Contacts
the main

Installing Kaspersky Security Center. Installing Kaspersky Security Center Kaspersky Administration Server

This material was prepared for specialists involved in the management of antivirus protection and security at the enterprise.

This page describes and analyzes the most interesting functionality of the latest versions of Kaspersky Endpoint Security 10 and the Central Management Console of Kaspersky Security Center 10.

The information was selected based on the experience of communication between NovaInTech specialists, with system administrators, heads of IT departments and security departments of organizations that are just switching to Kaspersky anti-virus protection, or are going through the process of switching from using the 6th version of the anti-virus on client computers and the Administration management console Kit 8. In the latter case, when anti-virus protection from Kaspersky Lab is already in use, it is also common that IT specialists do not know the most interesting points in the work of new versions of products that really help make life easier for these same IT specialists, and at the same time improve level of safety and reliability.

After reading this article and watching the videos, you can briefly familiarize yourself with the most interesting functionality provided by the latest version of the Kaseprky Security Center and Kaspersky Endpoint Security management console and see how it works.

1. Installing the Administration Server of Kaspersky Security Center 10.

The required distributions can be found on the official Kaspersky Lab website:

ATTENTION! The distribution package of the full version of Kaspersky Security Center already includes the distribution package of the latest version of Kaspersky Endpoint Security.

First of all, I would like to tell you about where to start installing anti-virus protection from Kaspersky Lab: Not from the anti-viruses themselves on client computers, as it might seem at first glance, but from the installation of the administration server and the Kaspesky Security Center central management console (KSC ). With the help of this console, you can deploy anti-virus protection on all computers of your institution much faster. In this video you will see that after the installation and minimal configuration of the KSC administration server, it becomes possible to create an antivirus solution installer for client computers that even a completely unprepared user can install (I think every administrator has such "users") - the installation interface contains everything 2 buttons - "Install" and "Close".

The administration server itself can be installed on any computer that is always turned on or as accessible as possible, this computer must be visible to other computers on the network, and it is very important for it to have access to the Internet (for downloading databases and synchronizing with the KSN cloud).

Watch the video, even if you installed the central console before, but in previous versions - you may hear and see something new for yourself ...

LIKE THE VIDEO?
We also do delivery of Kaspersky products... And even more - we provide technical support. We care about our clients.

2. Setting up centralized management on computers with Kaspersky already installed.

It is often found that in small organizations, system administrators install and configure anti-virus protection on each computer manually. Thus, the time they spend on maintaining anti-virus protection increases and they do not have enough time for some more important tasks. There are cases when administrators, simply due to lack of time, simply do not know that corporate versions of anti-virus protection from Kaspersky Lab generally have centralized management, and do not know that they do not need to pay anything for this miracle of civilization.

In order to "connect" the already installed client antiviruses with the administration server, you need very little:

  • Install the Administration Server (Section 1 of this article).
  • Install the Administration Server Agent (NetAgent) on all computers - I will describe the installation options in the attached video below.
  • After the installation of the administration server agent, computers, depending on your settings, will be either in the "Not distributed computers" section or in the "Managed computers" section. If computers will be in "Not allocated computers" - they will need to be transferred to "Managed computers" and set up a policy that will apply to them.

After these actions, your computers will be visible to you from the central console, users will no longer be able to manage the antiviruses installed on their machines and, as a result, there will be less infections and less headache for the administrator.

In the video below, I will try to describe the scenarios for installing NetAgents on client computers, depending on how your network is arranged.

  1. Go to node Administration Server.
  2. Select from the menu ViewInterface customization.
  3. Customize the display of interface elements using the following checkboxes:

      Display System Administration. If the box is checked, the folder Remote installation Deploy device images, and in the folder Vaults a subfolder is displayed Equipment... The checkbox is cleared by default.

      Display encryption and data protection. If the check box is selected, data encryption control on devices connected to the network is available. After restarting the program, a folder will appear in the console tree Encryption and data protection

      Display workplace control parameters. If the box is checked, in the section Security control The following subsections are displayed in the properties windows of the Kaspersky Endpoint Security for Windows policy: Application control, Vulnerability monitoring, Device control, Web Control... The checkbox is cleared by default.

