NOTE! This condition should be used to grant the computer either Critical or Warning status only if the user has the right to change real-time protection settings. I.e. real-time protection settings are not locked and can be modified.
Pay attention for different versions of Kaspersky Anti-Virus for Windows Workstations/ File Servers real-time protection statuses are different. That is why when choosing the Real-time protection level differs from that set by the administrator parameter take into consideration the list of statuses which real-time protection can take.
PAY ATTENTION, for the scan to be “full”, the My Computer object must be included in the list of objects for scan! Even if you select all discs to be scanned, but do not check the My Computer checkbox, such scan is not considered full.
In version 6.0 applications full computer scan includes system memory, startup objects, system restore, mailboxes, hard and removable drives.
The Warning status:
Anti-virus application is not installed (enabled by default).
Too many viruses detected (see above).
Real-time protection level differs from that set by the administrator (see above).
Full computer scan has not been performed for a very long time, days (enabled by default with the 7 days value).
Antivirus database is outdated (enabled by default with the 7 days value)
Host has not connected to Administration Server for a very long (enabled by default with the 7 days value)
Remember, the color of the icon will change only after 3 synchronization periods (by default 15 minutes) with the interval not less than 3 minutes. To change the status quicker produce force synchronization of the Client and the Server – run the Synchronize command from the context menu of the client computer and click F5 to refresh the result in the Console.
Parameters for the Critical and Warning statuses are configured separately from each other. But the conditions of the Critical status have a higher priority. I.e. if for a client computer conditions of both levels are executed, then the Critical status will be granted to the computer. Also there is no need for the same conditions for the Warning status give more time then for the Critical status.
For example, if for the Critical status the value parameter Antivirus database has not been updated for a very long time, days number 1 is granted, and for the Warning status the same condition is with the default parameter – 7, then after the computer is given the Critical status, even if antivirus database is not updated during the next 5 days, computer will never get the Warning status.
Brightness of the computer icon shows if the computer connects with the Administration Server or not. If the icon is not bright, then the Agent did not connect to the Server during the set time period. The default period is 60 minutes. This parameter can be changed in Server > Properties >the Settings tab > the Host visibility timeout, min field.
NOTE! As soon as the computer is switched off the icon color becomes not bright irrespective of the parameter defined in the Host visibility timeout, min field.
Back to the tabs list
The Security tab
On this tab you can grant permission to users of the corporate network to manage the group.
The Inherit parameter is configured by default for nested groups: i.e. permission rights are inherited from parent group. But with the parameter unchecked the administrator can change the rights – add/delete accounts, change rights for any account.
NOTE! Rights of the KLAdmins (local, domain) group cannot be changed.
Back to the tabs listOn the Update Agent tab
Update Agent is a computer of the administration group which stores and spreads database update and installation packages within its group: i.e. it is an intermediate storage of databases and packages.
These data are delivered on client computers of the group only if Network Agent is installed on these computers!
Update Agents get:
- databases of known threats – as soon as they are delivered on the Administration Server (automatically). Only the data required by the group are copied.
- installation packages – once the product deployment task of the package is started. The Update Agent gets the package only if the task is set at least one computer of its group.
The data received from the Administration Server are stored in the setup folder of the Network Agent (subfolder $FTTmp).
The location of the folder with updates and installation packages cannot be either changed or restricted in size.
The databases are delivered on client computers when the databases update task, in whose settings Administration Server is defined as an update resource, is run. If the Use multicast option is enabled, installation packages are delivered on client computers automatically.
If a client computer does not find new databases or an installation package in the Update Agent’s storage, it will go to the Administration Server storage directly to get the same data.
To form the list of the Update Agents, right-click Administration group > Properties > the Update Agent tab; on the tab create the Update Agents list. Once the Agent is added, its connection parameters with other client computers of the group can be set:
- Configure the ports by which client computers will connect to the Update Agent. By default ports 14000 and 13000 are set (for secure connection).
If the Administration Server- computer is set as an Update Agent, then by default the ports 14001 and 13001 are used for interaction of the Update Agent and the Clients.
If multicast is enabled all computers even those for which installation is not defined will get the installation package. If you uncheck Use multicast then before installing the application the installed Network Agent will go to the Update Agent storage to get the installation package.
New installation packages are multicast once within a group. If when multicasting the client computer was disconnected from the enterprise logical network then the Network Agent automatically downloads the necessary installation package from the Update Agent when the installation task is launched.
Back to the tabs list