Adjustment of distribution points and connection gateways

A structure of administration groups in Kaspersky Security Center Cloud Console serves the following functions:

• Sets the scope of policies

  There is an alternate way of applying relevant settings on devices, by using policy profiles. In this case, the scope of policies is set with tags, device locations in Active Directory organizational units, membership in Active Directory security groups, etc.

• Sets the scope of group tasks

  There is an approach to defining the scope of group tasks that is not based on a hierarchy of administration groups: use of tasks for device selections and tasks for specific devices.

• Sets access rights to devices and secondary Administration Servers
• Assigns distribution points

When building the structure of administration groups, you must take into account the topology of the organization's network for the optimum assignment of distribution points. The optimum distribution of distribution points enables you to save traffic in the organization's network.

Depending on the organizational schema and network topology, the following standard configurations can be applied to the structure of administration groups:

• Single office
• Multiple small remote offices

Devices functioning as distribution points must be protected, including physical protection, against any unauthorized access.

In this section Calculating the number and configuration of distribution points Standard configuration of distribution points: Single office Standard configuration of distribution points: Multiple small remote offices Assigning distribution points manually Modifying the list of distribution points for an administration group Using a distribution point as a push server Using the "Do not disconnect from the Administration Server" option to provide continuous connectivity between a managed device and the Administration Server

See also: Scenario: Discovering networked devices Scenario: Kaspersky applications initial deployment

Page top