      Display Mobile Device Management. If the checkbox is checked, the function is available. Mobile device management... After restarting the program, a folder will appear in the console tree Mobile devices... The checkbox is cleared by default.

      Display slave Administration Servers. If the checkbox is selected, the console tree displays the nodes of slave and virtual Administration Servers as part of administration groups. The checkbox is checked by default.

      Display sections with security settings. If the box is checked, the section will be displayed in the properties windows of the Administration Server, administration groups and other objects. Safety... The checkbox is checked by default.

  4. Click on OK.

To apply some changes, you must close and reopen the Administration Console.

Kaspersky Security Center simplifies the management of security and IT systems. A flexible, scalable console, also available as a web version, meets the security needs of a growing business that change with it. It provides comprehensive IT and security management and facilitates the division of responsibilities among administrators.

Kaspersky Security Center offers the following benefits:

  • Powerful management console with an additional flexible web interface, accessible anywhere from any stationary or mobile device
  • Ability to view security settings and manage protection across the entire corporate environment, including cloud, physical and virtual machines, and mobile devices
  • Easily deploy and manage security with out-of-the-box unified policies

It doesn't matter how many workstations you have (fifty or fifty thousand) and what kind of infrastructure (centralized, distributed or mixed) - Kaspersky Security Center allows you to effortlessly install, configure and administer comprehensive protection tools. Simplify scaling and leverage new tools and capabilities to meet the unique needs of your business.

FEATURES AND BENEFITS

  • Complete overview of protection status

    The growing variety of platforms, devices and software makes life difficult for information security leaders. Complexity negatively impacts security. The more resources you control, the more difficult it is to track and protect them.

    Gathering information about software and hardware and installing vulnerability patches in a timely manner is time-consuming and labor-intensive. Kaspersky Security Center simplifies these tasks. Physical, virtual and cloud desktops, mobile devices and embedded systems are managed from a single console, increasing efficiency and reducing total cost of ownership.

    • Resource control and cost reduction

      Kaspersky Security Center provides a detailed view of the hardware and software on your network. You can save on licensing costs with centralized monitoring and granting of use rights. Automatic discovery of devices and other hardware, as well as software summary reports, help you optimize resource utilization. Kaspersky Security Center makes it easy to track and control licensing of applications and the equipment you have.

    • Search and elimination of vulnerabilities

      The vulnerability scan and patch management technology in Kaspersky Security Center detects vulnerabilities in applications and operating systems that cybercriminals can use to penetrate your corporate network. Applying timely patches can eliminate these vulnerabilities before malware can harm you.

      Automatic Vulnerability Scan uses the most up-to-date information about exploit activity coming from the cloud in real time. This allows you to quickly install new critical security fixes without slowing down your systems and users. With support for more than 150 applications, Kaspersky Security Center provides effective vulnerability monitoring for a wide range of applications commonly used in business. Detected vulnerabilities are prioritized, and the most critical ones are eliminated first.

    • Automatic minimization of risks

      Security patches are automatically downloaded, distributed, and installed on physical, virtual, and cloud-hosted machines. Optimizing the algorithms for installing Microsoft updates can reduce the amount of network traffic and used disk space. You can track the status of patching with detailed reports on the fix of vulnerabilities in third-party applications.

    Optimizing your daily tasks

    Kaspersky Security Center offers extensive IT system administration capabilities that optimize routine tasks in heterogeneous networks.

    The extensible console architecture includes plugins to manage security products for different platforms. When releasing a new product or updating an existing one, the required extension can be installed in Kaspersky Security Center without using patches or reinstalling the console. Client-side management tools make it easy to distribute and deploy software to the workplace. Centralized administration is complemented by role-based access and built-in dashboards so that administrators can only access resources that are relevant to their job.

