Kaspersky Security Center 13
- Kaspersky Security Center 13 Help
- What's new
- Kaspersky Security Center 13
- About Kaspersky Security Center
- Unsupported operating systems and platforms
- Hardware and software requirements
- Compatible Kaspersky applications and solutions
- Licenses and features of Kaspersky Security Center 13
- About compatibility of Administration Server and Kaspersky Security Center 13 Web Console
- Comparison of Kaspersky Security Center: Windows-based vs. Linux-based
- About Kaspersky Security Center Cloud Console
- Basic concepts
- Administration Server
- Hierarchy of Administration Servers
- Virtual Administration Server
- Mobile Device Server
- Web Server
- Network Agent
- Administration groups
- Managed device
- Unassigned device
- Administrator's workstation
- Management plug-in
- Management web plug-in
- Policies
- Policy profiles
- Tasks
- Task scope
- How local application settings relate to policies
- Distribution point
- Connection gateway
- Architecture
- Main installation scenario
- Ports used by Kaspersky Security Center
- About Kaspersky Security Center certificates
- Schemas for data traffic and port usage
- Administration Server and managed devices on LAN
- Primary Administration Server on LAN and two secondary Administration Servers
- Administration Server on LAN, managed devices on internet, firewall in use
- Administration Server on LAN, managed devices on internet, connection gateway in use
- Administration Server in DMZ, managed devices on internet
- Interaction of Kaspersky Security Center components and security applications: more information
- Conventions used in interaction schemas
- Administration Server and DBMS
- Administration Server and Administration Console
- Administration Server and client device: Managing the security application
- Upgrading software on a client device through a distribution point
- Hierarchy of Administration Servers: primary Administration Server and secondary Administration Server
- Hierarchy of Administration Servers with a secondary Administration Server in DMZ
- Administration Server, a connection gateway in a network segment, and a client device
- Administration Server and two devices in DMZ: a connection gateway and a client device
- Administration Server and Kaspersky Security Center 13 Web Console
- Activating and managing the security application on a mobile device
- Deployment best practices
- Preparation for deployment
- Planning Kaspersky Security Center deployment
- Typical schemes of protection system deployment
- About planning Kaspersky Security Center deployment in an organization's network
- Selecting a structure for protection of an enterprise
- Standard configurations of Kaspersky Security Center
- How to select a DBMS for Administration Server
- Selecting a DBMS
- Managing mobile devices with Kaspersky Endpoint Security for Android
- Providing internet access to Administration Server
- About distribution points
- Calculating the number and configuration of distribution points
- Hierarchy of Administration Servers
- Virtual Administration Servers
- Information about limitations of Kaspersky Security Center
- Network load
- Preparing to mobile device management
- Information about Administration Server performance
- Planning Kaspersky Security Center deployment
- Deploying Network Agent and the security application
- Initial deployment
- Configuring installers
- Installation packages
- MSI properties and transform files
- Deployment with third-party tools for remote installation of applications
- About remote installation tasks in Kaspersky Security Center
- Deployment by capturing and copying the hard drive image of a device
- Deployment using group policies of Microsoft Windows
- Forced deployment through the remote installation task of Kaspersky Security Center
- Running stand-alone packages created by Kaspersky Security Center
- Options for manual installation of applications
- Remote installation of applications on devices with Network Agent installed
- Managing device restarts in the remote installation task
- Suitability of databases updating in an installation package of a security application
- Using tools for remote installation of applications in Kaspersky Security Center for running relevant executable files on managed devices
- Monitoring the deployment
- Configuring installers
- Virtual infrastructure
- Support of file system rollback for devices with Network Agent
- Local installation of applications
- Local installation of Network Agent
- Installing Network Agent in silent mode
- Installing Network Agent for Linux in silent mode (with an answer file)
- Local installation of the application management plug-in
- Installing applications in silent mode
- Installing applications by using stand-alone packages
- Network Agent installation package settings
- Viewing the Privacy Policy
- Initial deployment
- Deploying mobile device management systems
- Deploying a system for management via Exchange ActiveSync protocol
- Deploying a system for management using iOS MDM protocol
- Installing iOS MDM Server
- Installing iOS MDM Server in silent mode
- iOS MDM Server deployment scenarios
- Simplified deployment scheme
- Deployment scheme involving Kerberos constrained delegation (KCD)
- Receiving an APNs certificate
- Renewing an APNs certificate
- Configuring a reserve iOS MDM Server certificate
- Installing an APNs certificate on an iOS MDM Server
- Configuring access to Apple Push Notification service
- Issuing and installing a shared certificate on a mobile device
- Adding a KES device to the list of managed devices
- Connecting KES devices to the Administration Server
- Integration with Public Key Infrastructure
- Kaspersky Security Center Web Server
- Preparation for deployment
- Installation of Kaspersky Security Center
- Preparing for installation
- Accounts for working with the DBMS
- Scenario: Authenticating Microsoft SQL Server
- Recommendations on Administration Server installation
- Creating accounts for the Administration Server services on a failover cluster
- Defining a shared folder
- Remote installation with Administration Server tools through Active Directory group policies
- Remote installation through delivery of the UNC path to a stand-alone package
- Updating from the Administration Server shared folder
- Installing images of operating systems
- Specifying the address of the Administration Server
- Standard installation
- Step 1. Reviewing the License Agreement and Privacy Policy
- Step 2. Selecting an installation method
- Step 3. Installing Kaspersky Security Center 13 Web Console
- Step 4. Selecting network size
- Step 5. Selecting a database
- Step 6. Configuring the SQL Server
- Step 7. Selecting an authentication mode
- Step 8. Unpacking and installing files on the hard drive
- Custom installation
- Step 1. Reviewing the License Agreement and Privacy Policy
- Step 2. Selecting an installation method
- Step 3. Selecting the components to be installed
- Step 4. Installing Kaspersky Security Center 13 Web Console
- Step 5. Selecting network size
- Step 6. Selecting a database
- Step 7. Configuring the SQL Server
- Step 8. Selecting an authentication mode
- Step 9. Selecting the account to start Administration Server
- Step 10. Selecting the account for running the Kaspersky Security Center services
- Step 11. Selecting a shared folder
- Step 12. Configuring the connection to Administration Server
- Step 13. Defining the Administration Server address
- Step 14. Administration Server address for connection of mobile devices
- Step 15. Selecting application management plug-ins
- Step 16. Unpacking and installing files on the hard drive
- Installing Administration Server on a Windows Server failover cluster
- Step 1. Reviewing the License Agreement and Privacy Policy
- Step 2. Selecting the type of installation on a cluster
- Step 3. Specifying the name of the virtual Administration Server
- Step 4. Specifying the network details of the virtual Administration Server
- Step 5. Specifying a cluster group
- Step 6. Selecting a cluster data storage
- Step 7. Specifying an account for remote installation
- Step 8. Selecting the components to be installed
- Step 9. Selecting network size
- Step 10. Selecting a database
- Step 11. Configuring the SQL Server
- Step 12. Selecting an authentication mode
- Step 13. Selecting the account to start Administration Server
- Step 14. Selecting the account for running the Kaspersky Security Center services
- Step 15. Selecting a shared folder
- Step 16. Configuring the connection to Administration Server
- Step 17. Defining the Administration Server address
- Step 18. Administration Server address for connection of mobile devices
