Kaspersky Security for Windows Server
11
English

Contents

[Topic 146666]

About the KSN Usage task

Kaspersky Security Network (also referred to as "KSN") is an infrastructure of online services providing access to Kaspersky's operative knowledge base on the reputation of files, web resources and programs. Kaspersky Security Network allows Kaspersky Security for Windows Server to react very promptly to new threats, improves the performance of several protection components, and reduces the likelihood of false positives.

To start the KSN Usage task, you must accept the Kaspersky Security Network Statement.

Information received by Kaspersky Security for Windows Server from Kaspersky Security Network pertains only to the reputation of programs and URLs.

Participation in KSN allows Kaspersky to receive real-time information about types and sources of new threats, develop ways to neutralize them, and reduce the number of false positives in application components.

More detailed information about the transferring, processing, storage, and destruction of information about application usage is available in the Data handling window of the KSN Usage task, and in the Privacy Policy on the Kaspersky's website.

Participation in Kaspersky Security Network is voluntary. The decision regarding participation in Kaspersky Security Network is made after installation of Kaspersky Security for Windows Server. You can change your decision about participation in Kaspersky Security Network at any time.

Kaspersky Security Network can be used in the following Kaspersky Security for Windows Server tasks:

  • Real-Time File Protection.
  • On-Demand Scan.
  • Applications Launch Control.
  • Traffic Security.
  • RPC Network Storage Protection.
  • ICAP Network Storage Protection.

Kaspersky Private Security Network

See details about how to configure Kaspersky Private Security Network (hereinafter referred to "Private KSN") in the Kaspersky Security Center Help.

If you use Private KSN on the device, in the Data handling window of the KSN Usage task you can read the KSN Statement and enable the task by selecting the I confirm that I have fully read, understood, and accept the terms of participation in Kaspersky Security Network check box. By accepting the terms you agree to send all types of data mentioned in KSN Statement (security requests, statistical data) to KSN services.

After accepting the Private KSN terms, the check boxes that adjust the Global KSN usage are not available.

If you disable Private KSN when the KSN Usage task is running, the License violation error occurs and the task stops. To continue protecting the device you need to accept the KSN Statement in the Data handling window and restart the task.

Withdrawal of the KSN Statement acceptance

You can withdraw the acceptance and stop any data exchange with the Kaspersky Security Network at any moment. The following actions are considered as the full or partial withdrawal of KSN Statement:

  • Clearing the Send data about scanned files check box: the application stops sending checksums of scanned files to KSN service for analysis.
  • Clearing the Send data about requested URLs check box: the application stops sending URLs for analysis.
  • Clearing the Send Kaspersky Security Network statistics check box: the application stops processing data with additional KSN statistics.
  • Clearing the I confirm that I have fully read, understood, and accept the terms of participation in Kaspersky Security Network check box: the application stops all KSN-related data processing, the KSN Usage task stops.
  • Clearing the Accept the terms of the Kaspersky Managed Protection Statement check box: the KMP service will be disabled.
  • Uninstalling the KSN Usage component: all KSN-related data processing stops.
  • Uninstalling the Kaspersky Security for Windows Server: all KSN-related data processing stops.
Page top
[Topic 146667]

Default KSN Usage task settings

You can change the default settings of the KSN Usage task (see the table below).

Default KSN Usage task settings

Setting

Default Value

Description

Action to perform on KSN untrusted objects

Remove

You can specify actions that Kaspersky Security for Windows Server will take on objects identified by KSN as untrusted.

Data transfer

The file checksum (MD5 hash) is calculated for files that do not exceed 2 MB in size.

You can specify the maximum size of files for which a checksum is calculated using the MD5 algorithm for delivery to KSN. If the check box is cleared, Kaspersky Security for Windows Server calculates the MD5 hash for files of any size.

Task start schedule

First run is not scheduled.

You can start the task manually or configure a scheduled start.

Use Kaspersky Security Center as KSN Proxy

Selected

By default the data is sent to KSN via Kaspersky Security Center.

You can change this setting only via the Administration Plug-in.