    • Easy scaling

      You don't need to change the initial settings to scale the console. One server instance of Kaspersky Security Center allows you to administer up to 100,000 physical, virtual and cloud workstations. A single distribution point can serve up to 10,000 hosts. For multiple servers, a hierarchy is maintained in which all slave servers inherit the roles and rights of the master server, and the master server has complete information about each host under the control of each slave server.

    • Data Loss Prevention

      Centrally managed encryption tools further protect data in the event of an attack or device loss. Kaspersky Security Center allows administrators to centrally enable and disable FileVault 2.0 on macOS, encryption of mobile devices, encryption technology from Kaspersky Lab, and Microsoft BitLocker on Microsoft Windows. The console also monitors the status of encrypted devices, reports blocking access to encrypted files, and stores backups of encryption keys locally to recover forgotten credentials.

    • Optimizing remote support

      Reduce response times and improve efficiency by optimizing remote support and troubleshooting capabilities. In Kaspersky Security Center, connection to client / remote computers is performed via RDP, which allows for quick diagnostics and troubleshooting of any software.

    • Easy deployment in remote offices

      Kaspersky Security Center supports remote and automatic configuration of new workstations at company branches. You can also deploy new applications and schedule them to automatically install outside of business hours. This allows for centralized creation, storage and deployment of system images, which greatly facilitates migration, for example, to Microsoft Windows 10.

    • Mobile device management based on various platforms

      Kaspersky Security Center allows you to manage both corporate and personal mobile devices equally effectively. Even when working outside the office, employees don't have to worry about the security of their mobile devices.

    • Mobile device security

      Manage the protection of mobile devices using Kaspersky Security Center and form a detailed view of their security thanks to indicators of protection levels. Keep corporate and personal data separate on user and guest devices, and implement passwords and encryption of corporate data to prevent leakage if the device is stolen or lost.

    • Support for employees to work on personal devices

      In many organizations, employees use personal devices for work tasks (BYOD). A convenient system of assistants in Kaspersky Security Center allows you to deploy protection of such devices using Over the Air (OTA) technology, as well as third-party consoles (Samsung KNOX).

    • SaaS Security Management Console

      Manage protection remotely using our cloud-based Kaspersky Security Center console. This is a management server in the Azure cloud. There is no need to waste time and resources on its deployment and support - Kaspersky Lab will take care of them. If you are using Kaspersky Endpoint Security for Business Standard, you can now manage the security of Windows, Mac and Linux workstations directly from the cloud console.
      Key features:

      • Centralized seat discovery and deployment
      • Distribution point support
      • The ability to migrate within the server hierarchy - for example, moving the main server to the cloud while maintaining the slave server on the local infrastructure
      • Migration wizard
      • Supports up to 10,000 nodes - the console is suitable for companies of all sizes, including corporations

      In this case, you can continue to use the existing management tools (MMC console and web console).

      • Enhanced web console for local management

        You can now administer advanced features such as vulnerability and patch management, encryption and remote desktop management using the web console in Kaspersky Enterprise Security for Windows, Kaspersky Enterprise Security for Mac, and Kaspersky Security for Windows Server.

        The console also supports new solutions - Kaspersky Sandbox and Kaspersky Endpoint Detection and Response Optimum, as well as the latest version of Kaspersky Embedded Systems Security.

      • System Integrity Support

        Kaspersky Security Center allows you to track any changes in critical infrastructure components, such as web servers and ATMs, and promptly respond to security breaches. Receive event data from the System Integrity Control component. So you can monitor not only the file system of the device (using file integrity monitoring), but also the registry hives, the status of the firewall and connected equipment.

      • Easy security management of all devices

        Deploying, configuring, and enforcing security policies across all devices on all platforms from a single console, providing added visibility, complete control, and efficient management.

      • Protection against attacks on public networks

        The use of unreliable public Wi-Fi networks leaves devices and corporate networks vulnerable. By creating a list of trusted networks for mobile workers, you can deny them access to everyone else without compromising the convenience and productivity of their work.

      • Easy firewall management

        Configuring and managing a firewall for Linux and Windows. Kaspersky Security Center allows you to apply network policy to all endpoint devices from a single console.

