Scenario: Monitoring and reporting

This section provides a scenario for configuring the monitoring and reporting feature in Kaspersky Security Center Cloud Console.

Prerequisites

After you deploy Kaspersky Security Center Cloud Console on an organization's network you can start to monitor it and generate reports on its functioning.

Stages

Configuring monitoring and reporting on an organization's network proceeds in stages:

1. Configuring the switching of device statuses

   Get acquainted with the settings for device statuses depending on specific conditions. By changing these settings, you can change the number of events with Critical or Warning importance levels. When configuring the switching of device statuses, be sure of the following:

   • New settings do not conflict with the information security policies of your organization.
   • You are able react to important security events on your organization's network in a timely manner.
2. Configuring notifications about events on client devices

   How-to instructions: Configure notification (by email) of events on client devices

   We recommend configuring automatic event forwarding to a SIEM system for long-term storage of Kaspersky application events. This also enables prompt email notifications about security events and faster response to them.

3. Changing the response of your security network to the Virus outbreak event

   You can change the specific thresholds in the Administration Server properties. You can also create a stricter policy that will be activated or create a task that will be run at the occurrence of this event.

4. Reviewing the security status of your organization's network

   How-to instructions:

   • Review the Protection status widget
   • Generate and review the Report on protection status
   • Generate and review the Report on errors
5. Locating client devices that are not protected

   How-to instructions:

   • Review the New devices widget
   • Generate and review the Report on protection deployment
6. Checking protection of client devices

   How-to instructions:

   • Generate and review reports from the Protection status and Threat statistics categories
   • Start and review the Critical event selection
7. Reviewing license information

   How-to instructions:

   • Add the License key usage widget to the dashboard and review it
   • Generate and review the Report on usage of license keys

Results

Upon completion of the scenario, you are informed about protection of your organization's network and, thus, can plan actions for further protection.

See also: About types of monitoring and reporting Dashboard and widgets Administration and protection reports Events and event selections Notifications and device statuses Kaspersky announcements Receiving license expiration warning Cloud Discovery

Page top