I confirm that I have fully read, understood, and accept the terms of participation in Kaspersky Security Network

Cleared

If selected, participation in KSN after the installation is accepted. You can change your decision at any moment.

Send Kaspersky Security Network statistics

Selected (applied only if the KSN Statement is accepted)

If the KSN Statement is accepted, the KSN Statistics will be sent automatically, unless you clear the check box.

Send data about scanned files

Selected (applied only if the KSN Statement is accepted)

If the KSN Statement is accepted, the data about files that were scanned and analyzed since the task has been started, is sent. You can clear the check box at any time.

Send data about requested URLs

Selected (applied only if the KSN Statement is accepted)

If the KSN Statement is accepted, the application sends information about the accessed URLs to Kaspersky.

Accept the terms of the Kaspersky Managed Protection Statement

Cleared

You can enable or disable the KMP service. The service available only if the additional agreement has been signed during the application purchase process.

Page top
[Topic 181564]

Managing KSN Usage via the Administration Plug-In

In this section, learn how configure the KSN Usage task and Data Handling via the Administration Plug-In.

In this section

Configuring the KSN Usage task

Configuring data handling
Page top
[Topic 180768]

Configuring the KSN Usage task

To configure the KSN Usage task:

  1. Expand the Managed devices node in the Kaspersky Security Center Administration Console tree.
  2. Select the administration group for which you want to configure application settings.
  3. Perform one of the following actions in the details pane of the selected administration group:
    • To configure application settings for a group of protected devices, select the Policies tab and open the Properties: <Policy name> window.
    • To configure the application for a single protected device, select the Devices tab and open the Application settings window.

      If an active Kaspersky Security Center policy is applied to a device and blocks changes to application settings, then these settings cannot be edited in the Application settings window.

  4. In the Real-time server protection section, click the Settings button in the KSN Usage subsection.

    The KSN Usage window opens.

  5. On the General tab, configure the following task settings:
    • In the Action to perform on KSN untrusted objects section, specify the action that Kaspersky Security for Windows Server is to perform if it detects an object identified by KSN as untrusted:
      • Remove
      • Log information
    • In the Data transfer section, restrict the size of files for which the checksum is calculated:
      • Clear or select the
        Do not calculate checksum before sending to KSN if file size exceeds (MB)
         check box.
      • If required, in the field to the right, change the maximum size of files for which Kaspersky Security for Windows Server calculates the checksum.
    • In the KSN Proxy section, clear or select the
      Use Kaspersky Security Center as KSN Proxy
       check box.

      To enable KSN Proxy the KSN Statement must be accepted and Kaspersky Security Center properly configured. See Kaspersky Security Center Help for more details.

  6. If needed, configure the task start schedule on the Task management tab. For example, you can start the task by schedule and specify the At application launch frequency, if you want the task to run automatically when the protected device is restarted.

    The application will automatically start the KSN Usage task by schedule.

  7. Configure the data handling before starting the task.
  8. Click OK.

The modified settings are applied. The date and time of modifying the settings, as well as information about the task settings before and after modification, are saved in the system audit log.

Page top
[Topic 150038]

Configuring data handling

To configure what data will be processed by the KSN services and accept the KSN Statement:

  1. Expand the Managed devices node in the Kaspersky Security Center Administration Console tree.
  2. Select the administration group for which you want to configure application settings.
  3. Perform one of the following actions in the details pane of the selected administration group:
    • To configure application settings for a group of protected devices, select the Policies tab and open the Properties: <Policy name> window.
    • To configure the application for a single protected device, select the Devices tab and open the Application settings window.

      If an active Kaspersky Security Center policy is applied to a device and blocks changes to application settings, then these settings cannot be edited in the Application settings window.

  4. In the Real-time server protection section click the Data processing button in the KSN Usage subsection.

    The KSN data handling window opens.

  5. On the Services tab, read the Statement and select the I confirm that I have fully read, understood, and accept the terms of participation in Kaspersky Security Network check box.
  6. To increase the protection level, the following check boxes are automatically selected:
    • Send data about scanned files
      .
    • Send data about scanned URLs
      .