      • Minimizing risks and increasing employee productivity

        You can control which devices and applications can access your network and how they can operate on it, as well as completely control employee access to devices, applications and websites. This allows you to provide reliable protection against malware and other threats.

      • Instant connection protection for cloud environments

        Tight integration between the management console and the Amazon Web Services cloud platform provides full transparency and control over all instances of Kaspersky Security for Linux and Kaspersky Security for Windows Server deployed in the cloud.

        Install Kaspersky Security Center in the Amazon EC2 cloud to manage the protection of your environment, or subscribe to one of the AMIs available on the AWS Marketplace to get an image with Kaspersky Security Center already installed and ready to use. You can use other public cloud services in the usual way.

      • Optimizing updates and saving traffic

        The new mechanism for updating signatures can reduce the traffic volume between the Kaspersky Security Center server and agents by 20 times.

        Further optimization is possible by using a remote workstation as a distribution point. Each distribution point can now also act as a proxy for Kaspersky Security Network in remote environments.

        Reducing the load on communication channels increases their bandwidth and availability for other tasks.

      • Extensive audit capabilities

        Improved endpoint app auditing enables administrators to track changes and rollback to previous policies. An administrator can compare two policies for the same application and get a report on their matching and differing settings. This is especially useful if different administrators have created multiple policies for the same application, or if one top-level policy has been inherited by all local offices and then adapted for each of them.

      BUY

      Kaspersky Security Center is included in:

    • Full system requirements can be found in. Note: below are the minimum RAM and processor requirements for the Administration Server, Administration Console and Network Agent. Review the accompanying user documentation for the complete system requirements before deploying each product.

    Administration Server

    • Hardware Requirements

      • RAM: 4 GB
      • Free disk space: 10 GB. When using Vulnerability Management and Patching, you must have at least 100 GB of free disk space.

    • Software Requirements

      • Microsoft Windows 7/8 / 8.1 / 10
      • Microsoft Windows Server 2008/2008 R2 / 2012/2016 /
      • Microsoft Windows Storage Server 2008 R2 / 2012/2012 R2 / 2016

    • Database server (can be installed on a different device):

      • Microsoft SQL Server 2008 Express 32-bit.
      • Microsoft SQL Server 2008 R2 Express 64-bit.
      • Microsoft SQL Server 2012 Express 64-bit.
      • Microsoft SQL Server 2014 Express 64-bit.
      • Microsoft SQL Server 2016 Express 64-bit.
      • Microsoft SQL Server 2017 Express 64-bit.
      • Microsoft SQL Server 2008 (all editions) 32-bit / 64-bit.
      • Microsoft SQL Server 2008 R2 (all editions) 64-bit.
      • Microsoft SQL Server 2008 R2 Service Pack 2 (all editions) 64-bit.
      • Microsoft SQL Server 2012 (all editions) 64-bit.
      • Microsoft SQL Server 2014 (all editions) 64-bit.
      • Microsoft SQL Server 2016 (all editions) 64-bit.
      • Microsoft SQL Server 2017 on Windows 64-bit.
      • Microsoft SQL Server 2017 on Linux 64-bit.
      • MySQL Standard Edition 5.6 32-bit / 64-bit.
      • MySQL Enterprise Edition 5.6 32-bit / 64-bit.
      • MySQL Standard Edition 5.7 32-bit / 64-bit.
      • MySQL Enterprise Edition 5.7 32-bit / 64-bit.
      • All supported Microsoft SQL Server versions on Amazon Relational Database Service (RDS) and Microsoft Azure.

    Kaspersky Security Center 11 Web Console Server

    • Hardware Requirements

      • CPU: CPU: 4 cores, 2.5 GHz
      • RAM size: 8 GB
      • Hard disk: 40 GB

    • Software Requirements

      Database server:

      • Microsoft SQL Express 2008, 2008 R2, 2012, 2014
      • Microsoft SQL Server 2008, 2008 R2, 2012, 2014, 2016

      • Microsoft Windows x64: 7 SP1, 8, 8.1, and 10
      • Microsoft Windows Server x64: 2008, 2008 R2, 2012, 2012 R2, and 2016

    Kaspersky Security Center Web Console client

    • Software and hardware requirements

      Using the Kaspersky Security Center web console on the client side requires only a web browser (Google Chrome 60 or higher). The hardware and software requirements are identical for the web browser requirements.