- Step 19. Unpacking and installing files on the hard drive
- Installing Administration Server in silent mode
- Installing Administration Console on the administrator's workstation
- Changes in the system after Kaspersky Security Center installation
- Removing the application
- Upgrading Kaspersky Security Center from a previous version
- Initial setup of Kaspersky Security Center
- Administration Server Quick Start Wizard
- About Quick Start Wizard
- Starting Administration Server Quick Start Wizard
- Step 1. Getting acquainted with Quick Start Wizard
- Step 2. Configuring a proxy server
- Step 3. Selecting the application activation method
- Step 4. Selecting the protection scopes and platforms
- Step 5. Selecting plug-ins for managed applications
- Step 6. Downloading distribution packages and creating installation packages
- Step 7. Configuring Kaspersky Security Network usage
- Step 8. Configuring email notifications
- Step 9. Configuring update management
- Step 10. Creating an initial protection configuration
- Step 11. Connecting mobile devices
- Step 12. Downloading updates
- Step 13. Device discovery
- Step 14. Closing the Quick Start Wizard
- Configuring the connection of Administration Console to Administration Server
- Requirements for custom certificates used in Kaspersky Security Center
- Connecting out-of-office devices
- Scenario: Connecting out-of-office devices through a connection gateway
- Scenario: Connecting out-of-office devices through a secondary Administration Server in DMZ
- About connecting out-of-office devices
- Connecting external desktop computers to Administration Server
- About connection profiles for out-of-office users
- Creating a connection profile for out-of-office users
- About switching Network Agent to other Administration Servers
- Creating a Network Agent switching rule by network location
- Encrypt communication with SSL/TLS
- Notifications of events
- Configuring the interface
- Administration Server Quick Start Wizard
- Discovering networked devices
- Scenario: Discovering networked devices
- Unassigned devices
- Device discovery
- Working with Windows domains. Viewing and changing the domain settings
- Configuring retention rules for unassigned devices
- Working with IP ranges
- Working with the Active Directory groups. Viewing and modifying group settings
- Creating rules for moving devices to administration groups automatically
- Using VDI dynamic mode on client devices
- Equipment inventory
- Licensing
- Kaspersky applications. Centralized deployment
- Replacing third-party security applications
- Installing applications using a remote installation task
- Installing applications using Remote Installation Wizard
- Working with the management plug-ins
- Viewing a protection deployment report
- Remote removal of applications
- Working with installation packages
- Creating an installation package
- Creating stand-alone installation packages
- Creating custom installation packages
- Viewing and editing properties of custom installation packages
- Obtaining the Network Agent installation package from the Kaspersky Security Center distribution kit
- Distributing installation packages to secondary Administration Servers
- Distributing installation packages through distribution points
- Transferring application installation results to Kaspersky Security Center
- Defining the KSN proxy server address for installation packages
- Receiving up-to-date versions of applications
- Preparing a Windows device for remote installation. Riprep utility
- Preparing a Linux device for remote installation of Network Agent
- Preparing a macOS device for remote installation of Network Agent
- Kaspersky applications: licensing and activation
- Licensing of managed applications
- Viewing information about license keys in use
- Adding a license key to the Administration Server repository
- Deleting an Administration Server license key
- Deploying a license key to client devices
- Automatic distribution of a license key
- Creating and viewing a license key usage report
- Viewing information about the application license keys
- Configuring network protection
- Scenario: Configuring network protection
- Policy setup and propagation: Device-centric approach
- About device-centric and user-centric security management approaches
- Manual setup of Kaspersky Endpoint Security policy
- Manual setup of the group update task for Kaspersky Endpoint Security
- Manual setup of the group task for scanning a device with Kaspersky Endpoint Security
- Scheduling the Find vulnerabilities and required updates task
- Manual setup of the group task for updates installation and vulnerabilities fix
- Setting the maximum number of events in the event repository
- Setting the maximum storage period for the information about fixed vulnerabilities
- Managing tasks
- Creating a task
- Creating the Administration Server task
- Creating a task for specific devices
- Creating a local task
- Displaying an inherited group task in the workspace of a nested group
- Automatically turning on devices before starting a task
- Automatically turning off a device after a task is completed
- Limiting task run time
- Exporting a task
- Importing a task
- Converting tasks
- Starting and stopping a task manually
- Pausing and resuming a task manually
- Monitoring task execution
- Viewing task run results stored on the Administration Server
- Configuring filtering of information about task run results
- Modifying a task. Rolling back changes
- Comparing tasks
- Accounts to start tasks
- Change Tasks Password Wizard
- Creating a hierarchy of administration groups subordinate to a virtual Administration Server
- Policies and policy profiles
- Hierarchy of policies, using policy profiles
- Managing policies
- Creating a policy
- Displaying inherited policy in a subgroup
- Activating a policy
- Activating a policy automatically at the Virus outbreak event
- Applying an out-of-office policy
- Modifying a policy. Rolling back changes
- Comparing policies
- Deleting a policy
- Copying a policy
- Exporting a policy
- Importing a policy
- Converting policies
- Managing policy profiles
- Device moving rules
- Cloning device moving rules
- Software categorization
- Prerequisites for installing applications on devices of a client organization
- Viewing and editing local application settings
- Updating Kaspersky Security Center and managed applications
- Scenario: Regular updating Kaspersky databases and applications
- About updating Kaspersky databases, software modules, and applications
- About using diff files for updating Kaspersky databases and software modules
- Enabling the Downloading diff files feature: scenario
- Creating the task for downloading updates to the repository of the Administration Server
- Creating the Download updates to the repositories of distribution points task
- Configuring the Download updates to the repository of the Administration Server task
- Verifying downloaded updates
- Configuring test policies and auxiliary tasks
- Viewing downloaded updates
- Automatic installation of Kaspersky Endpoint Security updates on devices
- Offline model of update download
- Enabling and disabling the offline model of update download
- Automatic updating and patching for Kaspersky Security Center components
- Enabling and disabling automatic updating and patching for Kaspersky Security Center components
- Automatic distribution of updates
- Distributing updates to client devices automatically
- Distributing updates to secondary Administration Servers automatically
- Installing updates for software modules of Network Agents automatically
- Assigning distribution points automatically
- Assigning a device a distribution point manually
- Removing a device from the list of distribution points
- Downloading updates by distribution points
- Deleting software updates from the repository
- Patch installation for a Kaspersky application in cluster mode
- Managing third-party applications on client devices
- Installing third-party software updates
- Scenario: Updating third-party software
- Viewing information about available updates for third-party applications
- Approving and declining software updates
- Synchronizing updates from Windows Update with Administration Server
- Installing updates on devices manually
- Configuring Windows updates in a Network Agent policy
- Fixing third-party software vulnerabilities
- Scenario: Finding and fixing third-party software vulnerabilities
- About finding and fixing software vulnerabilities
- Viewing information about software vulnerabilities
- Viewing statistics of vulnerabilities on managed devices
- Scanning applications for vulnerabilities
- Fixing vulnerabilities in applications
- Ignoring software vulnerabilities
- Selecting user fixes for vulnerabilities in third-party software
- Rules for update installation
- Groups of applications
- Scenario: Application Management
- Creating application categories for Kaspersky Endpoint Security for Windows policies
- Creating an application category with content added manually
- Creating an application category with content added automatically
- Adding event-related executable files to the application category
- Configuring application startup management on client devices
- Viewing the results of static analysis of startup rules applied to executable files
- Viewing the applications registry
- Changing the software inventory start time
- About license key management of third-party applications
- Creating licensed applications groups
- Managing license keys for licensed applications groups
- Inventory of executable files
- Viewing information about executable files
- Installing third-party software updates
- Monitoring and reporting
- Scenario: Monitoring and reporting
- Monitoring traffic lights and logged events in Administration Console
- Working with reports, statistics, and notifications
- Working with reports
- Managing statistics
- Configuring event notification
- Creating a certificate for an SMTP server
- Event selections
- Device selections
- Monitoring of applications installation and uninstallation
- Event types
- Blocking frequent events
- Controlling changes in the status of virtual machines
- Monitoring the anti-virus protection status using information from the system registry
- Viewing and configuring the actions when devices show inactivity
- Disabling Kaspersky announcements
- Adjustment of distribution points and connection gateways
- Standard configuration of distribution points: Single office
- Standard configuration of distribution points: Multiple small remote offices
- Assigning a managed device to act as a distribution point
- Connecting a Linux device as a gateway in the demilitarized zone
- Connecting a Linux device to the Administration Server via a connection gateway
- Adding a connection gateway in the DMZ as a distribution point
- Assigning distribution points automatically
- About local installation of Network Agent on a device selected as distribution point
- About using a distribution point as connection gateway
- Adding IP ranges to the scanned ranges list of a distribution point
- Using a distribution point as a push server
- Other routine work
- Managing Administration Servers
- Creating a hierarchy of Administration Servers: adding a secondary Administration Server
- Connecting to an Administration Server and switching between Administration Servers
- Access rights to Administration Server and its objects
- Conditions of connection to an Administration Server over the internet
- Encrypted connection to an Administration Server
- Disconnecting from an Administration Server
- Adding an Administration Server to the console tree
- Removing an Administration Server from the console tree
- Adding a virtual Administration Server to the console tree
- Changing an Administration Server service account. Utility tool klsrvswch
- Changing DBMS credentials
- Resolving issues with Administration Server nodes
- Viewing and modifying the settings of an Administration Server
- Adjusting the general settings of Administration Server
- Administration Console interface settings
- Event processing and storage on the Administration Server
- Viewing log of connections to the Administration Server
- Control of virus outbreaks
- Limiting traffic
- Configuring Web Server
- Reissuing the Web Server certificate
- Working with internal users
- Backup and restoration of Administration Server settings
- Backup copying and restoration of Administration Server data
- Moving Administration Server and a database server to another device
- Avoiding conflicts between multiple Administration Servers
- Two-step verification
- Scenario: configuring two-step verification for all users
- About two-step verification
- Enabling two-step verification for your own account
- Enabling two-step verification for all users
- Disabling two-step verification for a user account
- Disabling two-step verification for all users
- Excluding accounts from two-step verification
- Editing the name of a security code issuer
- Managing administration groups
- Managing client devices
- Connecting client devices to the Administration Server
- Manually connecting a client device to the Administration Server. Klmover utility
- Tunneling the connection between a client device and the Administration Server
- Remotely connecting to the desktop of a client device
- Connecting to devices through Windows Desktop Sharing
- Configuring the restart of a client device
- Auditing actions on a remote client device
- Checking the connection between a client device and the Administration Server
- Identifying client devices on the Administration Server
- Moving devices to an administration group
- Changing the Administration Server for client devices
- Clusters and server arrays
- Turning on, turning off, and restarting client devices remotely
- Access to local tasks and statistics, "Do not disconnect from the Administration Server" check box
- About forced synchronization
- About connection schedule
- Sending messages to device users
- Managing Kaspersky Security for Virtualization
- Configuring the switching of device statuses
- Tagging devices and viewing assigned tags
- Remote diagnostics of client devices. Kaspersky Security Center remote diagnostics utility
- Connecting the remote diagnostics utility to a client device
- Enabling and disabling tracing, downloading the trace file
- Downloading application settings
- Downloading event logs
- Downloading multiple diagnostic information items
- Starting diagnostics and downloading the results
- Starting, stopping, and restarting applications
- UEFI protection devices
- Settings of a managed device
- General policy settings
- Network Agent policy settings
- Managing user accounts
- Working with user accounts
- Adding an account of an internal user
- Editing an account of an internal user
- Changing the number of allowed password entry attempts
- Configuring the check of the name of an internal user for uniqueness
- Adding a security group
- Adding a user to a group
- Configuring access rights to application features. Role-based access control
- Assigning the user as a device owner
- Delivering messages to users
- Viewing the list of user mobile devices
- Installing a certificate for a user
- Viewing the list of certificates issued to a user
- About the administrator of a virtual Administration Server
- Remote installation of operating systems and applications
- Creating images of operating systems
- Installing images of operating systems
- Configuring the KSN proxy server address
- Adding drivers for Windows Preinstallation Environment (WinPE)
- Adding drivers to an installation package with an operating system image
- Configuring sysprep.exe utility
- Deploying operating systems on new networked devices
- Deploying operating systems on client devices
- Creating installation packages of applications
- Issuing a certificate for installation packages of applications
- Installing applications on client devices
- Managing object revisions
- Deletion of objects
- Mobile Device Management
- Scenario: Mobile Device Management deployment
- About group policy for managing EAS and iOS MDM devices
- Enabling Mobile Device Management
- Modifying the Mobile Device Management settings
- Disabling Mobile Device Management
- Working with commands for mobile devices
- Working with certificates of mobile devices
- Starting the Certificate Installation Wizard
- Step 1. Selecting certificate type
- Step 2. Selecting device type
- Step 3. Selecting a user
- Step 4. Selecting certificate source
- Step 5. Assigning a tag to the certificate
- Step 6. Specifying certificate publishing settings
- Step 7. Selecting user notification method
- Step 8. Generating the certificate
- Configuring certificate issuance rules
- Integration with public key infrastructure
- Enabling support of Kerberos Constrained Delegation
- Adding iOS mobile devices to the list of managed devices
- Adding Android mobile devices to the list of managed devices
- Managing Exchange ActiveSync mobile devices
- Managing iOS MDM devices
- Signing an iOS MDM profile by a certificate
- Adding a configuration profile
- Installing a configuration profile on a device
- Removing the configuration profile from a device
- Adding a new device by publishing a link to a profile
- Adding a new device through profile installation by the administrator
- Adding a provisioning profile
