installation of the administration server agent, computers, depending on your settings, will be either in the "Not distributed computers" section or in the "Managed computers" section. If computers will be in "Not distributed computers" - they will need to be transferred to "Managed computers" and set up a policy that will apply to them.

After these actions, your computers will be visible to you from the central console, users will no longer be able to manage the antiviruses installed on their machines and, as a result, there will be less infections and less headache for the administrator.

In the video below, I will try to describe the scenarios for installing NetAgents on client computers, depending on how your network is arranged.

Similar publications: