Viewing the protection status and Kaspersky Security for Windows Server information

Support

Support for business applications

Kaspersky Security 11.x for Windows Server

Working with the Kaspersky Security for Windows Server Console

Viewing the protection status and Kaspersky Security for Windows Server information

June 10, 2022

ID 148324

Save as PDF

To view information about the device protection status of Kaspersky Security for Windows Server,

in the Application Console tree, select the Kaspersky Security node.

By default, information in the Application Console results pane is refreshed automatically:

Every 10 seconds for a local connection.
Every 15 seconds for a remote connection.

You can refresh the information manually.

To refresh information in the Kaspersky Security node manually,

select Refresh in the context menu of the Kaspersky Security node.

The Application Console results pane displays the following application information:

Kaspersky Security Network Usage status.
Device protection status.
Information about database and application module updates.
Actual diagnostic data.
Data about protected device control tasks.
License information.
Status of integration with Kaspersky Security Center: details of the server that has Kaspersky Security Center installed and is connected to the application; information about application tasks controlled by the active policy.

Different colors are used to indicate protection status:

Green. The task is run in line with the configured settings; protection is active.
Yellow. The task was not started, is paused or stopped. This means security may be threatened. We recommend that you configure and start the task.
Red. The task ended with an error, or a security threat was detected while the task was running. We recommend that you start the task or eliminate the detected security threat.

Some details in this block (for example, task names or the number of threats detected) are links that take you to the node of the relevant task or open the task log.

The Kaspersky Security Network Usage section displays the current task status (for example, Running, Stopped or Never performed). The status can have the following values:

Green. The KSN Usage task is running and URL status requests are sent to KSN.
Yellow. One of the statements is accepted. However, the task is not running, or URL status requests are not sent to KSN.

Server protection

The Server protection section (see the table below) displays information about the current protection status of the device.

Information about device protection status

Protection section	Information
Device protection status indicator	The color of the panel with the section name reflects the status of tasks being performed in the section. The indicator can have the following values: Green. This color is displayed by default and signifies that the Real-Time File Protection component is installed and the task is running. Yellow. The Real-Time File Protection component is not installed, or the Critical Areas Scan task has not been performed for a long time. Red. The Real-Time File Protection task is not running.
Real-Time File Protection	Task status – Current task status, for example, Running or Stopped. Detected – Number of objects detected by Kaspersky Security for Windows Server. If Kaspersky Security for Windows Server detects one malware in five files, the value in this field increases by one. If the number of detected malware is above zero, the value is highlighted in red.
Critical Areas Scan	Last scan date – Date and time of the last Critical Areas Scan for viruses and other computer security threats. Never performed – Critical Areas Scan task has not been performed in the last 30 days or longer (default value). You can change the threshold for this event.
Traffic security	Task status – Current task status, for example, Running or Stopped. Outlook add-in – Installed or not installed.
Exploit prevention	Status – Current status of exploit prevention techniques, for example, Applied or Not Applied. Prevention mode – One of the two modes that you can select when configuring process memory protection (Terminate on exploit or Statistics only). Processes protected – Total number of processes added to the protection scope and performed using the selected mode.
Backed up objects	Backup free space threshold exceeded – This event occurs when the amount of free space in Backup is approaching the specified limit. Kaspersky Security for Windows Server continues to move objects to Backup. In this case, the value in the Space used field is highlighted in yellow. Maximum Backup size exceeded – This event occurs when the Backup size has reached the specified limit. Kaspersky Security for Windows Server continues to move objects to Backup. In this case, the value in the Space used field is highlighted in red. Backed up objects – Number of objects currently in Backup. Space used – Amount of Backup space used.

Update

The Update section shows whether the anti-virus databases and application modules are up-to-date.

Information on status of Kaspersky Security for Windows Server databases and modules

Update section	Information
Status indicator for databases and software modules	The color of the panel with the section name reflects the status of application databases and modules. The indicator can have the following values: Green. This color is displayed by default and signifies that application databases are up to date and that the last Database Update task was successful. Yellow. Databases are out of date, or last database update task failed. Red. The Application databases are extremely out of date or Application databases are corrupted event has occurred.
Database Update and Software Modules Update	Database status – An evaluation of the Database Update task status. It can take the following values: Application database is up to date – Application databases were updated no more than 7 days ago (default). Application database is out of date – Application databases were updated 7 to 14 days ago (default). Application database is extremely out of date – Application databases were updated more than 14 days ago (default). You can change the thresholds for generating the Application database is out of date and Application database is extremely out of date events. Database release date – Date and time of the release of the latest database update (in UTC format). Status of the latest completed Database Update task – Date and time of the latest database update. The date and time are specified according to the local time of the protected device. The field is red if the Failed event occurred. Number of module updates available – Number of Kaspersky Security for Windows Server module updates available to be downloaded and installed. Number of module updates installed – Number of installed Kaspersky Security for Windows Server module updates.

