Scenario: Protection deployment (tenant management through administration groups)

July 10, 2024

ID 153487

If you have never used Kaspersky Security Center and you want to manage your tenants through administration groups, proceed as described in this section. After you complete this scenario, your customers' devices will be protected.

The scenario proceeds in stages:

  1. Creating administration groups

    Create an administration group for each of your customers.

  2. Planning the distribution points structure

    Among the devices of each customer, decide which device will act as a distribution point.

    You cannot have more than 100 distribution points within one workspace.

  3. Creating a stand-alone installation package for Network Agent

    Create a stand-alone installation package for Network Agent.

  4. Installation of Network Agent on the selected devices to act as distribution points

    Install Network Agent on the selected devices that will act as distribution points.

    You can use any method that is suitable for you:

    • Manual installation

      To deliver the stand-alone installation package to the devices, you can, for example, copy it to a removable drive (such as a flash drive) or place it in a shared folder.

    • Deployment by using Active Directory
    • Deployment by using your remote monitoring and management (RMM) software solution
  5. Assigning distribution points

    Assign the devices with Network Agent installed to act as distribution points.

  6. Network polling

    Configure and perform network polling through the distribution point.

    Kaspersky Security Center Cloud Console provides the following methods of network polling:

    • IP range polling
    • Windows network polling
    • Active Directory polling

    After network polling according to schedule is complete, your customers' devices are discovered and placed in the Unassigned devices group.

  7. Moving the discovered devices to the administration groups

    Set up the rules for automatically moving the discovered devices to the required administration groups; or move these devices to the required administration groups manually.

  8. Creating installation packages for Network Agent and managed Kaspersky applications

    If you did not start the quick start wizard, or skipped the step of creating installation packages, create installation packages for Kaspersky applications.

  9. Removing third-party security applications

    If third-party security applications are installed on your customers' devices, remove them before installing Kaspersky applications.

  10. Installing Kaspersky applications on your customers' devices

    Create remote installation tasks to install Network Agent and managed Kaspersky applications on your customers' devices.

    If necessary, you can create several remote installation tasks to install managed Kaspersky applications for different administration groups or different device selections.

    After the tasks are created, you can configure their settings. Make sure that the schedule for each task meets your requirements. First, the task to install Network Agent must be run. After Network Agent is installed on your customers' devices, the task to install managed Kaspersky applications must be run.

  11. Verifying initial deployment of Kaspersky applications

    Generate and view the Report on Kaspersky software versions. Make sure that the managed Kaspersky applications are installed on all of the devices of your customers.

  12. Creating policies for Kaspersky applications

    Go to the Assets (Devices) → Groups menu; if you want to create a universal policy for all your customers, select Administration Server. If you want to create a specific policy for an individual customer, select the administration group corresponding to that customer. Create a policy for the required Kaspersky application.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.