Kaspersky Endpoint Agent is installed on separate computers (hereinafter referred to as “hosts”) that belong to the corporate IT infrastructure and run a Microsoft Windows operating system. Continuously monitors processes running on those computers, active network connections, and files that are modified.
Users with Senior security officer, Security officer, Local administrator, and Administrator roles can assess how regularly data is received from hosts on which Kaspersky Endpoint Agent is installed, on the Endpoint Agents tab of the program web interface window for organizations whose data the user is allowed to access. If you are using distributed solution and multitenancy mode, the web interface of the PCN server displays the list of hosts with Kaspersky Endpoint Agent for the PCN and all connected SCNs.
Users with the Local administrator and Administrator roles can configure the display of how regularly data is received from hosts with Kaspersky Endpoint Agent installed, for organizations whose data they are allowed to access.
If suspicious network activity is detected, users with the Senior security officer role can isolate from the network any host with Kaspersky Endpoint Agent, for organizations whose data the user is allowed to access. In this case, the connection between the server with the Central Node component and a host with Kaspersky Endpoint Agent is not interrupted.
To provide support in case of problems with Kaspersky Endpoint Agent, Technical Support staff may ask you to perform the following actions for debugging purposes (including in Technical Support Mode):
Technical Support experts will provide all the information needed to perform these operations (description of the sequence of steps, settings to be modified, configuration files, scripts, additional command line functionality, debugging modules, special-purpose utilities, etc.) and inform you about the scope of data obtained for debugging purposes. The extended diagnostic information that is obtained is saved on the user's computer. The retrieved data is not automatically sent to Kaspersky.
The operations listed above should be performed only when instructed by and under the supervision of Technical Support experts. Unsupervised changes to program settings performed in ways other than those described in the Administrator's Guide or according to the instructions of Technical Support experts can slow down or crash the operating system, reduce computer security, or compromise the availability and integrity of data being processed.