Messaging between users and the administrator

The Application Control, Device Control, Web Control and Adaptive Anomaly Control components enable LAN users whose computers have Kaspersky Endpoint Security installed to send messages to the administrator.

A user may need to send a message to the local corporate network administrator in the following cases:

• Device Control blocked access to the device.

  The message template for a request to access a blocked device is available in the Kaspersky Endpoint Security interface in the Device Control section.

• Application Control blocked the startup of an application.

  The message template for a request to allow the startup of a blocked application is available in the Kaspersky Endpoint Security interface in the Application Control section.

• Web Control blocked access to a web resource.

  The message template for a request to access a blocked web resource is available in the Kaspersky Endpoint Security interface in the Web Control section.

The method used to send messages and the utilized template depends on whether or not there is an active Kaspersky Security Center policy running on the computer that has Kaspersky Endpoint Security installed, and whether or not there is a connection with the Kaspersky Security Center Administration Server. The following scenarios are possible:

• If a Kaspersky Security Center policy is not running on the computer that has Kaspersky Endpoint Security installed, a user's message is sent to the local area network administrator by email.

  The message fields are populated with the values of fields from the template defined in the local interface of Kaspersky Endpoint Security.

• If a Kaspersky Security Center policy is running on the computer that has Kaspersky Endpoint Security installed, the standard message is sent to the Kaspersky Security Center Administration Server.

  In this case, user messages are available for viewing in the Kaspersky Security Center event storage (see instruction below). The message fields are populated with the values of fields from the template defined in the Kaspersky Security Center policy.

• If a Kaspersky Security Center out-of-office policy is running on the computer with Kaspersky Endpoint Security installed, the method used to send messages depends on whether or not there is a connection with Kaspersky Security Center.
  • If a connection with Kaspersky Security Center is established, Kaspersky Endpoint Security sends the standard message to the Kaspersky Security Center Administration Server.
  • If a connection with Kaspersky Security Center is absent, a user's message is sent to the local area network administrator by email.

  In both cases, the message fields are populated with the values of fields from the template defined in the Kaspersky Security Center policy.

To view a user message in the Kaspersky Security Center event storage:

1. Open the Kaspersky Security Center Administration Console.
2. In the Administration Server node of the Administration Console tree, select the Events tab.

   The Kaspersky Security Center workspace displays all events occurring during the operation of Kaspersky Endpoint Security, including messages to the administrator that are received from LAN users.

3. To configure the event filter, in the Event selections drop-down list, select User requests.
4. Select the message sent to the administrator.
5. Click the Open event properties window button in the right part of the Administration Console workspace.