- Installing a provisioning profile to a device
- Removing a provisioning profile from a device
- Adding a managed application
- Installing an app on a mobile device
- Removing an app from a device
- Configuring roaming on an iOS MDM mobile device
- Viewing information about an iOS MDM device
- Disconnecting an iOS MDM device from management
- Sending commands to a device
- Checking the execution status of commands sent
- Managing KES devices
- Data encryption and protection
- Data repositories
- Kaspersky Security Network (KSN)
- About KSN
- Setting up access to Kaspersky Security Network
- Enabling and disabling KSN
- Viewing the accepted KSN Statement
- Viewing the KSN proxy server statistics
- Accepting an updated KSN Statement
- Enhanced protection with Kaspersky Security Network
- Checking whether the distribution point works as KSN proxy server
- Switching between Online Help and Offline Help
- Managing Administration Servers
- Export of events to SIEM systems
- Scenario: configuring event export to SIEM systems
- Before you begin
- About events in Kaspersky Security Center
- About event export
- About configuring event export in a SIEM system
- Marking of events for export to SIEM systems in Syslog format
- About exporting events using Syslog format
- About exporting events using CEF and LEEF formats
- Configuring Kaspersky Security Center for export of events to a SIEM system
- Exporting events directly from the database
- Viewing export results
- Using SNMP for sending statistics to third-party applications
- Working in a cloud environment
- About work in a cloud environment
- Checking configuration
- Cloud device group
- Cloud Environment Configuration Wizard
- About the Cloud Environment Configuration Wizard
- Step 1. Selecting the application activation method
- Step 2. Selecting the cloud environment
- Step 3. Authorization in the cloud environment
- Step 4. Configuring synchronization with Cloud and choosing further actions
- Step 5. Configuring Kaspersky Security Network in the cloud environment
- Step 6. Configuring email notifications in the cloud environment
- Step 7. Creating an initial configuration of the protection of the cloud environment
- Step 8. Selecting the action when the operating system must be restarted during installation (for the cloud environment)
- Step 9. Receiving updates by the Administration Server
- Creating installation packages required for Cloud Environment Configuration Wizard
- Database options for work in a cloud environment
- Deployment of Kaspersky Security Center in Yandex.Cloud
- Hardware requirements for the Administration Server in a cloud environment
- Installing applications on devices in a cloud environment
- Licensing options in a cloud environment
- Network segment polling
- Prerequisites for client devices in a cloud environment necessary for work with Kaspersky Security Center
- Prerequisites for deploying Kaspersky Security Center in a cloud environment
- Scenario: Deployment for cloud environment
- Synchronization with cloud
- Using deployment scripts for deploying security applications
- Viewing the properties of cloud devices
- Working in Amazon Web Services cloud environment
- About work in Amazon Web Services cloud environment
- Creating IAM roles and IAM user accounts for Amazon EC2 instances
- Ensuring that the Kaspersky Security Center Administration Server has the permissions to work with AWS
- Creating an IAM role for the Administration Server
- Creating an IAM user account for work with Kaspersky Security Center
- Creating an IAM role for installation of applications on Amazon EC2 instances
- Working with Amazon RDS
- Working in Google Cloud
- Working in Microsoft Azure cloud environment
- Appendices
- Advanced features
- Kaspersky Security Center operation automation. klakaut utility
- Custom tools
- Network Agent disk cloning mode
- Preparing a reference device with Network Agent installed for creating an image of operating system
- Configuring receipt of messages from File Integrity Monitor
- Administration Server maintenance
- User notification method window
- General section
- Device selection window
- Define the name of the new object window
- Application categories section
- Features of using the management interface
- Reference information
- Searching and exporting data
- Settings of tasks
- Global list of subnets
- Usage of Network Agent for Windows, for macOS and for Linux: comparison
- Advanced features
- About Kaspersky Security Center
- Kaspersky Security Center 13 Web Console
- About Kaspersky Security Center 13 Web Console
- Hardware and software requirements for Kaspersky Security Center 13 Web Console
- List of Kaspersky applications and solutions supported by Kaspersky Security Center 13 Web Console
- Deployment diagram of Kaspersky Security Center Administration Server and Kaspersky Security Center 13 Web Console
- Ports used by Kaspersky Security Center 13 Web Console
- Scenario: Installation and initial setup of Kaspersky Security Center 13 Web Console
- Installation
- Configuring the MariaDB x64 server for working with Kaspersky Security Center 13
- Configuring the MySQL x64 server for working with Kaspersky Security Center 13
- Installing Kaspersky Security Center 13 Web Console
- Installation of Kaspersky Security Center 13 Web Console on Linux platforms
- Installing Kaspersky Security Center 13 Web Console connected to Administration Server installed on Windows Server failover cluster nodes
- Upgrading Kaspersky Security Center Web Console
- Specifying certificates for trusted Administration Servers in Kaspersky Security Center 13 Web Console
- Replacing certificate for Kaspersky Security Center 13 Web Console
- Reissuing the certificate for Kaspersky Security Center Web Console
- Converting a PFX certificate to the PEM format
- About migration to Kaspersky Security Center Cloud Console
- Signing in to Kaspersky Security Center 13 Web Console and signing out
- Configuring domain authentication by using the NTLM and Kerberos protocols
- Quick Start Wizard (Kaspersky Security Center 13 Web Console)
- Getting acquainted with Quick Start Wizard
- Step 1. Specifying the internet connection settings
- Step 2. Downloading required updates
- Step 3. Selecting the assets to secure
- Step 4. Selecting encryption in solutions
- Step 5. Configuring installation of plug-ins for managed applications
- Step 6. Downloading distribution packages and creating installation packages
- Step 7. Configuring Kaspersky Security Network
- Step 8. Selecting the application activation method
- Step 9. Specifying the third-party update management settings
- Step 10. Creating a basic network protection configuration
- Step 11. Configuring email notifications
- Step 12. Performing a network poll
- Step 13. Closing the Quick Start Wizard
- Protection Deployment Wizard
- Starting Protection Deployment Wizard
- Step 1. Selecting the installation package
- Step 2. Selecting a method for distribution of key file or activation code
- Step 3. Selecting Network Agent version
- Step 4. Selecting devices
- Step 5. Specifying the remote installation task settings
- Step 6. Restart management
- Step 7. Removing incompatible applications before installation
- Step 8. Moving devices to Managed devices
- Step 9. Selecting accounts to access devices
- Step 10. Starting installation
- Configuring Administration Server
- Configuring the connection of Kaspersky Security Center 13 Web Console to Administration Server
- Viewing log of connections to the Administration Server
- Setting the maximum number of events in the event repository
- Connection settings of UEFI protection devices
- Creating a virtual Administration Server
- Creating a hierarchy of Administration Servers: adding a secondary Administration Server
- Viewing the list of secondary Administration Servers
- Deleting a hierarchy of Administration Servers
- Configuring the interface
- Enabling account protection from unauthorized modification
- Two-step verification
- Scenario: Configuring two-step verification for all users
- About two-step verification
- Enabling two-step verification for your own account
- Enabling two-step verification for all users
- Disabling two-step verification for a user account
- Disabling two-step verification for all users
- Excluding accounts from two-step verification
- Generating a new secret key
- Editing the name of a security code issuer
- Kaspersky applications deployment through Kaspersky Security Center 13 Web Console
- Scenario: Kaspersky applications deployment through Kaspersky Security Center 13 Web Console
- Getting plug-ins for Kaspersky applications
- Downloading and creating installation packages for Kaspersky applications
