Installing the Kaspersky security center 10 administration server. Installing Kaspersky Security Center

This material, was prepared for professionals involved in management antivirus protection and safety at the enterprise.

The most interesting functionality of the latest versions is described and analyzed on this page. Kaspersky Endpoint Security 10 and Kaspersky central management console Security Center 10.

The information was selected based on the experience of communication by NovaInTech specialists with system administrators, heads of IT departments and security departments of organizations that are just switching to Kaspersky anti-virus protection, or are going through the process of switching from using the 6th version of the anti-virus on client computers and the Administration management console Kit 8.B the latter case, when anti-virus protection from Kaspersky Lab is already in use, it is also common for IT specialists to not know the most interesting moments in the work of new versions of products that really help make life easier for these same IT specialists, and at the same time increase the level of security and reliability.

After reading this article and watching the videos, you can briefly familiarize yourself with the most interesting functionality that the latest version of the Kaseprky Security Center and Kaspersky Endpoint Security management console provides and see how it works.

1. Installation of the Kaspersky Security Center 10 administration server.

You can find the necessary distribution kits on the official Kaspersky Lab website:

ATTENTION! To the distribution full version Kaspersky Security Center is already included in the Kaspersky Endpoint distribution kit Security latest versions.

First of all, I would like to talk about where to start installing anti-virus protection from Kaspersky Lab: Not with the anti-viruses themselves on client computers, as it might seem at first glance, but with the installation of the administration server and the central management console Kaspesky Security Center (KSC ). Using this console, you can deploy anti-virus protection on all computers in your organization much faster. In this video you will see that after installing and minimally configuring the KSC administration server, it becomes possible to create an installer for an anti-virus solution for client computers, which even a completely untrained user can install (I think every administrator has such “users”) - the installation interface contains only 2 buttons - “Install” and “Close”.

The administration server itself can be installed on any computer that is always on or is maximally accessible; this computer must be visible to other computers on the network, and it is very important for it to have access to the Internet (for downloading databases and synchronizing with the KSN cloud).

Watch the video, even if you have installed the center console before, but previous versions- perhaps you will hear and see something new for yourself...

DID YOU LIKE THE VIDEO?
We do the same supply of Kaspersky products. And even more - we provide technical support. We care about our clients.

2. Setting up centralized management on computers with Kaspersky already installed.

It is often found that in small organizations, system administrators install and configure anti-virus protection on each computer manually. Thus, the time they spend on maintaining anti-virus protection increases and they do not have enough time for some more important tasks. There are cases when administrators, simply due to lack of time, simply do not know that corporate versions of anti-virus protection from Kaspersky Lab generally have centralized management, and do not know that there is no need to pay anything for this miracle of civilization.

In order to “link” already installed client antiviruses with the administration server, you need very little:

• Install the administration server (First section of this article).
• Install the administration server agent (NetAgent) on all computers - I will tell you about the installation options in the attached video below.
• After installing the administration server agent, the computers, depending on your settings, will be either in the “Non-distributed computers” section or in the “Managed computers” section. If the computers are in “Not distributed computers”, they will need to be transferred to “Managed computers” and configure a policy that will apply to them.

After these steps, your computers will be visible to you from the central console, users will no longer be able to manage the antiviruses installed on their machines and, as a result, there will be fewer infections and less headaches for the administrator.

In the video below, I will try to describe scenarios for installing NetAgents on client computers, depending on how your network is structured.

Kaspersky Endpoint Security 10 for Windows is one of best solutions to protect private local network, or the organization's network. The program is installed on a computer that is base station, but protects all network components. This scheme of work allows you to save on licenses, because it is enough to equip one computer with anti-virus software, and not all. This is why Kaspersky Endpoint Security - best option for large organizations.
Like other Kaspersky products, Endpoint security has all the necessary elements to comprehensive protection. They work independently of each other, which allows you to configure protection settings from highest precision. For example, you can disable verification of downloaded files, but leave site security monitoring. This achieves maximum performance and efficiency. You can download Kaspersky Endpoint Security for free to evaluate it functionality and quality GUI. The program can be easily installed on regular home computers under Windows control 7/8/10. Of course, both 32 and 64 bit versions are supported.

