Scenario: Monitoring and reporting

This section provides a scenario for configuring the monitoring and reporting feature in Kaspersky Security Center.

Prerequisites

After you deploy Kaspersky Security Center in an organization's network you can start to monitor it and generate reports on its functioning.

Monitoring and reporting in an organization's network proceeds in stages:

  1. Configuring the switching of device statuses

    Get acquainted with the settings for device statuses depending on specific conditions. By changing these settings, you can change the number of events with Critical or Warning importance levels. When configuring the switching of device statuses, be sure of the following:

    • New settings do not conflict with the information security policies of your organization.
    • You are able to react to important security events in your organization's network in a timely manner.
  2. Configuring notifications about events on client devices

    How-to instructions:

    Configure notification (by email, by SMS, or by running an executable file) of events on client devices

  3. Changing the response of your security network to the Virus outbreak event

    You can change the specific thresholds in the Administration Server properties. You can also create a stricter policy that will be activated or create a task that will be run at the occurrence of this event.

  4. Performing recommended actions for Critical and Warning notifications

    How-to instructions:

    Perform recommended actions for your organization's network

  5. Reviewing the security status of your organization's network

    How-to instructions:

  6. Locating client devices that are not protected

    How-to instructions:

  7. Checking protection of client devices

    How-to instructions:

  8. Evaluating and limiting the event load on the database

    Information about events that occur during operation of managed applications is transferred from a client device and registered in the Administration Server database. To reduce the load on the Administration Server, evaluate and limit the maximum number of events that can be stored in the database.

    How-to instructions:

  9. Reviewing license information

    How-to instructions:

Results

Upon completion of the scenario, you are informed about protection of your organization's network and, thus, can plan actions for further protection.

See also:

Scenario: Regular updating Kaspersky databases and applications

Page top