- Changing the limit on the size of custom installation package data
- Downloading distribution packages for Kaspersky applications
- Checking that Kaspersky Endpoint Security is deployed successfully
- Creating stand-alone installation packages
- Viewing the list of stand-alone installation packages
- Creating custom installation packages
- Distributing installation packages to secondary Administration Servers
- Specifying settings for remote installation on Unix devices
- Mobile Device Management
- Replacing third-party security applications
- Discovering networked devices
- Scenario: Discovering networked devices
- Device discovery
- Device tags
- About device tags
- Creating a device tag
- Renaming a device tag
- Deleting a device tag
- Viewing devices to which a tag is assigned
- Viewing tags assigned to a device
- Tagging a device manually
- Removing an assigned tag from a device
- Viewing rules for tagging devices automatically
- Editing a rule for tagging devices automatically
- Creating a rule for tagging devices automatically
- Running rules for auto-tagging devices
- Deleting a rule for tagging devices automatically
- Managing device tags by using the klscflag utility
- Application tags
- Kaspersky applications: licensing and activation
- Licensing of managed applications
- Adding a license key to the Administration Server repository
- Deploying a license key to client devices
- Automatic distribution of a license key
- Viewing information about license keys in use
- Deleting a license key from the repository
- Revoking consent with an End User License Agreement
- Configuring network protection
- Scenario: Configuring network protection
- About device-centric and user-centric security management approaches
- Policy setup and propagation: Device-centric approach
- Policy setup and propagation: User-centric approach
- Manual setup of Kaspersky Endpoint Security policy
- Manual setup of the group update task for Kaspersky Endpoint Security
- Granting offline access to the external device blocked by Device Control
- Removing applications or software updates remotely
- Rolling back an object to a previous revision
- Tasks
- Managing client devices
- Settings of a managed device
- Creating administration groups
- Creating device moving rules
- Copying device moving rules
- Adding devices to an administration group manually
- Moving devices to an administration group manually
- Viewing and configuring the actions when devices show inactivity
- About device statuses
- Configuring the switching of device statuses
- Remotely connecting to the desktop of a client device
- Connecting to devices through Windows Desktop Sharing
- Device selections
- Policies and policy profiles
- About policies and policy profiles
- About lock and locked settings
- Inheritance of policies and policy profiles
- Managing policies
- Viewing the list of policies
- Creating a policy
- Modifying a policy
- General policy settings
- Enabling and disabling a policy inheritance option
- Copying a policy
- Moving a policy
- Forced synchronization
- Viewing the policy distribution status chart
- Activating a policy automatically at the Virus outbreak event
- Deleting a policy
- Managing policy profiles
- Data encryption and protection
- Users and user roles
- About user roles
- Configuring access rights to application features. Role-based access control
- Adding an account of an internal user
- Creating a security group
- Editing an account of an internal user
- Editing a security group
- Adding user accounts to an internal group
- Assigning a user as a device owner
- Deleting a user or a security group
- Creating a user role
- Editing a user role
- Editing the scope of a user role
- Deleting a user role
- Associating policy profiles with roles
- Kaspersky Security Network (KSN)
- Scenario: Upgrading Kaspersky Security Center and managed security applications
- Updating Kaspersky databases and applications
- Scenario: Regular updating Kaspersky databases and applications
- About updating Kaspersky databases, software modules, and applications
- Creating the Download updates to the Administration Server repository task
- Verifying downloaded updates
- Creating the task for downloading updates to the repositories of distribution points
- Enabling and disabling automatic updating and patching for Kaspersky Security Center components
- Automatic installation of updates for Kaspersky Endpoint Security for Windows
- Approving and declining software updates
- Updating Administration Server
- Enabling and disabling the offline model of update download
- Updating Kaspersky databases and software modules on offline devices
- Adjustment of distribution points and connection gateways
- Managing third-party applications on client devices
- Installing third-party software updates
- Scenario: Updating third-party software
- About third-party software updates
- Installing third-party software updates
- Creating the Find vulnerabilities and required updates task
- Find vulnerabilities and required updates task settings
- Creating the Install required updates and fix vulnerabilities task
- Adding rules for update installation
- Creating the Install Windows Update updates task
- Viewing information about available third-party software updates
- Exporting the list of available software updates to a file
- Approving and declining third-party software updates
- Creating the Perform Windows Update synchronization task
- Updating third-party applications automatically
- Fixing third-party software vulnerabilities
- Scenario: Finding and fixing third-party software vulnerabilities
- About finding and fixing software vulnerabilities
- Fixing third-party software vulnerabilities
- Creating the Fix vulnerabilities task
- Creating the Install required updates and fix vulnerabilities task
- Adding rules for update installation
- Selecting user fixes for vulnerabilities in third-party software
- Viewing information about software vulnerabilities detected on all managed devices
- Viewing information about software vulnerabilities detected on the selected managed device
- Viewing statistics of vulnerabilities on managed devices
- Exporting the list of software vulnerabilities to a file
- Ignoring software vulnerabilities
- Managing applications run on client devices
- Scenario: Application Management
- About Application Control
- Obtaining and viewing a list of applications installed on client devices
- Obtaining and viewing a list of executable files stored on client devices
- Creating application category with content added manually
- Creating application category that includes executable files from selected devices
- Creating application category that includes executable files from selected folder
- Viewing the list of application categories
- Configuring Application Control in the Kaspersky Endpoint Security for Windows policy
- Adding event-related executable files to the application category
- Creating an installation package of a third-party application from the Kaspersky database
- Viewing and modifying the settings of an installation package of a third-party application from the Kaspersky database
- Settings of an installation package of a third-party application from the Kaspersky database
- Installing third-party software updates
- Monitoring and reporting
- Scenario: Monitoring and reporting
- About types of monitoring and reporting
- Dashboard and widgets
- Reports
- Events and event selections
- Using event selections
- Creating an event selection
- Editing an event selection
- Viewing a list of an event selection
- Viewing details of an event
- Exporting events to a file
- Viewing an object history from an event
- Deleting events
- Deleting event selections
- Setting the storage term for an event
- Event types
- Blocking frequent events
- Notifications and device statuses
- Kaspersky announcements
- Device selections
- Kaspersky Security Center 13 Web Console activity logging
- Integration between Kaspersky Security Center and other solutions
- Working with Kaspersky Security Center 13 Web Console in a cloud environment
- Cloud Environment Configuration Wizard in Kaspersky Security Center 13 Web Console
- Step 1. Reading information about the Wizard
- Step 2. Licensing the application
- Step 3. Selecting the cloud environment and authorization
- Step 4. Segment polling, configuring synchronization with Cloud and choosing further actions
- Step 5. Configuring Kaspersky Security Network for Kaspersky Security Center
- Step 6. Creating an initial configuration of protection
- Network segment polling via Kaspersky Security Center 13 Web Console
- Adding connections for cloud segment polling
- Deleting a connection for cloud segment polling