Update section

Information

Status indicator for databases and software modules

The color of the panel with the section name reflects the status of application databases and modules. The indicator can have the following values:

Green. This color is displayed by default and signifies that application databases are up to date and that the last Database Update task was successful.
Yellow. Databases are out of date, or last database update task failed.
Red. The Application databases are extremely out of date or Application databases are corrupted event has occurred.

Database Update and Software Modules Update

Database status – An evaluation of the Database Update task status.

It can take the following values:

Application database is up to date – Application databases were updated no more than 7 days ago (default).
Application database is out of date – Application databases were updated 7 to 14 days ago (default).
Application database is extremely out of date – Application databases were updated more than 14 days ago (default).
You can change the thresholds for generating the Application database is out of date and Application database is extremely out of date events.

Database release date – Date and time of the release of the latest database update (in UTC format).

Status of the latest completed Database Update task – Date and time of the latest database update. The date and time are specified according to the local time of the protected device. The field is red if the Failed event occurred.

Number of module updates available – Number of Kaspersky Security for Windows Server module updates available to be downloaded and installed.

Number of module updates installed – Number of installed Kaspersky Security for Windows Server module updates.

Control

The Control section (see the table below) displays information about the Applications Launch Control, Device Control, Anti-Cryptor, and Firewall Management tasks.

Information about protected device control status

Control section	Information
Status indicator for protected device control	The color of the panel with the section name reflects the status of tasks being performed in the section. The indicator can take the following values: Green. This color is displayed by default and signifies that Applications Launch Control component is installed and the task is running in the Active mode. Yellow. Applications Launch Control is running in the Statistics only mode. Red. The Applications Launch Control task is not running or has failed.
Applications Launch Control	Task status – Current task status (for example, Running or Stopped). Operation mode – One of the two Applications Launch Control task modes: Active Statistics only Applications launches denied – Number of attempts to start applications blocked by Kaspersky Security for Windows Server during the Applications Launch Control task. If the number of blocked application starts is above zero, the field is red. Average processing time (ms) – Time taken by Kaspersky Security for Windows Server to attempt to start applications on the protected device.
Device control	Task status – Current task status (for example, Running or Stopped). Operation mode – One of the two Device Control task modes: Active Statistics only Devices blocked – Number of attempts to connect an external device that was blocked by Kaspersky Security for Windows Server during the Device Control task. If the number of blocked external devices is above zero, the field is red.
Anti-Cryptor	Task status – Current task status (for example, Running or Stopped). Operation mode – One of the two Anti-Cryptor task modes: Active Statistics only Hosts blocked – Number of hosts that displayed malicious activity and were blocked when attempting to connect to the protected device.
Firewall Management	Task status – Current task status (for example, Running or Stopped). Connection attempts blocked – Number of connections to a protected device blocked by the specified firewall rules.

Diagnostics

The Diagnostics section (see the table below) displays information about the File Integrity Monitor and Log Inspection tasks.

Information about System Inspection status

Diagnostics section	Information
Diagnostics status indicator	The color of the panel with the section name reflects the status of tasks being performed in the section. The indicator can take the following values: Green. This color is displayed by default and signifies that one or both system inspection components are installed and the tasks are running. Yellow. Both components are installed, but one of the system inspection tasks is not running (the Not running event occurred). Red. One of the tasks failed.
File Integrity Monitor	Task status – Current task status (for example, Running or Stopped). Non-sanctioned file operations – Number of changes to files within the monitoring scope. These changes may indicate a security breach of a protected device.
Log Inspection	Task status – Current task status (for example, Running or Stopped). Possible violations – Number of violations based on data from the Windows Event Log. This number is based on the specified task rules or determined by the heuristic analyzer.

The Kaspersky Security for Windows Server licensing information is displayed in the row in the bottom left corner of the results pane of the Kaspersky Security node.

Follow the Application properties link to configure Kaspersky Security for Windows Server.

Following the Connect to another computer link to connect to a different protected device.

To review detailed information about the Network Attached Storage Protection tab, see Kaspersky Security for Windows Server Implementation Guide for Network Storage Protection.

Kaspersky Security for Windows Server: Prompt detection of all kinds of threats

Launch control and exploit prevention for businesses of all sizes. Buy as part of Endpoint Security for Business Advanced.

Kaspersky Premium Support (MSA): High‑priority incident processing

Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.