    You can clear these check boxes and stop sending additional data at any moment.

  7. The
    Send Kaspersky Security Network statistics
     check box is selected by default. You can clear the check box at any time, if you don't want Kaspersky Security for Windows Server to send additional statistics to Kaspersky.
  8. On the Kaspersky Managed Protection tab, read the Statement and select the
    Accept the terms of the Kaspersky Managed Protection Statement
     check box.

    The changes of Accept the terms of the Kaspersky Managed Protection Statement check box state do not start or stop the processing of data immediately. To apply the changes you must restart Kaspersky Security for Windows Server.

    To use the KMP service, you need to sign the corresponding agreement and execute configuration files on a protected device, enable I confirm that I have fully read, understood, and accept the terms of participation in Kaspersky Security Network, Send data about scanned files, Send data about scanned URLs, and Send Kaspersky Security Network statistics check boxes on the Services tab.

  9. Click OK.

The data processing configuration will be saved.

Page top
[Topic 160705]

Managing KSN Usage via the Application Console

In this section, learn how configure the KSN Usage task and Data handling via the Application Console.

In this section

Configuring KSN Usage task

Configuring Data handling
Page top
[Topic 180769]

Configuring KSN Usage task

To configure the KSN Usage task:

  1. In the Application Console tree, expand the Real-time server protection node.
  2. Select the KSN Usage child node.
  3. Click the Properties link in the details pane.

    The Task settings window opens on the General tab.

  4. Configure the task:
    • In the Action to perform on KSN untrusted objects section, specify the action that Kaspersky Security for Windows Server is to perform if it detects an object identified by KSN as untrusted:
    • In the Data transfer section, restrict the size of files for which the checksum is calculated:
  5. If needed, configure the task start schedule on the Schedule and Advanced tabs. For example, you can enable task start by schedule and specify the start frequency of the At application launch if you want the task to run automatically when the protected device is restarted.

    The application will automatically start the KSN Usage task by schedule.

  6. Configure the Data handling before starting the task.
  7. Click OK.

The modified settings are applied. The date and time of modifying the settings, as well as information about the task settings before and after modification, are saved in the system audit log.

Page top
[Topic 148380]

Configuring Data handling

To configure what data will be processed by the KSN services and accept the KSN Statement:

  1. In the Application Console tree, expand the Real-time server protection node.
  2. Select the KSN Usage child node.
  3. Click the Data processing link in the details pane.

    The Data handling window opens.

  4. On the Services tab, read the Statement and select the I confirm that I have fully read, understood, and accept the terms of participation in Kaspersky Security Network check box.
  5. To increase the protection level, the following check boxes are automatically selected:

    You can clear these check boxes and stop sending additional data at any moment.

  6. The Send Kaspersky Security Network statistics check box is selected by default. You can clear the check box at any time, if you don't want Kaspersky Security for Windows Server to send additional statistics to Kaspersky.
  7. On the Kaspersky Managed Protection tab, read the Statement and select the Accept the terms of the Kaspersky Managed Protection Statement check box.

    The changes of Accept the terms of the Kaspersky Managed Protection Statement check box state do not start or stop the processing of data immediately. To apply the changes you must restart Kaspersky Security for Windows Server.

    To use the KMP service, you need to sign the corresponding agreement and execute configuration files on a protected device, enable I confirm that I have fully read, understood, and accept the terms of participation in Kaspersky Security Network, Send data about scanned files, Send data about scanned URLs, and Send Kaspersky Security Network statistics check boxes on the Services tab.

  8. Click OK.

The data processing configuration will be saved.

Page top
[Topic 160732]

Managing KSN Usage via the Web Plug-in

To configure the KSN Usage task and Data Handling via the Web Plug-in:

  1. In the main window of Web Console, select DevicesPolicies & profiles.
  2. Click the policy name you want to configure.
  3. In the <Policy name> window that opens select the Application settings tab.
  4. Select the Real-time server protection section.
  5. Click Settings in the KSN Usage subsection.
  6. Configure the settings described in the table below.

