Kaspersky Administration Kit 8.0

 
 
 

What does client computer icon color mean (client computer status description)

Back to "Host Maintenance"
2012 Jan 23 ID: 2777
 
 
 
 

Applies to Kaspersky Administration Kit 8.0

Each PC assigned to an administration group has a status in logical network: OK, Warning, or Critical. The color of the PC icon next to its name changes according to its current status. Besides the color, the icon of a client PC may also change its brightness.

PC icon may have one of the following colors:

    •  (green) - status ОК.
    •  (yellow) - status Warning.
    •  (red) - status Critical.

You can choose conditions for assigning Warning or Critical status to PCs on the Computer status tab of the settings of the group housing the given client computer. If none of the conditions are met, a computer is assigned with the status OK.

The option Inherit is enabled for subgroups by default. That means that conditions for assigning status are inherited form the parent group. Still an administrator can manage these conditions by checking/unchecking boxes and changing values of certain options.

In order to manage options and their values, uncheck the box Inherit, select the condition you want to change, right-click it, and choose Modify in the contextual menu. A window will open where you can modify the condition value under which the option will apply.

 


Let us review all available conditions for assigning a Warning or Critical status to a client PC. Some of them are enabled by default.

Critical status:

    • No Kaspersky Anti-Virus installed (enabled by default).

    • Many viruses detected. When the number of viruses detected on a client PC reaches the set value, the PC will be assigned with Critical status. You can enter any value within the range of 0 to 32767. The calculation is based on the basis of events registered on the Administration server. You can select which events to register in the Administration server database in corresponding antivirus application policy settings on the tab Events.

    • Real-time protection status differs from the status set by the administrator. A client PC will become “red” if its Real-time protection status differs from the one you set here as the condition value. 

      InformationIt only makes sense to use this condition for assigning Warning or Critical status for user(s) having permission to change Real-time protection settings (Modification of Real-time protection settings and disabling it are not locked in the policy settings).

    • Not scanned for a long time (enabled by default with the value of 14 days). You can enter any value within the range of 1 to 32767 (days).

    • Databases are outdated (enabled by default with the value of 14 days). You can enter any value within the range of 1 to 32767 (days).

    • Not connected for a long time (enabled by default with the value of 14 days). Number of days a client PC has not established connection with the Administration Server. You can enter any value within the range of 1 to 32767 (days).

    • There are unprocessed objects. There are objects on the PC scan/disinfection of which has been put off. To view the list of such objects go to the Administration console node Repositories > Unprocessed files.
      Waiting for reboot (enabled by default). It is necessary to reboot the computer after installing software or new bases/modules.

    • License expired (enabled by default with the value of 0) – you should install a new key file on client computers.

    • Out of control (enabled by default). Impossible to establish connection to the Administration Agent on the client PC, but the PC responds to the ping command. It may mean that the Administration Agent was removed from the client PC.

    • Protection is off (enabled by default). All the protection components have been stopped or there is a failure of one of the components.

    • Kaspersky Anti-Virus is not running (enabled by default).

Warning status:

    • No Kaspersky Anti-Virus installed (enabled by default).
    • Many viruses detected (described above).
    • Real-time protection status differs from the status set by the administrator (described above).
    • Not scanned for a long time (enabled by default with the value of 7 days).
    • Databases are outdated (enabled by default with the value of 7 days).
    • Not connected for a long time (enabled by default with the value of 7 days).
    • There are unprocessed objects (enabled by default with the value of 0).
    • Waiting for reboot (enabled by default).
    • License expires soon (enabled by default with the value of 7 days).

 

InformationIf one of the following conditions is met:

    • Protection is off
    • Kaspersky Anti-Virus is not running
    • Real-time protection status differs from the status set by the administrator

Icon color will change only after 3 synchronization periods pass (15 minutes by default) with an interval of 3 minutes at least. In order to speed up protection status changes you can run a manual Client-Server synchronization – select the option All tasks>Force synchronization from the contextual menu of a client PC and press F5 to refresh results in the Console.

Although conditions for Critical and Warning status are configured independently, Critical status conditions have a higher priority regardless of set condition values. It means that if a client PC meets conditions for both types of status, it will be assigned with Critical status. It also makes no sense to assign a condition with a value for Warning status higher than that for Critical.
For example, if the Databases are outdated condition value is set to 1 for Critical status and is left equal to 7 (default value) for Warning status, the PC will be assigned with Critical status, and will never get the Warning status even if the databases will not be updated during another 5 days.

Brightness of the PC icon indicates if the client PC has connected to the Administration Server within a set interval of time. If the icon is pale, it means that the Agent has not established connection with the Server within the set interval of time. The interval is 60 minutes by default. You can change it in Administration Server properties tab Settings field Computer visibility timeout (min).

InformationIf the port UDP 13000 is open on the Administration server, shutting down a client PC will change its icon brightness immediately regardless of the value set in the field Computer visibility timeout (min).

 

 
 
 
 
Did the provided info help you?
Yes No