Viewing the protection status and Kaspersky Security for Windows Server information

To view information about the device protection status of Kaspersky Security for Windows Server,

select the Kaspersky Security node in the Application Console tree.

By default, information in the details pane of the Application Console is refreshed automatically:

Every 10 seconds in case of a local connection.
Every 15 seconds in case of a remote connection.

You can refresh the information manually.

To refresh information in the Kaspersky Security node manually,

select the Refresh command in the context menu of the Kaspersky Security node.

The following application information is displayed in the details pane of the Application Console:

Kaspersky Security Network Usage status.
Device protection status.
Information about database and application module updates.
Actual diagnostic data.
Data about protected device control tasks.
License information.
Status of integration with Kaspersky Security Center: details of the server with Kaspersky Security Center installed and to which the application is connected; information about application tasks controlled by the active policy.

Different colors are used to indicate the protection status:

Green. The task is being run in accordance with the configured settings. Protection is active.
Yellow. The task was not started, has been paused, or has been stopped. Security may be threatened. We recommend that you configure and start the task.
Red. The task ended with an error or a security threat was detected while the task was running. We recommend that you start the task or take measures to eliminate the detected security threat.

Some details in this block (for example, task names or the number of threats detected) are links that take you to the node of the relevant task or open the task log.

The Kaspersky Security Network Usage section displays the current task status, for example, Running, Stopped or Never performed. The indicator can take the following values:

Green – The KSN Usage task is running and URL status requests are being sent to KSN.
Yellow – One of the Statements is accepted, but the task is not running; or URL status requests are not being sent to KSN.

Server protection

The Server protection section (see the table below) displays information about the device's current protection status.

Information about the device protection status

Protection section	Information
Device protection status indicator	The color of the panel with the section name reflects the status of tasks being performed in the section. The indicator can take the following values: Green – This color is displayed by default and signifies that the Real-Time File Protection component is installed and the task is running. Yellow – The Real-Time File Protection component is not installed, or the Critical Areas Scan task has not been performed for a long time. Red – The Real-Time File Protection task is not running.
Real-Time File Protection	Task status – Current task status, for example, Running or Stopped. Detected – Number of objects detected by Kaspersky Security for Windows Server. For example, if Kaspersky Security for Windows Server detects one malware program in five files, the value in this field increases by one. If the number of detected malware programs exceeds 0, the value is highlighted in red.
Critical Areas Scan	Last scan date – Date and time of the last Critical Areas Scan for viruses and other computer security threats. Never performed – An event that occurs when the Critical Areas Scan task has not been performed in the last 30 days or longer (default value). You can change the threshold for generating this event.
Traffic security	Task status – Current task status, for example, Running or Stopped. Outlook add-in – Installed or not installed.
Exploit prevention	Status – Current status of exploit prevention techniques, for example, Applied or Not Applied. Prevention mode – One of two available modes, selected during configuration of process memory protection: Terminate on exploit or Statistics only. Processes protected – Total number of processes added to the protection scope and handled in accordance with the selected mode.
Backed up objects	Backup free space threshold exceeded – This event occurs when the amount of free space in Backup is approaching the specified limit. Kaspersky Security for Windows Server continues to move objects to Backup. In this case, the value in the Space used field is highlighted in yellow. Maximum Backup size exceeded – This event occurs when the Backup size has reached the specified limit. Kaspersky Security for Windows Server continues to move objects to Backup. In this case, the value in the Space used field is highlighted in red. Backed up objects – Number of objects currently in Backup. Space used – Amount of Backup space used.

Update

The Update section (see the table below) displays information about how up-to-date the anti-virus databases and application modules are.

Information about the status of Kaspersky Security for Windows Server databases and modules

Update section	Information
Status indicator for databases and software modules	The color of the panel with the section name reflects the status of application databases and modules. The indicator can take the following values: Green – This color is displayed by default and signifies that application databases are up to date and that the last Database Update task was successful. Yellow – Databases are out of date, or the last database update task failed. Red – The Application databases are extremely out of date or Application databases are corrupted event has occurred.
Database Update and Software Modules Update	Database status – An evaluation of the Database Update task status. It can take the following values: Application database is up to date – Application databases were updated no more than 7 days ago (default). Application database is out of date – Application databases were updated between 7 and 14 days ago (default). Application database is extremely out of date – Application databases were updated more than 14 days ago (default). You can change the thresholds for generating the Application database is out of date and Application database is extremely out of date events. Database release date – Date and time of the release of the latest database update. The date and time are specified in UTC format. Status of the latest completed Database Update task – Date and time of the latest database update. The date and time are specified according to the local time of the protected device. The field is red if the Failed event occurred. Number of module updates available – Number of Kaspersky Security for Windows Server module updates available to be downloaded and installed. Number of module updates installed – Number of installed Kaspersky Security for Windows Server module updates.

