Configuring Kaspersky Sandbox device status display
Kaspersky Security Center Web Console displays devices for which integration is configured in managed device groups. Health status of these devices is displayed on the dashboard. If problems are encountered with these devices, Kaspersky Security Center Web Console displays the Critical or Warning status to alert the administrator.
Since Kaspersky Sandbox is not a standard workstation managed using Kaspersky Security Center Web Console, you must separately configure the display of Kaspersky Sandbox device status in Kaspersky Security Center Web Console.
To correctly display the status of Kaspersky Sandbox devices in Kaspersky Security Center Web Console, you must place Kaspersky Sandbox servers into a separate managed device group.
To configure Kaspersky Sandbox device status display in Kaspersky Security Center Web Console:
In the main window of Web Console, select the Devices → Group hierarchy section.
This opens the group list; in the list, click the link with the name of the group for which you want to change the device status switching.
This opens a window; in this window, select the Device status tab.
Under Critical and Warning, turn off the following conditions that are turned on by default for standard workstations managed using Kaspersky Security Center (for details about device statuses, see Kaspersky Security Center Online Help):
Security application is not installed. Network Agent is installed on the device but the security application is not installed.
Too many viruses detected. A virus scanning task, for example, the Virus scan task, has found viruses on the device, and the number of viruses is above the specified value.
Real-time protection level differs from the level set by the Administrator. The device is visible on the network, but the real-time protection level differs from the level set by the administrator in the status device condition.
Virus scan has not been performed in a long time. The device is visible on the network, and the security application is installed on the device, but the virus scan task has not been performed for more than the specified time. This condition applies only to devices that were added to the Administration Server database 7 or more days ago.
Active threats are detected. The number of unprocessed objects in the Unprocessed files folder exceeds the specified value.
Restart is required. The device is visible on the network, but the application has been waiting for a device restart for more than the specified time because of one of selected reasons.
Incompatible applications are installed. The device is visible on the network, but an inventory of application software performed by the Network Agent has detected incompatible installed applications.
Software vulnerabilities have been detected. The device is visible on the network and the Network Agent is installed but the Find vulnerabilities and required updates task has scanned the device and detected software vulnerabilities with the specified severity level.
Check for Windows Update updates has not been performed in a long time. The Find vulnerabilities and required updates task has not been run for the specified time.
Invalid encryption status. Network Agent is installed on the device and the encryption result of the device is equal to the value displayed.
Mobile device settings do not comply with the policy. Mobile device settings differ from settings specified in the policy of Kaspersky Endpoint Security for Androidâ„¢ when checked for adherence to compliance rules.
Unprocessed incidents detected. Unprocessed incidents detected on the device. Incidents can be created either automatically by Kaspersky managed applications installed on the client device or manually by the administrator.
Protection is disabled. The device is visible on the network, but the security application on the device has been turned off for more than the specified time.
Security application is not running. The device is visible on the network and the security application is installed on the device but is not running. Turn on the toggle switch next to the condition in the list.
Under Critical, turn on the following conditions:
License expired. The device is visible on the network, but its license has expired.
Device status defined by the application. The device status is defined by the managed application. Kaspersky Sandbox servers that encounter a self diagnostics problem have the status Critical: Problems with the Kaspersky Sandbox server. The server does not receive objects for scanning.
Under Warning, turn on the following conditions:
License expires soon. The device is visible on the network, but the license will expire in less than the specified number of days.
Databases are outdated. Double-click to open the status conditions window and enter 1 as the value. Kaspersky Sandbox servers that have not successfully run the database update task for over a day have the Warning status.
Click Save.
Kaspersky Sandbox device status display is configured.
The status of all devices in the Kaspersky Sandbox device group that have no problems changes to OK/Visible on the network.
The list of devices that have problems is updated in accordance with the settings.