Application architecture

Kaspersky Security 9.0 for SharePoint Server includes the following components:

• Management Console. This is a snap-in for Microsoft Management Console (hereinafter referred to as MMC). This component is designed for interaction with the application through an interface.

  You can install Management Console separately from other application components. If you need to manage other components of the application, you can add computers with installed components to Management Console. If several administrators work concurrently, Management Console can be installed on each administrator's computer.

• Security Server. This component is designed for anti-virus protection of a SharePoint server (or server farm) and for scanning files, blogs, and wiki pages for unwanted content. Security Server is responsible for real-time protection, updating the application databases, background scanning of SharePoint servers, relaying data to Kaspersky Security Network services, and activating the application.
• DLP Module. This component is designed to protect SharePoint data against leaks. The DLP Module is part of Security Server and can be installed on a SharePoint server only together with Security Server. A separate key is required to use the DLP Module.

Some Kaspersky Security settings are stored in the memory of third-party software (Active Directory® and Microsoft SQL Server®). Kaspersky Security is unable to guarantee security of such data. To prevent unauthorized changes to these settings, you have to ensure their security on your own.

The figure below shows an example of application deployment within the Microsoft SharePoint Server structure.

Kaspersky Security 9.0 for SharePoint Server deployment example

About information stored in the SQL database

The application saves the following information to the SQL database:

• Details of Security Server's operation:
  • The component's configuration
  • The component's operation statistics
  • Ready reports
  • Backup copies of documents.
• Details of DLP Module's operation:
  • The component's configuration
  • Information about user categories
  • The component's operation statistics
  • Ready reports
  • Information about incidents (including files associated with incidents)
  • Information about the progress of scan tasks.

Files associated with incidents and backup copies of documents are not encrypted. For security reasons (for example, to prevent unauthorized access or possible data leaks), you are advised to protect files in the SQL database on your own.

Information about incidents may increase the size of the database significantly. An information security specialist can archive incidents. This procedure allows minimizing the volume of data stored in the SQL database.