    Administration agent

    Minimum requirements for computers on which Network Agent is installed:

    • Hardware Requirements

      • CPU with an operating frequency of 1 GHz or higher. For 64-bit operating systems, the minimum operating CPU frequency is 1.4 GHz.
      • RAM: 512 MB.
      • Free disk space: 1 GB.

      A device with installed Network Agent, which will additionally perform the role of Update Agent, must meet the following requirements:

      • Processor: 3.6 or higher.
      • RAM: 8 GB.
      • Free disk space: from 120 GB.

    • Supported operating systems

      • Microsoft Windows Embedded POSReady 2009 / POSReady 7 / Standard 7/8 / 8.1
      • Microsoft Windows XP SP3 / 7/8 / 8.1 / 10
      • Windows Essential Business Server 2008
      • Windows Small Business Server 2008/2011
      • Microsoft Windows Home Server 2011 64-bit
      • Microsoft Windows MultiPoint Server 2011
      • Microsoft Windows Server 2008/2008 R2 / 2012/2012 R2 / 2016/2019
      • Microsoft Windows Storage Server 2008 R2 / 2012/2012 R2
      • Debian GNU / Linux 7.x / 8.x / 9.x
      • Ubuntu Server / Desktop 14.04 / 16.04 / 18.04
      • CentOS 6.x / 7.0 64-bit
      • Red Hat Enterprise Linux Server 6.x / 7.x
      • SUSE Linux Enterprise Server / Desktop 12
      • OS X 10.10-10.14

    • Supported virtualization platforms

    The application is available as part of Kaspersky Endpoint Security for Business and can be used on a subscription basis with flexible monthly licensing. Check with your local partner for system requirements. You can view the subscription options available in your country.

The larger the network, the more the system administrator (or IT department) tries to automate the management of software products. Antivirus software is no exception in this regard.

Many antivirus vendors have remote administration tools in their arsenal; today we will talk about a similar solution from Kaspersky Lab.

In general, Kaspersky Security Center is a rather serious application, which cannot be described in one article. Therefore, in this article, we will analyze only its deployment.

You can download Kaspersky Security Center. The product itself consists of a server that will need to be deployed, an administration console that can be installed on another computer for remote server administration, a web console as an alternative to the usual one, and an administration agent that is installed on client computers and is responsible for communication between the anti-virus software and the server.

The server itself needs to be deployed only on operating systems of the Windows family. Moreover, the presence of a server edition is optional. Systems from XP and higher are supported, but only in Professional / Enterprise / Ultimate editions. A complete list of supported systems can be found on the website.

In addition, the server needs MS SQL or MySQL for its work (you can also remotely). If there is no ready-made database server at hand, the installer of Kaspersky Security Center will install MS SQL Express itself, which is quite enough for most organizations.

So, to deploy the server, download and run the installation file (I recommend downloading the full distribution). As a test bench, we have selected a computer with the Windows Server 2012 R2 operating system.

You will see a convenient menu in which we are currently interested in the "Install Kaspersky Security Center 10" item.

After starting the installation, you will be prompted to accept the license agreement and select the type of installation. For better control over the installation process, let's note the custom installation.

If there are mobile devices on the network, you can install a separate component to manage their protection.

Indicate the size of your network. This point, however, does not carry any important determining force.

Next, the installation program will ask which user to run the Administration Server service from. You can specify an existing user with admin rights, or you can let the installer create a new one.

The next step is to choose a database server. As already mentioned, there are two options - MS SQL or MySQL. If you do not have a ready-made server, Kaspersky Security Center will carefully deploy MS SQL Express.