    KSN Usage task and Data Handling via the Administration Plug-In settings

    Setting

    Description

    Remove

    Kaspersky Security for Windows Server deletes the object with KSN-untrusted status and places a copy of it in Backup.

    This option is selected by default.

    Log information

    Kaspersky Security for Windows Server records information about the object with KSN-untrusted status in the task log. Kaspersky Security for Windows Server does not delete the untrusted object.

    Do not calculate checksum before sending to KSN if file size exceeds

    This check box enables or disables calculation of the checksum for files of the specified size for delivery of this information to the KSN service.

    The duration of the checksum calculation depends on the file size.

    If this check box is selected, Kaspersky Security for Windows Server does not calculate the checksum for files that exceed the specified size (in MB).

    If the check box is cleared, Kaspersky Security for Windows Server calculates the checksum for files of any size.

    The check box is selected by default.

    Use Kaspersky Security Center as KSN Proxy

    The check box allows to manage the data transfer between the protected devices and KSN.

    If the check box is cleared the data from the Administration Server and protected devices is sent to KSN directly (not via the Kaspersky Security Center). The active policy defines which type of data can be sent to KSN directly.

    If the check box is selected, all data is sent to KSN via the Kaspersky Security Center.

    The check box is selected by default.

    I confirm that I have fully read, understood, and accept the terms of participation in Kaspersky Security Network

    By selecting this check box you confirm that you have read and accepted the terms of the Kaspersky Security Network Statement.

    Send data about scanned files

    If the check box is selected, Kaspersky Security for Windows Server sends the checksum of scanned files to the Kaspersky. Conclusion about each file security is based on the reputation received from KSN.

    If the check box is cleared, Kaspersky Security for Windows Server does not send checksum of files to KSN.

    Note, than the file reputation requests might be sent in a limited mode. The limitations are used for protection of the Kaspersky reputation servers from the DDoS attacks. In this scenario, the parameters of file reputation requests, that are being sent, are defined by the rules and methods established by the Kaspersky experts and cannot be configured by user on a protected device. Updates of these rules and methods are received along with the application database updates. If the limitations are applied, the enabled by Kaspersky for protecting KSN servers against DDoS status is displayed in the KSN Usage task statistics.

    The check box is selected by default.

    Send data about requested URLs

    If the check box is selected, Kaspersky Security for Windows Server sends the data about requested web resources, including web addresses, to the Kaspersky. Conclusion about the requested web resource security is based on the reputation received from KSN.

    If the check box is cleared, Kaspersky Security for Windows Server does not check URLs reputation in KSN.

    The check box is selected by default.

    The check box influences the Traffic Security task configuration.

    Agree to process data as a part of the Kaspersky Security Network statistics

    If the check box is selected the Kaspersky Security for Windows Server sends additional statistics, which may contain personal data. The list of all data, that is sent as KSN statistics, is specified in the KSN Statement. The data received by Kaspersky is used to improve the quality of applications and level of threat detection rates.

    If the check box is cleared, Kaspersky Security for Windows Server does not send additional statistics.

    The check box is selected by default.

    Accept the terms of the Kaspersky Managed Protection Statement

    If the check box is selected, you agree to send statistics on the protected device activity to the Kaspersky specialists. Received data is used for around-the-clock analysis and reporting, required to prevent security breach incidents.

    The check box is cleared by default.

    Task management

    You can configure settings to start the task on a schedule.

Page top
[Topic 192819]

Configuring additional data transfer

Kaspersky Security for Windows Server can be configured to send the following data to Kaspersky:

  • Checksums of scanned files (Send data about scanned files check box).
  • Data about requested web addresses and processed email messages (Send data about scanned URLs check box).
  • Additional statistics, including personal data (Send Kaspersky Security Network statistics check box).

See the "Local data handling" section of this guide for detailed information about data that is sent to Kaspersky.

The corresponding check boxes can be selected or cleared only if the I confirm that I have fully read, understood, and accept the terms of participation in Kaspersky Security Network check box is selected.

