Concerning to Kaspersky Administration Kit 6.0 MP1
To enable communication between the clients and the Administration Server, the client computers must be connected to the Server. The Network Agent installed on clients provides this functionality.
The following operations require connection to the server:
- Refreshing the list of applications installed on client computers
- Synchronization of policies, application settings, tasks, and task settings
- Updating the information on applications and tasks running on client computers
- Receiving by Server information about shutting down client computers
- Delivery of events to be processed on the server
In most cases, client computers connect to the Server. Automatic synchronization is performed at regular time intervals defined by the Network Agent settings (for example, once every15 (fifteen) minutes). The time interval is set in the policies of the Network Agent on the Settings tab (the Connection period checkbox). Information about an event is sent to the server immediately after the event occurs on a client computer. TCP-port 14000 should be opened on the computer on which the Administration Server is installed for this type of connection.
For example: after installation the Network Agent connects to the Administration Server and transfers the data about the client computer to the Server database.
The second type of connection, when the Server initiates the connection, is also used to retrieve data from client computers – update the lists of applications and tasks running on the client and refresh application statistics. To enable connection, the UDP port 15000 is opened on the client computer. The Server sends a connection query to the client's 15000 UDP port. In response, the server rights to connect to the client are verified (based on a digital signature), and, if the signature is valid, the connection is established.
The administrator can force synchronization to start by clicking the Synchronize command on the shortcut menu of a client computer. In this case, the second type of connection is used.
Sometimes real-time control over the applications on client computers is required, and the Server fails to connect to the client by some reasons (the connection is firewall-protected, ports are blocked on a client, the IP-address is unknown, etc) – then to keep connection between the Server and the Client the administrator can check the Keep connection checkbox in the properties of the client computer. The connection is kept after the checkbox has been checked and the Client has been connected to the Server for the first time.
Data exchange between clients and the Administration Server and connections of the Console to the Administration Server can be secured by SSL protocol (Secure Socket Layer). SSL protocol is responsible for authentication of communicating parities, encryption of the data being transferred, and verification of data integrity. Data integrity ensures that the data has not been corrupted or altered in transit. An SSL-enabled connection involves authentication of both sides of a network communication session and encryption of data using the closed key method. To ensure secure connection between the Client and the Server the 13000 TCP-port should be opened on the Administration Server.
In order the Administration Server would get information about switching off client computers, 13000 UDP-port should be opened on it.