At this step during the installation process, you may be in for a small surprise if the .NET Framework 3.5 SP 1 is not installed on your system.

In Windows Server, the .NET Framework 3.5 SP 1 is built-in as a component and only needs to be enabled. If you do not have a server operating system, then you need to go to the Microsoft website and download the installer.

Let's consider the option of including the component in Windows Server. To do this, open the Server Manager and select the "Add Roles and Features" item.

A wizard will start, in which we need to indicate that we are going to install roles or components.


Add Roles and Features Wizard in Windows Server

We select our server and skip the selection of roles. In the list of components we find Functions of the .NET Framework 3.5 and mark them with a tick.


Adding a Component to Windows Server

After that, we will return to the installation of Kaspersky Security Center directly.

We need to select the SQL authentication mode. It can be either a separate account or a current one.

The Kaspersky Security Center server needs a shared folder that client computers can access to receive updates and installation packages. You can create a new folder or specify an existing one.

We indicate the ports through which we will connect to the administration server.

We indicate the address of the server on the network. If the server has and will have a static IP address, you can limit it to it. But it's still more convenient to define the server by name.

The last step before installing is choosing the required plugins. Plugins allow you to manage various anti-virus products of Kaspersky Lab. This is useful if you have a whole zoo of versions. Plugins can also be installed later additionally.

Now all that remains is to observe the installation process. Sometimes plugins are required to accept a separate license agreement.

Installation of Kaspersky Security Center is now complete.

Now let's go over the initial server setup. The administration console installed with the server looks like this:


Administration Console of Kaspersky Security Center

The console can be installed separately. And you even need not to log into the server every time for routine actions.

Servers are listed in the left column. So far, there is only our newly created server there. If you are administering several servers, then just click Add Administration Server.

So, click on the server you just created and the Quick Start Wizard will start. You will be asked to activate the program with a code or key. However, this can be done later.

In addition, the wizard will ask for your consent to participate in the Kaspersky Security Network program. In fact, this is another spy on your computers, which sends data to Kaspersky Lab about which resources you visit and where you catch the infection. This is motivated by the creation of a certain knowledge base. In my opinion, for the end user, the meaning of participation in such a program is questionable.

You will also be asked to specify mailboxes for notifications from the Kaspersky Security Center server. You can skip this step.

After all these steps, the server will start downloading the latest updates from the network. In the future, it will be possible to configure as an update source not a Kaspersky Lab server on the Internet, but an upstream server, if there are several of them on your network.

After downloading the updates and polling the network, the wizard will display a success message and offer to launch the Protection Deployment Wizard on Workstations.

We will talk about deploying protection on workstations in.

The article examines the product of "Kaspersky Lab" Kaspersky Endpoint Security and its use in a corporate environment, as exemplified by our clients

Good day, dear visitor. From the title of the article, you already understood that today we will be talking about protection. In one of the previous articles, I considered a product related to this field of IT, which showed itself well. Today I will tell you about an equally interesting product from Kaspersky Lab, of which we are partners, Kaspersky Endpoint Security. It will be reviewed in a Hyper-V virtual environment, on second generation machines. The server side will be implemented on a Windows Server 2012 R2 domain controller, AD mode Windows Server 2012 R2, and the client side on Windows 8.1.

It should be noted that we constantly use this product in our IT outsourcing practice.

What is Kaspersky Endpoint Security?

Kaspersky Endpoint Security for Windows combines world-class anti-malware technologies with Application Control, Web Control and Device Control, and data encryption - all within a single application. All functionality is managed from a single console, which simplifies the deployment and administration of a wide range of Kaspersky Lab solutions.

Possibilities:

  • Single application
  • Single console
  • Unified politicians

Kaspersky Endpoint Security for Windows is a single application that includes a wide range of critical security technologies, such as:

  • Anti-malware protection (including firewall and intrusion prevention system)
  • Control of workplaces
  • Application control
  • Web Control
  • Device control
  • Data encryption

Kaspersky Endpoint Security differs in the set of included modules containing a different number of modules depending on the edition:

  • STARTING,
  • STANDARD
  • ADVANCED
  • Kaspersky Total Security for Business

In our case, we will use ADVANCED.