Technically, this version is a regular antivirus software with added special tools for centralized communication of several devices, as well as a number of specific utilities that guarantee greater security when working on the network. By using Endpoint Security, you can be sure that your organization's data will remain private and that all kinds of spyware will not be able to access it.

Many tests have been carried out which have shown that Windows system, supplemented antivirus solution Kaspersky is not susceptible to all existing threats. This also contributes to cloud technology, which identifies malware not only by signatures, but also by behavioral characteristics of the program. This approach does not allow on a computer with installed Kaspersky Endpoint Security download files infected with unique viruses.

Additional features of KES 10:

• Control of devices installed on the computer;
• Monitoring the network and browser status;
• IM and mail protector;
• Encryptor of hard and removable drives;
• Anti-DdoS.

Dear colleagues! Today I want to tell you about the Kaspersky Anti-Virus Administration System. The thing, I'll tell you, is very interesting.

Using it, you can take control of all computers in your organization in terms of allowing/prohibiting the opening of sites, allowing/prohibiting the launch of programs, including by certain categories (for example, you can prohibit the launch of all browsers except certain ones), allowing/denying connections any equipment - flash drives, hard drives and so on (for example, to prevent users from leaking information), also automate the update of keys for Kaspersky antivirus, minimize traffic consumption when updating antiviruses (after installing KSC and configuring antiviruses installed on workstations on it, they will be updated from this server, and not from the Internet). To install KSC version 10, according to the technical consultant of Kaspersky Lab in Privolzhsky federal district– Pavel Aleksandrova, Windows OS is suitable (not necessarily server) with at least 2-4 GB RAM. Recently, the Smart Solutions company conducted a Practical Master Class on laptops, where your humble servant was able to personally familiarize himself with this creation of Kaspersky Lab. Kaspersky Security Center 10, as Pavel said, is provided free of charge for those who own corporate license for KES (Kaspersky Endpoint Security) 10. Fortunately for us, fellow programmers/system administrators budgetary institutions Republic of Tatarstan, you don’t need to buy anything - all the necessary tools are available from the GIST network at kav.tatar.ru. And also, for your convenience, colleagues, I post video tutorials kindly provided by Igor Aleksandrovich, a company specialist NovaInTech -> Link to video tutorials on Youtube. If after watching the video you still have any questions, I will be happy to help you on Skype (lisischko).

P.S. You can make your Kaspersky Anti-Virus management server subordinate to the TsIT KSC, I won’t say what advantages this gives - I didn’t do this myself, but it is described on the website kav.tatar.ru

Note1: The list of executable files was not replenished on the server, even by the newly created “Inventory” task, until the checkbox was checked in the “ section Additional options” – “Reports and storage” – Inform the administration server “About running programs” in the Anti-Virus policy.

Note4: From time to time, on computers controlled by KSC, everything starts to freeze. The task manager showed that the system is being loaded by the “Kaspersky Security Center Vulnerability Assessment & Patch Management Component” process ( executable file vapm.exe). Analysis of the problem showed that when the system was slowing down, the task “Search for vulnerabilities and required updates” was being performed, transferring this task to manual start and stopping solved the problem. Also, there is an option to uncheck “run missed tasks” in the task schedule (without transferring the launch to manual mode), but I did not try this option, due to the decision that this function was unnecessary for us. UPD: not even half an hour had passed after stopping the task and switching its launch mode to manual, when some trigger started it again. There's no time to figure it out. I deleted the “Search for vulnerabilities and required updates” task; you can always add it later.

How more network, the more system administrator(or IT department) is trying to automate management software products. Antivirus software is no exception in this regard.

Many antivirus manufacturers have in their arsenal tools remote administration, Today we'll talk about a similar decision from Kaspersky Lab.

In general, Kaspersky Security Center is a rather serious application, which definitely cannot be described in one article. Therefore, in this article we will analyze only its deployment.

You can download Kaspersky Security Center. The product itself consists of a server that will need to be deployed, an administration console that can be installed on another computer for remote administration of the server, a web console as an alternative to the usual one, and an administration agent that is installed on client computers and is responsible for communicating anti-virus software with the server.

The server itself must be deployed only on operating systems Windows family. Moreover, the presence of a server edition is not necessary. Systems from XP and higher are supported, but only in the Professional/Enterprise/Ultimate editions. WITH full list Supported systems can be found on the website.