- Configuring the polling schedule via Kaspersky Security Center 13 Web Console
- Viewing the results of cloud segment polling via Kaspersky Security Center 13 Web Console
- Viewing the properties of cloud devices via Kaspersky Security Center 13 Web Console
- Synchronization with Cloud: configuring the moving rule
- Creating Backup of the Administration Server data task by using a cloud DBMS
- Cloud Environment Configuration Wizard in Kaspersky Security Center 13 Web Console
- Remote diagnostics of client devices
- Opening the remote diagnostics window
- Enabling and disabling tracing for applications
- Downloading trace files of an application
- Deleting trace files
- Downloading application settings
- Downloading event logs
- Starting, stopping, restarting the application
- Running the remote diagnostics of Kaspersky Security Center Network Agent and downloading the results
- Running an application on a client device
- Changing the language of the Kaspersky Security Center 13 Web Console interface
- API Reference Guide
- Best Practices for Service Providers
- Planning Kaspersky Security Center deployment
- Deployment and initial setup
- Recommendations on Administration Server installation
- Configuring protection on a client organization's network
- Manual setup of Kaspersky Endpoint Security policy
- Manual setup of the group update task for Kaspersky Endpoint Security
- Manual setup of the group task for scanning a device with Kaspersky Endpoint Security
- Scheduling the Find vulnerabilities and required updates task
- Manual setup of the group task for updates installation and vulnerabilities fix
- Building a structure of administration groups and assigning distribution points
- Hierarchy of policies, using policy profiles
- Tasks
- Device moving rules
- Software categorization
- About multi-tenant applications
- Backup and restoration of Administration Server settings
- Deploying Network Agent and the security application
- Initial deployment
- Configuring installers
- Installation packages
- MSI properties and transform files
- Deployment with third-party tools for remote installation of applications
- General information about the remote installation tasks in Kaspersky Security Center
- Deployment using group policies of Microsoft Windows
- Forced deployment through the remote installation task of Kaspersky Security Center
- Running stand-alone packages created by Kaspersky Security Center
- Options for manual installation of applications
- Creating an MST file
- Remote installation of applications on devices with Network Agent installed
- Managing device restarts in the remote installation task
- Suitability of databases updating in an installation package of an anti-virus application
- Removing incompatible third-party security applications
- Using tools for remote installation of applications in Kaspersky Security Center for running relevant executable files on managed devices
- Monitoring the deployment
- Configuring installers
- Virtual infrastructure
- Support of file system rollback for devices with Network Agent
- Initial deployment
- About connection profiles for out-of-office users
- Deploying the Mobile Device Management feature
- Other routine work
- Sizing Guide
- About this Guide
- Information about limitations of Kaspersky Security Center
- Calculations for Administration Servers
- Calculations for distribution points and connection gateways
- Logging of information about events for tasks and policies
- Specific considerations and optimal settings of certain tasks
- Details of network load spread among Administration Server and protected devices
- Contact Technical Support
- Sources of information about the application
- Glossary
- Active key
- Additional subscription key
- Administration Console
- Administration group
- Administration Server
- Administration Server certificate
- Administration Server client (Client device)
- Administration Server data backup
- Administrator rights
- Administrator's workstation
- Amazon EC2 instance
- Amazon Machine Image (AMI)
- Anti-virus databases
- Anti-virus protection service provider
- Application Shop
- Authentication Agent
- Available update
- AWS Application Program Interface (AWS API)
- AWS IAM access key
- AWS Management Console
- Backup folder
- Broadcast domain
- Centralized application management
- Client administrator
- Cloud environment
- Configuration profile
- Connection gateway
- Demilitarized zone (DMZ)
- Device owner
- Direct application management
- Distribution point
- EAS device
- Event repository
- Event severity
- Exchange Mobile Device Server
- Forced installation
- Group task
- Home Administration Server
- HTTPS
- IAM role
- IAM user
- Identity and Access Management (IAM)
- Incompatible application
- Installation package
- Internal users
- iOS MDM device
- iOS MDM profile
- iOS MDM Server
- JavaScript
- Kaspersky Private Security Network (KPSN)
- Kaspersky Security Center Administrator
- Kaspersky Security Center Operator
- Kaspersky Security Center System Health Validator (SHV)
- Kaspersky Security Center Web Server
- Kaspersky Security Network (KSN)
- Kaspersky update servers
- KES device
- Key file
- License term
- Licensed applications group
- Local installation
- Local task
- Managed devices
- Management plug-in
- Manual installation
- MITM attack
- Mobile Device Server
- Network Agent
- Network anti-virus protection
- Network protection status
- Patch importance level
- Policy
- Profile
- Program settings
- Protection status
- Provisioning profile
- Remote installation
- Restoration
- Restoration of Administration Server data
- Role group
- Service provider's administrator
- Shared certificate
- SSL
- Task
- Task for specific devices
- Task settings
- UEFI protection device
- Update
- Virtual Administration Server
- Virus activity threshold
- Virus outbreak
- Vulnerability
- Windows Server Update Services (WSUS)
- Information about third-party code
- Trademark notices
- Limitations and warnings
Device search settings
Below are descriptions of the settings used for searching managed devices. Search results are displayed in the lower part of the window.
Network
On the Network tab, you can specify the criteria that will be used to search for devices according to their network data:
- Device name or IP address
Windows network name (NetBIOS name) of the device or IPv4 address.
- Windows domain
Displays all devices included in the specified Windows domain.
- Administration group
Displays devices included in the specified administration group.
- Description
Text in the device properties window: In the Description field of the General section.
To describe text in the Description field, you can use the following characters:
- Within a word:
- *. Replaces any string with any number of characters.
Example:
To describe words such as Server or Server's, you can enter Server*.
- ?. Replaces any single character.
Example:
To describe words such as Window or Windows, you can enter Windo?.
Asterisk (*) or question mark (?) cannot be used as the first character in the query.
- To find several words:
- Space. Displays all the devices whose descriptions contain any of the listed words.
Example:
To find a phrase that contains Secondary or Virtual words, you can include Secondary Virtual line in your query.
- +. When a plus sign precedes a word, all search results will contain this word.
Example:
To find a phrase that contains both Secondary and Virtual, enter the +Secondary+Virtual query.
- -. When a minus sign precedes a word, no search results will contain this word.
Example:
To find a phrase that contains Secondary and does not contain Virtual, enter the +Secondary-Virtual query.
- "<some text>". Text enclosed in quotation marks must be present in the text.
Example:
To find a phrase that contains Secondary Server word combination, you can enter "Secondary Server" in the query.
- Within a word:
- IP range
If this option is enabled, you can enter the initial and final IP addresses of the IP range in which the relevant devices must be included.
By default, this option is disabled.
- Managed by a different Administration Server
Select one of the following values:
- Yes. Only the client devices managed by other Administration Servers are considered.
- No. Only the client devices managed by the same Administration Server are considered.
- No value is selected. The criterion will not be applied.
Tags
On the Tags tab, you can configure a device search based on key words (tags) that were previously added to the descriptions of managed devices:
- Apply if at least one specified tag matches
If this option is enabled, the search results will show devices with descriptions that contain at least one of the selected tags.
