Using a distribution point as a push server
Oct 23, 2023
In Kaspersky Security Center Cloud Console, a distribution point can work as a push server for Windows-based and Linux-based devices that are managed by Network Agent. A push server has the same scope of managed devices as the distribution point on which the push server is enabled. If you have several distribution points assigned for the same administration group, you can enable a push server on each of the distribution points. In this case, Administration Server balances the load between the distribution points.
You can use distribution points as push servers to ensure that continuous connectivity between a managed device and the Administration Server. Continuous connectivity is needed for some operations, such as running and stopping local tasks, receiving statistics for a managed application, or creating a tunnel. If you use a distribution point as a push server, you do not have to send packets to the UDP port of Network Agent.
To use a distribution point as a push server:
- In the main menu, click the settings icon () next to the name of the required Administration Server.
The Administration Server properties window opens.
- On the General tab, select the Distribution points section.
- Click the distribution point that you want to use as a push server.
- In the property list of the selected distribution point, go to the General section, and then enable the Run push server option.
The Push server port entry field becomes available.
- In the Push server port entry field, specify the port on the distribution point that client devices will use for connection. By default, port 13295 is used.
To establish connection between the distribution point acting as a push server and a managed device, you must manually add the specified push server port to the Microsoft Windows Firewall exclusion list.
- Click OK to exit the distribution point properties window, and then click Save to apply changes.
After you enable the Run push server option, the Do not disconnect from the Administration Server option is automatically enabled on the distribution point that acts as a push server. This option provides an early connection between Network Agent and the Administration Server.
- Open the Network Agent policy settings window.
- Go to Connectivity → Network, and then enable the Use distribution point to force connection to the Administration Server option. Close the lock for this option.
- Also in the Network subsection, you can disable the Use UDP port option. The configured push server will provide continuous connectivity between a managed device and the Administration Server instead of sending packets through the UDP port.
- Click OK to exit the window.
The distribution point starts acting as a push server. It can now send push notifications to client devices.