The following features are available as part of Kaspersky Endpoint Security for Business STARTING:

The following features are available as part of Kaspersky Endpoint Security for Business STANDARD:

  • Malware protection, firewall and intrusion prevention system
  • Control of workplaces
  • Application control
  • Web Control
  • Device control

... as well as other Kaspersky Lab technologies for IT security

The following features are available as part of Kaspersky Endpoint Security for Business ADVANCED and Kaspersky Total Security for Business:

  • Malware protection, firewall and intrusion prevention system
  • Control of workplaces
  • Application control
  • Web Control
  • Device control
  • Encryption
    ... as well as other Kaspersky Lab technologies for IT security.

Architecture

Server part:

  • Kaspersky Security Center Administration Server
  • Administration Console of Kaspersky Security Center
  • Kaspersky Security Center Network Agent

Client part:

  • Kaspersky Endpoint Security

So let's get started

Installing the Administration Server

In our case, the administration server will be installed on an AD controller in Windows Server 2012 R2 mode. Let's start the installation:

I forgot to clarify, we will use Kaspersky Security Center 10. Install full distribution downloaded from the Kaspersky Lab website, which includes the installation package for Kaspersky Endpoint Security 10, respectively, and Network Agent 10

In the next window of the wizard, select the path for unpacking the distribution kit and click "Install".

After unpacking the distribution kit, we are greeted by the Kaspersky Security Center installation wizard, after clicking the "Next" button, the wizard asks "Network size", since We will have only two clients, one x86, and the other x64 bit, then we indicate "Less than 100 computers in the network."



Set the account under which the Administration Server will start. In our case, the domain administrator account.



Kaspersky Security Center stores all its data in the DBMS. During installation, the wizard prompts you to install Microsoft SQL Server 2008 R2 Express, or, if you have an already installed DBMS, you can select the name of the SQL server and the name of the database.



At the “Administration Server Address” stage, the wizard asks you to specify the server address. we have AD and DNS integrated, it would be more reasonable to specify the server name.



After selecting the plug-ins for management, installation of Kaspersky Security Center will start.



After successful installation and the first launch of Kaspersky Security Center, we are greeted by the Initial Configuration Wizard, in which we can specify the key, accept the agreement to participate in KSN, specify the email address for notifications.




The update parameters are also specified and a policy with tasks is created.



After installation, our server will be installed:

  • Administration Server
  • Administration Console
  • Administration Agent

However, Kaspersky Endpoint Security will not be installed. Let's perform a remote installation, because Administration agent is already installed, then we can deploy Kaspersky Endpoint Security to the server. If there is no administration agent and all incoming connections are denied in Windows Firewall, remote installation will fail. Expand the "Remote Install" node and select "Run the Remote Install Wizard". Select the installation package and click the "Next" button



In the "Select computers for installation" window, select the installation option for computers located in administration groups. Then select the server and click the "Next" button.



A system restart will be required after updating important modules of Kaspersky Endpoint Security. the package is new enough, no reboot is needed. In the choice of credentials, we will leave everything by default, i.e. empty. After clicking the "Next" button, we will see the progress of the installation of Kaspersky Endpoint Security.


Creation of groups

Because Since the policies and tasks intended for servers are different from the policies and tasks of workstations, then we will create groups corresponding to the type of administration for different machines. Expand the "Managed computers" node and select "Groups", click "Create a subgroup". Let's create two subgroups, "Workstations" and "Servers". From the "Managed computers - Computers" menu, using "drag and drop" or "cut & copy", move "DC" to the "Servers" group and create a policy and tasks for this group, different from tasks and policies in the "Managed computers" node ".

Installing Kaspersky Endpoint Security

To install Kaspersky Endpoint Security remotely, you need to disable UAC during installation. The requirement is "inconvenient", so we will create a policy for Windows Firewall in the GPO in which we will allow an incoming connection according to the following predefined File and Printer Sharing rule.