If this option is disabled, the search results will only show devices with descriptions that contain all the selected tags.
By default, this option is disabled.
- Tag must be included
If this option is selected, the search results will display the devices whose descriptions contain the selected tag. To find devices, you can use the asterisk, which stands for any string with any number of characters.
By default, this option is selected.
- Tag must be excluded
If this option is selected, the search results will display the devices whose descriptions do not contain the selected tag. To find devices, you can use the asterisk, which stands for any string with any number of characters.
Active Directory
On the Active Directory tab, you can specify that devices should be searched for in the Active Directory organizational unit (OU) or group. You can also include devices from all child OUs of the specified Active Directory OU in the selection. To select devices, define the following settings:
- Device is in an Active Directory organizational unit
If this option is enabled, the selection includes devices from the Active Directory unit specified in the entry field.
By default, this option is disabled.
- Include child organizational units
If this option is enabled, the selection includes devices from all child organizational units of the specified Active Directory organizational unit.
By default, this option is disabled.
- This device is a member of an Active Directory group
If this option is enabled, the selection includes devices from the Active Directory group specified in the entry field.
By default, this option is disabled.
Network activity
On the Network activity tab, you can specify the criteria that will be used to search for devices according to their network activity:
- This device is a distribution point
In the drop-down list, you can set up the criterion for including devices in the selection when performing search:
- Yes. The selection includes devices that act as distribution points.
- No. Devices that act as distribution points are not included in the selection.
- No value is selected. The criterion will not be applied.
- Do not disconnect from the Administration Server
In the drop-down list, you can set up the criterion for including devices in the selection when performing search:
- Enabled. The selection will include devices on which the Do not disconnect from the Administration Server check box is selected.
- Disabled. The selection will include devices on which the Do not disconnect from the Administration Server check box is cleared.
- No value is selected. The criterion will not be applied.
- Connection profile switched
In the drop-down list, you can set up the criterion for including devices in the selection when performing search:
- Yes. The selection will include devices that connected to the Administration Server after the connection profile was switched.
- No. The selection will not include devices that connected to the Administration Server after the connection profile was switched.
- No value is selected. The criterion will not be applied.
- Last connected to Administration Server
You can use this check box to set a search criterion for devices according to the time they last connected to the Administration Server.
If this check box is selected, in the entry fields you can specify the time interval (date and time) during which the last connection was established between Network Agent installed on the client device and the Administration Server. The selection will include devices that fall within the specified interval.
If this check box is cleared, the criterion will not be applied.
By default, this check box is cleared.
- New devices detected by network poll
Searches for new devices that have been detected by network polling over the last few days.
If this option is enabled, the selection only includes new devices that have been detected by device discovery over the number of days specified in the Detection period (days) field.
If this option is disabled, the selection includes all devices that have been detected by device discovery.
By default, this option is disabled.
- Device is visible
In the drop-down list, you can set up the criterion for including devices in the selection when performing search:
- Yes. The application includes in the selection devices that are currently visible in the network.
- No. The application includes in the selection devices that are currently invisible in the network.
- No value is selected. The criterion will not be applied.
Application
On the Application tab, you can specify the criteria that will be used to search for devices according to the selected managed application:
- Application name
In the drop-down list, you can set a criterion for including devices in a selection when search is performed by the name of a Kaspersky application.
The list provides only the names of applications with management plug-ins installed on the administrator's workstation.
If no application is selected, the criterion will not be applied.
- Application version
In the entry field, you can set a criterion for including devices in a selection when search is performed by the version number of a Kaspersky application.
If no version number is specified, the criterion will not be applied.
- Critical update name
In the entry field, you can set a criterion for including devices in a selection when search is performed by application name or by update package number.
If the field is left blank, the criterion will not be applied.
- Modules last updated
You can use this option to set a criterion for searching devices by time of the last update of modules of applications installed on those devices.
If this check box is selected, in the entry fields you can specify the time interval (date and time) during which the last update of modules of applications installed on those devices was performed.
If this check box is cleared, the criterion will not be applied.
By default, this check box is cleared.
- Device is managed through Kaspersky Security Center 13
In the drop-down list, you can include in the selection the devices managed through Kaspersky Security Center:
- Yes. The application includes in the selection devices managed through Kaspersky Security Center.
- No. The application includes devices in the selection if they are not managed through Kaspersky Security Center.
- No value is selected. The criterion will not be applied.
- Security application is installed
In the drop-down list, you can include in the selection all devices with the security application installed:
- Yes. The application includes in the selection all devices with the security application installed.
- No. The application includes in the selection all devices with no security application installed.
- No value is selected. The criterion will not be applied.
Operating system
On the Operating system tab, you can set up the following criteria to find devices by their operating system (OS) type:
- Operating system version
If the check box is selected, you can select an operating system from the list. Devices with the specified operating systems installed are included in the search results.
- Operating system bit size
In the drop-down list, you can select the architecture for the operating system, which will determine how the moving rule is applied to the device (Unknown, x86, AMD64, or IA64). By default, no option is selected in the list so that the operating system's architecture is not defined.
- Operating system service pack version
In this field, you can specify the package version of the operating system (in the X.Y format), which will determine how the moving rule is applied to the device. By default, no version value is specified.
- Operating system build
This setting is applicable to Windows operating systems only.
The build number of the operating system. You can specify whether the selected operating system must have an equal, earlier, or later build number. You can also configure searching for all build numbers except the specified one.
- Operating system release ID
This setting is applicable to Windows operating systems only.
The release identifier (ID) of the operating system. You can specify whether the selected operating system must have an equal, earlier, or later release ID. You can also configure searching for all release ID numbers except the specified one.
Device status
On the Device status tab, you can specify criteria for searching devices based on the device status from the managed application:
- Device status
Drop-down list in which you can select one of the device statuses: OK, Critical, or Warning.
- Real-time protection status
Drop-down list, in which you can select the real-time protection status. Devices with the specified real-time protection status are included in the selection.
- Device status description
In this field, you can select the check boxes next to conditions that, if met, assign one of the following statuses to the device:
- Device status defined by application
Drop-down list, in which you can select the real-time protection status. Devices with the specified real-time protection status are included in the selection.
Protection components
On the Protection components tab, you can set up the criteria to search for client devices by their protection status.
- Databases released
If this option is selected, you can search for client devices by anti-virus database release date. In the entry fields you can set the time interval, on the basis of which the search is performed.
By default, this option is disabled.
- Last scanned
If this check option is enabled, you can search for client devices by time of the last virus scan. In the entry fields you can specify the time period within which the last virus scan was performed.
By default, this option is disabled.
- Total number of threats detected
If this option is enabled, you can search for client devices by number of viruses detected. In the entry fields you can set the lower and upper threshold values for the number of viruses found.
By default, this option is disabled.
Applications registry
On the Applications registry tab, you can configure the search for devices according to applications installed on them:
- Application name
Drop-down list in which you can select an application. Devices on which the specified application is installed, are included in the selection.
- Application version
Entry field in which you can specify the version of selected application.
- Vendor
Drop-down list in which you can select the manufacturer of an application installed on the device.