In addition, the server requires MS SQL or MySQL (remote is possible) to operate. If ready server There are no databases at hand, the Kaspersky Security Center installer will install MS itself SQL Express, which is quite sufficient for most organizations.

So, to deploy the server, download and run installation file(I recommend downloading full distribution). As test bench we have selected a computer with an operating system Windows Server 2012 R2.

You will see a convenient menu in which we are now interested in the “Install Kaspersky Security Center 10” item.

After the installation starts, you will be prompted to accept license agreement, and also select the installation type. For better control Above the installation process we will mark a custom installation.

If you have mobile devices on your network, you can install a separate component to manage their security.

Enter the size of your network. This item, however, does not carry any important determining force.

Next, the installation program will ask under which user to run the administration server service. You can specify an existing user with admin rights or allow the installer to create a new one.

The next step is to select a database server. As already mentioned, there are two options here - MS SQL or MySQL. If you do not have a ready-made server, Kaspersky Security Center will carefully deploy MS SQL Express.

At this step in the installation process you may be waiting for little surprise if it is not installed on your system. NET Framework 3.5SP 1.

Windows Server .NET Framework 3.5 SP 1 is built in as a feature and only needs to be enabled. If you do not have a server room operating system, then you need to go to the Microsoft website and download the installer.

Let's consider the option of enabling the component in Windows Server. To do this, open Server Manager and select “Add roles and features.”

A wizard will launch in which we need to indicate that we are going to install roles or components.

We select our server and skip the selection of roles. In the list of components, find .NET Framework 3.5 Functions and check them.

After this, we will return to installing Kaspersky Security Center itself.

We need to select the SQL authentication mode. This could be separate account, and the current one.

The Kaspersky Security Center server requires shared folder, which client computers could access to receive updates and installation packages. You can create new folder or specify an existing one.

We indicate the ports through which we will connect to the administration server.

Specify the server address on the network. If the server has and will static IP address, you can limit yourself to them. But it’s still more convenient to identify the server by name.

The last step before installation is to select required plugins. Plugins allow you to manage various antivirus products Kaspersky Lab. This is useful if you have a whole “zoo” of versions. Plugins can also be installed later.

Now all that remains is to watch the installation process. Sometimes plugins require you to accept a separate license agreement.

Installing Kaspersky Security Center is complete.

Now let's go over the initial server setup. The administration console installed with the server looks like this:

The console can also be installed separately. And it’s even necessary so as not to log into the server every time for routine actions.

The left column lists the servers. For now there is only our newly created server. If you administer several servers, then simply click Add Administration Server.

So, click on the newly created server and the Wizard will launch initial setup. You will be asked to activate the program using a code or key. However, this can be done later.

In addition, the wizard will ask for your consent to participate in the Kaspersky program Security Network. Essentially, this is another spy on your computers that sends Kaspersky Lab data about what resources you access and where you pick up the infection. This is motivated by the creation of a certain knowledge base. In my opinion, for end user The point of participating in such a program is questionable.

You will also be asked to indicate mailboxes for notifications from Kaspersky server Security Center. You can skip this step.

After all these steps the server will start loading latest versions updates from the network. In the future, you can configure not the Kaspersky Lab server on the Internet as an update source, but an upstream server, if there are several of them on your network.

After downloading updates and polling the network, the wizard will display a successful completion message and offer to run the Deploy Protection on Workstations Wizard.

We will talk about deploying protection on workstations in.

Kaspersky program Security Center is a unique tool that allows you to control the security of corporate networks and centrally manage various instruments security

Application

Benefits of the program

The Control Center is responsible for monitoring the activities of programs, their opening and blocking of harmful software. It influences all applications and programs installed on computers that are associated with corporate network. The administrator controls user activity by either adjusting their own security settings or using standard templates.

Kaspersky Security Center constantly checks the system for weak points, updates security components, monitors the availability of updates for running software. When checking the system, the program provides reports on its actions. Reports are generated automatically when activated regular inspection, however, the tool is capable of generating them at the user’s request and converting them into files PDF formats, HTML and XML.

Intuitively clear interface, which the program is equipped with, makes the user’s work easier.

Main features:

• Protection for both desktop and mobile devices.
• Supports devices with different operating systems.
• Control is carried out either by several users or by one administrator.
• Blocking unwanted software.
• Convenient security policy settings, the ability to apply as standard profiles, and creating your own.