After configuring and distributing Group Policy, let's go to the administration console. Expand the "Administration Server" node and select "Install Kaspersky Anti-Virus", click "Run the Remote Installation Wizard". In the window of the wizard for selecting an installation package, select the required package and click "Next". Select clients in the "Unassigned computers" group and click "Next".

In the next window, we will leave everything as default and click "Next". After the window with the choice of the key, the wizard offers to ask the user about restarting the system after the installation of Kaspersky Endpoint Security is complete, leave it by default and click "Next". At the step "Removing incompatible programs", you can make adjustments, of course, if necessary. Further, the wizard offers to move the client computers to one of the groups, in our case, move them to the "Workstations" group.







As we can see, the console “speaks” about the successful installation of Kaspersky Endpoint Security on client stations.



As we can see, after the installation, the Administration Server transferred the client machines according to the conditions in the remote installation task.



Kaspersky Endpoint Security on a client machine.


Let's create a policy for client stations, in which we enable "Password protection", this is necessary, for example, if the user wants to turn off the anti-virus.

Let's try to disable protection on the client machine.



Rules for moving computers

On the administration server, you can set movement rules for client computers. For example, let's create a situation in which Kaspersky Endpoint Security will be installed on a newly discovered PC. This is useful in a scenario where the organization has a new PC installed.

To automate the deployment of Kaspersky Endpoint Security, we will set the rules for moving for computers. To do this, select the "Unassigned computers" node and select the "Configure rules for moving computers to administration groups" item and create a new rule.




In the created rule, the newly discovered PC will be added to the "Workstations" group from the specified range of IP addresses.

Next, we will create a task for automatic deployment of anti-virus protection for machines on which it is not installed. To do this, select the "Workstations" group and go to the "Tasks" tab. Let's create a task for installing anti-virus protection with an "Immediate" schedule.

So, we can see that the client computer has been added to the Workstations group.

Let's go to the "Tasks" tab and see that the installation task has started.



Let me remind you that the situation was reproduced on a machine without anti-virus protection (although before that I demonstrated remote installation on one of them, after that, the antivirus was removed to demonstrate this scenario) and, as you can see, the installation takes place on a machine without anti-virus protection, a machine with anti-virus protection was not touched. After installing anti-virus protection tools, the KES policy will be applied to this client computer.

Reports

The reports in Kaspersky Endpoint Security are more than informative. For example, let's take a look at the report "About versions of Kaspersky Lab applications".

The report, in some detail, displays information about the installed Kaspersky Lab applications. You can see how many agents, client solutions and servers are installed. Reports can be deleted and added. You can also view the status of anti-virus protection using the "Computer selection", which helps to conveniently sort computers with infected objects or critical events.

In conclusion, I would like to say that only a small part of the Kaspersky Lab anti-virus complex has been reviewed. Management, indeed, is convenient and intuitive. But it is worth noting the huge workload of client systems during the search for viruses and potential threats, this workload is mainly due to heuristic analysis, which requires quite a few resources. The product is very easy to administer and is suitable for both AD and workgroup environments. This product is installed by many of our customers and shows itself only from the good side.

Everything, people, peace to you!



Did you like the article? Share it
Recommended related articles
Russian postal codes Quickly and correctly, or postal code by addressRussian postal codes Quickly and correctly, or postal code by address
When is the best time to go on vacation in Abu DhabiWhen is the best time to go on vacation in Abu Dhabi
Lesson Schedule TemplatesLesson Schedule Templates
Visitors are now discussing
Youth radio clubs, circles, sectionsYouth radio clubs, circles, sections Customization
Radio electronics and clubs for young radio amateurs Robo-sumo competitionsRadio electronics and clubs for young radio amateurs Robo-sumo competitions LG TVs
Youth radio clubs, circles, sectionsYouth radio clubs, circles, sections Problems
Youth radio clubs, circles, sections Organizational conditions for the implementation of the programYouth radio clubs, circles, sections Organizational conditions for the implementation of the program Tenda