- Application status
A drop-down list in which you can select the status of an application (Installed, Not installed). Devices on which the specified application is installed or not installed, depending on the selected status, will be included in the selection.
- Find by update
If this option is enabled, search will be performed using the details of updates for applications installed on the relevant devices. After you select the check box, the Application name, Application version, and Application status fields change to Update name, Update version, and Status respectively.
By default, this option is disabled.
- Incompatible security application name
Drop-down list in which you can select third-party security applications. During the search, devices on which the specified application is installed, are included in the selection.
- Application tag
In the drop-down list, you can select the application tag. All devices that have installed applications with the selected tag in the description are included in the device selection.
Hierarchy of Administration Servers
On the Hierarchy of Administration Servers tab, check the Include data from secondary Administration Servers (down to level) box if you want the information stored on secondary Administration Servers to be considered while searching for devices, and in the entry field, you can specify the nesting level of secondary Administration Server from which information is considered while searching for devices. By default, this check box is cleared.
Virtual machines
On the Virtual machines tab, you can configure the search for devices according to whether these are virtual machines or part of virtual desktop infrastructure (VDI):
- This is a virtual machine
In the drop-down list, you can select the following options:
- Not important.
- No. Find devices that are not virtual machines.
- Yes. Find devices that are virtual machines.
- Virtual machine type
In the drop-down list, you can select the virtual machine manufacturer.
This drop-down list is available if the Yes or Not important value is selected in the This is a virtual machine drop-down list.
- Part of Virtual Desktop Infrastructure
In the drop-down list, you can select the following options:
- Not important.
- No. Find devices that are not part of Virtual Desktop Infrastructure.
- Yes. Find devices that are part of the Virtual Desktop Infrastructure (VDI).
Hardware
On the Hardware tab, you can configure search for client devices according to their hardware:
- Device
In the drop-down list, you can select a unit type. All devices with this unit are included in the search results.
The field supports the full-text search.
- Vendor
In the drop-down list, you can select the name of a unit manufacturer. All devices with this unit are included in the search results.
The field supports the full-text search.
- Description
Description of the device or hardware unit. Devices with the description specified in this field are included in the selection.
A device's description in any format can be entered in the properties window of that device. The field supports the full-text search.
- Inventory number
Equipment with the inventory number specified in this field will be included in the selection.
- CPU frequency, in MHz
The frequency range of a CPU. Devices with CPUs that match the frequency range in these fields (inclusive) will be included in the selection.
- Virtual CPU cores
Range of the number of virtual cores in a CPU. Devices with CPUs that match the range in these fields (inclusive) will be included in the selection.
- Hard drive volume, in GB
Range of values for the size of the hard drive on the device. Devices with hard drives that match the range in these entry fields (inclusive) will be included in the selection.
- RAM size, in MB
Range of values for the size of the device RAM. Devices with RAMs that match the range in these entry fields (inclusive) will be included in the selection.
Vulnerabilities and updates
On the Vulnerabilities and updates tab, you can set up the criterion to search for devices according to their Windows Update source:
- WUA is switched to Administration Server
You can select one of the following search options from the drop-down list:
- Yes. If this option is selected, the search results will include devices that receive updates through Windows Update from the Administration Server.
- No. If this option is selected, the results will include devices that receive updates through Windows Update from another sources.
Users
On the Users tab, you can set up the criteria to search for devices according to the accounts of users who have logged in to the operating system.
- Last user who logged in to the system
If this option is enabled, click the Browse button to specify a user account. The search results include devices on which the specified user performed the last login to the system.
- User who logged in to the system at least once
If this option is enabled, click the Browse button to specify a user account. The search results include devices on which the specified user logged in to the system at least once.
Status-affecting problems in managed applications
On the Status-affecting problems in managed applications tab, you can set up search for devices according to descriptions of their statuses provided by the managed application:
- Device status description
You can select check boxes for descriptions of statuses from the managed application; upon receipt of these statuses, the devices will be included in the selection. When you select a status listed for several applications, you have the option to select this status in all of the lists automatically.
Statuses of components in managed applications
On the Statuses of components in managed applications tab, you can set up the criteria to search for devices according to the statuses of components in managed applications:
- Data Leakage Prevention status
Search for devices by the status of Data Leakage Prevention (No data from device, Stopped, Starting, Paused, Running, Failed).
- Collaboration servers protection status
Search for devices by the status of server collaboration protection (No data from device, Stopped, Starting, Paused, Running, Failed).
- Anti-virus protection status of mail servers
Search for devices by the status of Mail Server protection (No data from device, Stopped, Starting, Paused, Running, Failed).
- Endpoint Sensor status
Search for devices by the status of the Endpoint Sensor component (No data from device, Stopped, Starting, Paused, Running, Failed).
Encryption
- Encryption
Advanced Encryption Standard (AES) symmetrical block cipher algorithm. In the drop-down list, you can select the encryption key size (56-bit, 128-bit, 192-bit, or 256-bit).
Available values: AES56, AES128, AES192, and AES256.
Cloud segments
On the Cloud segments tab, you can configure a search based on whether a device belongs to specific cloud segments:
- Device is in a cloud segment
If this option is enabled, you can click the Browse button to specify the segment to search.
If the Include child objects option is also enabled, the search is run on all child objects of the specified segment.
Search results include only devices from the selected segment.
- Device discovered by using the API
In the drop-down list, you can select whether a device is detected by API tools:
- AWS. The device is discovered by using the AWS API, that is, the device is definitely in the AWS cloud environment.
- Azure. The device is discovered by using the Azure API, that is, the device is definitely in the Azure cloud environment.
- Google Cloud. The device is discovered by using the Google API, that is, the device is definitely in the Google Cloud environment.
- No. The device cannot be detected by using the AWS, Azure, or Google API, that is, it is either outside the cloud environment or it is in the cloud environment but it cannot be detected by using an API.
- No value. This condition does not apply.
Application components
This section contains the list of components of those applications that have corresponding management plug-ins installed in Administration Console.
In the Application components section, you can specify criteria for including devices in a selection according to the statuses and version numbers of the components that refer to the application that you select:
- Status
Search for devices according to the component status sent by an application to the Administration Server. You can select one of the following statuses: No data from device, Stopped, Starting, Paused, Running, Malfunction, or Not installed. If the selected component of the application installed on a managed device has the specified status, the device is included in the device selection.
Statuses sent by applications:
- Starting—The component is currently in the process of initialization.
- Running—The component is enabled and working properly.
- Paused—The component is suspended, for example, after the user has paused protection in the managed application.
- Malfunction—An error has occurred during the component operation.
- Stopped—The component is disabled and not working at the moment.
- Not installed—The user did not select the component for installation when configuring custom installation of the application.
Unlike other statuses, the No data from device status is not sent by applications. This option shows that the applications have no information about the selected component status. For example, this can happen when the selected component does not belong to any of the applications installed on the device, or when the device is turned off.
- Version
Search for devices according to the version number of the component that you select in the list. You can type a version number, for example
3.4.1.0, and then specify whether the selected component must have an equal, earlier, or later version. You can also configure searching for all versions except the specified one.
|
See also: |