By default Kaspersky Security for Windows Server sends checksums of files and additional statistics after you accept the KSN Statement.

The I confirm that I have fully read, understood, and accept the terms of participation in Kaspersky Security Network check box is not editable only if the Kaspersky Security Center policy blocks changes of the data handling settings.

Possible check box states and corresponding conditions

Check box state

Conditions for the Send data about scanned files check box state

Conditions for the Send Kaspersky Security Network statistics check box state

Conditions for the Send data about scanned URLs check box state

Conditions for the Accept the terms of the Kaspersky Managed Protection Statement check box state

Conditions for the I confirm that I have fully read, understood, and accept the terms of participation in Kaspersky Security Network check box state

KSN_checked_active

  • reputation requests are sent
  • check box is editable
  • additional statistics is sent
  • check box is editable
  • data about requested URLs is sent
  • check box is editable
  • the terms of the Kaspersky Managed Protection Statement are accepted
  • check box is editable
  • the terms of the Kaspersky Security Network Statement are accepted
  • check box is editable

KSN_checked_inactive

  • reputation requests are sent
  • check box is not editable
  • additional statistics is sent
  • check box is not editable
  • data about requested URLs is sent
  • check box is not editable
  • the terms of the Kaspersky Managed Protection Statement are accepted
  • check box is not editable
  • the terms of the Kaspersky Security Network Statement are accepted
  • check box is not editable

KSN_unchecked_active
  • reputation requests are not sent
  • check box is editable
  • additional statistics is not sent
  • check box is editable
  • data about requested URLs is not sent
  • check box is editable
  • the terms of the Kaspersky Managed Protection Statement are not accepted
  • check box is editable
  • the terms of the Kaspersky Security Network Statement are not accepted
  • check box is editable

KSN_unchecked_inactive

  • reputation requests are not sent
  • check box is not editable
  • additional statistics is not sent
  • check box is not editable
  • data about requested URLs is not sent
  • check box is not editable
  • the terms of the Kaspersky Managed Protection Statement are not accepted
  • check box is not editable
  • the terms of the Kaspersky Security Network Statement are not accepted
  • check box is not editable

Page top
[Topic 170753]

KSN Usage task statistics

While the KSN Usage task is being executed, detailed information can be viewed in real time about the number of objects processed by Kaspersky Security for Windows Server since it was started up till now. Information about all events that occur during the task performing is recorded in the task log.

To view KSN Usage task statistics:

  1. In the Application Console tree, expand the Real-time server protection node.
  2. Select the KSN Usage child node.

Task statistics are displayed in the Statistics section of the details pane of the selected node.

You can view information about objects processed by Kaspersky Security for Windows Server since the task was started (see the table below).

KSN Usage task statistics

Field

Description

File requests sent

Number of file reputation queries sent by Kaspersky Security for Windows Server to KSN.

URL requests sent

Number of URL reputation queries sent by Kaspersky Security for Windows Server to KSN.

URLs untrusted in KSN

Number of URLs considered untrusted by KSN.

Files untrusted in KSN

Number of objects considered untrusted by KSN.

Request sending errors

Number of KSN requests whose processing resulted in a task error.

Statistics formed

Number of generated statistic packages sent to KSN.

Objects removed

Number of objects that Kaspersky Security for Windows Server deleted when running the KSN Usage task.

Moved to Backup

The number of object copies that Kaspersky Security for Windows Server saved to Backup.

Objects not removed

The number of objects that Kaspersky Security for Windows Server attempted but was unable to delete, because, for example, access to the object was blocked by another application. Information about such objects is recorded in the task log.

Objects not backed up

The number of objects the copies of which Kaspersky Security for Windows Server attempted to save in Backup but was unable to do so, for example, due to insufficient disk space. The application does not disinfect or delete files that it could not move to Backup. Information about such objects is recorded in the task log.

Limited mode

The status signifies whether the application sends file reputation requests in a limited mode. In a limited mode Kaspersky Security for Windows Server sends only a part of file reputation requests according to Kaspersky experts recommendation.

Page top
[Topic 148381]