Update section

Information

Status indicator for databases and software modules

The color of the panel with the section name reflects the status of application databases and modules. The indicator can take the following values:

Green – This color is displayed by default and signifies that application databases are up to date and that the last Database Update task was successful.
Yellow – Databases are out of date, or the last database update task failed.
Red – The Application databases are extremely out of date or Application databases are corrupted event has occurred.

Database Update and Software Modules Update

Database status – An evaluation of the Database Update task status.

It can take the following values:

Application database is up to date – Application databases were updated no more than 7 days ago (default).
Application database is out of date – Application databases were updated between 7 and 14 days ago (default).
Application database is extremely out of date – Application databases were updated more than 14 days ago (default).
You can change the thresholds for generating the Application database is out of date and Application database is extremely out of date events.

Database release date – Date and time of the release of the latest database update. The date and time are specified in UTC format.

Status of the latest completed Database Update task – Date and time of the latest database update. The date and time are specified according to the local time of the protected device. The field is red if the Failed event occurred.

Number of module updates available – Number of Kaspersky Security for Windows Server module updates available to be downloaded and installed.

Number of module updates installed – Number of installed Kaspersky Security for Windows Server module updates.

Control

The Control section (see the table below) displays information about the Applications Launch Control, Device Control, Anti-Cryptor and Firewall Management tasks.

Information about protected device control status

Control section	Information
Status indicator for protected device control	The color of the panel with the section name reflects the status of tasks being performed in the section. The indicator can take the following values: Green – This color is displayed by default and signifies that Applications Launch Control component is installed and the task is running in the Active mode. Yellow – Applications Launch Control is running in Statistics only mode. Red – The Applications Launch Control task is not running or has failed.
Applications Launch Control	Task status – Current task status, for example, Running or Stopped. Operation mode – One of the two available Applications Launch Control task modes: Active Statistics only Applications launches denied – Number of attempts to start applications blocked by Kaspersky Security for Windows Server during the Applications Launch Control task. If the number of blocked application launches exceeds 0, the field is red. Average processing time (ms) – Time taken by Kaspersky Security for Windows Server to process an attempt to start applications on the protected device.
Device control	Task status – Current task status, for example, Running or Stopped. Operation mode – One of two available Device Control task modes: Active Statistics only Devices blocked – Number of attempts to connect an external device that were blocked by Kaspersky Security for Windows Server during the Device Control task. If the number of blocked external devices exceeds 0, the field is red.
Anti-Cryptor	Task status – Current task status, for example, Running or Stopped. Operation mode – One of the two available Anti-Cryptor task modes: Active Statistics only Hosts blocked – Number of hosts that displayed malicious activity and were blocked when attempting to connect to the protected device.
Firewall Management	Task status – Current task status, for example, Running or Stopped. Connection attempts blocked – Number of connections to a protected device that were blocked by the specified firewall rules.

Diagnostics

The Diagnostics section (see the table below) displays information about the File Integrity Monitor and Log Inspection tasks.

Information about System Inspection status

Diagnostics section	Information
Diagnostics status indicator	The color of the panel with the section name reflects the status of tasks being performed in the section. The indicator can take the following values: Green – This color is displayed by default and signifies that one or both system inspection components are installed and the tasks are running. Yellow – Both components are installed, but one of the system inspection tasks is not running; the Not running event occurred. Red – One of the tasks failed.
File Integrity Monitor	Task status – Current task status, for example, Running or Stopped. Non-sanctioned file operations – Number of changes to files within the monitoring scope. These changes may indicate that the security of a protected device has been breached.
Log Inspection	Task status – Current task status, for example, Running or Stopped. Possible violations – Number of recorded violations based on data from the Windows Event Log. This number is determined based on the specified task rules or using the heuristic analyzer.

The Kaspersky Security for Windows Server licensing information is displayed in the row in the bottom left corner of the details pane of the Kaspersky Security node.

You can configure Kaspersky Security for Windows Server properties by following the Application properties link.

You can connect to a different protected device by following the Connect to another computer link.

To review detailed information about the Network Attached Storage Protection tab, see the Kaspersky Security for Windows Server Implementation Guide for Network Storage Protection.

Page top