Applies to Kaspersky Administration Kit 8.0
Kaspersky Administration Kit allows to control virus activity on client PCs within a logical network. This is done by the event Virus Outbreak gathered from the entire network. This function is very important during virus outbreaks. It allows quick reaction when there is a threat of a virus outbreak.
The event Virus Outbreak is based on Kaspersky Anti-Virus malware detection events registered on the Administration Server. The Administration Server counts the amount of events of this type. When the amount reaches the Virus Outbreak level, this event will be generated. When such an event is generated, the Administration Server may send notifications about a virus outbreak, and/ or activate policies with more strict antivirus protection settings.
The malware detection events counter considers only the information received from the master administration Server client PCs. Configuration of the event Virus Outbreak is individual for each slave Administration Server.
In order for an Administration Server to be able to generate Virus Outbreak events:
- Configure each antivirus application policy to register malware detection events on the Administration Server. Events of this type may have different names depending on the antivirus version: Detection of viruses, worms, Trojans, hack tools; Infected objects detected; Virus detected, etc. Check the box On Administration Server for (days) in Properties of these events.
- Configure the Virus Outbreak settings on the tab Virus Outbreak of Administration Server policy or Administration Server properties:
This event may be registered for several types of applications. Generation of this event for one group of applications does not affect its generation for another group:
- Anti-Viruses for Workstations and File Servers
- Kaspersky Anti-Virus 5.0 for Windows Workstations
- Kaspersky Anti-Virus SOS 5.0
- Kaspersky Anti-Virus 5.0 for Windows File Servers
- Kaspersky Anti-Virus 6.0 for Windows Workstations
- Kaspersky Anti-Virus 6.0 SOS
- Kaspersky Anti-Virus 6.0 for Windows Servers
- Kaspersky Anti-Virus 6.0 for Windows Servers Enterprise Edition
- Kaspersky Anti-Virus 5.7 for Novell NetWare
- Kaspersky Anti-Virus Mobile 6.0 Enterprise Edition
- Kaspersky Mobile Security 7.0 Enterprise Edition
- Kaspersky Anti-Virus 5.7 for Linux Workstations and File Servers
- Perimeter defense anti-virus
- Kaspersky Anti-Virus 5.6 for ISA Server 2000 Enterprise Edition
- Mail system anti-virus
- Kaspersky Anti-Virus 5.5 for Microsoft Exchange Server 2000/2003
- Kaspersky Security 5.5 for Microsoft Exchange Server 2003
In order to enable virus outbreak recognition check the boxes of the desired application types and set the desired virus activity threshold for generation of a Virus Outbreak event:
- In the field Viruses – quantity of viruses to be detected in the logical network by the given application type;
- In the field In (min) – a period of time during which the set above quantity of viruses has been detected.
The frequency with which a Virus Outbreak event will be generated depends on the event settings. If the event is set to generate when 5 viruses have been detected in 1 hour, then the event will generate each hour or less frequently.
In order to configure notification about a generated Virus Outbreak event:
Open Administration Server policy settings or Administration Server settings, go to the tab Events, and click Properties. In this window you can configure notification settings.
In order to configure automatic activation of special policies in case of a Virus Outbreak:
- Create special policies with more strict protection settings.
- Open Administration Server policy settings or Administration Server settings, go to the tab Virus Outbreak, and click Configure policies to activate on “Virus Outbreak” event. In the new window select the desired policies.