KASPERSKY LAB Integration with Microsoft Operations Manager ADMINISTRATOR GUIDE
INTEGRATION WITH MICROSOFT OPERATIONS MANAGER Administrator Guide © Kaspersky Lab http://www.kaspersky.
Table of Contents CHAPTER 1. INTRODUCTION ...................................................................................... 4 CHAPTER 2. INSTALLING AND UNINSTALLING THE MANAGEMENT PACK........ 5 1.1. Installing the management pack ........................................................................... 5 1.2. Uninstalling the management pack ...................................................................... 6 CHAPTER 3. VIEWING EVENTS IN OPERATOR CONSOLE ....................................
Chapter 1. Introduction Some Kaspersky Lab products have the capability of integrating with Microsoft Operations Manager through a special management pack that enables you to: • Automatically detect computers on the business's network that have a manageable Kaspersky Lab application installed.
Chapter 2. Installing and uninstalling the management pack This section covers installation and uninstallation of management packs for Kaspersky Lab products through Microsoft Operations Manager. 1.1. Installing the management pack To integrate with Microsoft Operations Manager, take the following steps: 1. Deploy Microsoft Operations Manager in the network (for more details, see the documentation for that application). 2. Copy the management pack file with the extension *.
Integration with Microsoft Operations Manager Once the management pack is integrated with Microsoft Operations Manager, the pack requires no further configuration (except for e-mail notifications configuration, for details see Chapter 4 on page 9). 1.2. Uninstalling the management pack To uninstall the management pack, take the following steps: 1. Open the Microsoft Operations Manager Operator Console using the Start \ Programs \ Microsoft Operations Manager \ Operator Console command.
Installing and uninstalling the management pack • 7 delete all attributes with the name of the Kaspersky Lab managed program from the Microsoft Operations Manager / Management Packs / Computer Attributes node. Note that some attributes can be used simultaneously by management packs for several Kaspersky Lab programs.
Chapter 3. Viewing events in operator console To work with the management pack via Microsoft Operations Manager, take the following steps: 1. Open Microsoft Operations Manager. To do so use the command Start \ Programs \ Microsoft Operations Manager \ Operator Console. 2. In the console tree, select Kaspersky Lab and the folder with the name of the Kaspersky Lab managed program contained in it.
Chapter 4. E-mail notifications By default, the rules created for Kaspersky Lab product management packs are configured to send e-mail notifications when certain events occur. However, to receive the notifications, you must populate the group of KAV Administrators beforehand and assign e-mail addresses that the notifications will be sent to. To do so: 1. Open Microsoft Operations Manager . To do so run the command Start \ Programs \ Microsoft Operations Manager \ Administrator Console. 2.
Appendix A. Kaspersky Lab Founded in 1997, Kaspersky Lab has become a recognized leader in information security technologies. It produces a wide range of data security software and delivers high-performance, comprehensive solutions to protect computers and networks against all types of malicious programs, unsolicited and unwanted email messages, and hacker attacks. Kaspersky Lab is an international company.
Appendix A 11 A.1. Other Kaspersky Lab Products Kaspersky Anti-Virus® Personal ® Kaspersky Anti-Virus Personal has been designed to provide anti-virus protection to personal computers running Microsoft Windows 98/ME or Microsoft Windows 2000/NT/XP against all known viruses, including potentially dangerous software. Kaspersky Anti-Virus Personal provides real-time monitoring of all sources of virus intrusion - e-mail, Internet, floppy disks, CD, etc.
Integration with Microsoft Operations Manager retrieval of daily updates for the anti-virus database and the program modules. A unique second-generation heuristic analyzer efficiently detects unknown viruses. A simple and convenient interface allows users to configure the program quickly making work with it easier than ever. ® Kaspersky Anti-Virus Personal Pro has the following features: • On-demand scan of local disks. • Real-time automatic protection of all accessed files from viruses.
Appendix A 13 Kaspersky® Personal Security Suite Kaspersky® Personal Security Suite is a software suite designed for organizing comprehensive protection of personal computers running Microsoft Windows. The suite prevents malicious and potentially dangerous programs from penetrating through any possible data sources and protects you from unauthorized attempts to access your computer’s data, as well as blocking spam.
Integration with Microsoft Operations Manager • Exclude archives and e-mail databases from scanning. • Select standard/extended anti-virus databases for scanning. • Save a report on the scanning results in txt or html formats. ® Kaspersky OnLine Scanner Pro The program is a subscription service offered to the visitors of Kaspersky Lab's corporate website. The service allows an efficient online anti-virus scan of your computer and disinfection of dangerous files.
Appendix A 15 • Monitoring of changes in OS registry due to internal system registry control. • Blocking of dangerous VBA macros in Microsoft Office documents. • System restoration after malicious spyware influence accomplished due to recording of all changes in the registry and computer file system and an opportunity to perform their roll-back at user's discretion. Kaspersky® Internet Security 6.0 ® Kaspersky Internet Security 6.
Integration with Microsoft Operations Manager computer detection from outside. When you switch into that mode, the system will block all network activity except for a few transactions allowed in userdefined rules. The program employs complex approach to anti-spam filtering of incoming e-mail messages: • Verification against black and white lists of recipients (including addresses of phishing sites). • Inspection of phrases in message body.
Appendix A Kaspersky Anti-Virus® Business Optimal This package provides a unique configurable security solution for small- and medium-sized corporate networks. Kaspersky Anti-Virus® protection1 for: Business Optimal guarantees full-scale anti-virus • Workstations running Microsoft Windows 98/ME, Microsoft Windows NT/2000/XP Workstation and Linux. • File servers running Microsoft Windows NT 4.
Integration with Microsoft Operations Manager • E-mail systems, including Microsoft Exchange Server 2000/2003, Lotus Notes/Domino, sendmail, postfix , exim, and qmail mail systems • Internet gateways: CheckPoint Firewall –1; Microsoft ISA Server 2000 Enterprise Edition, Microsoft ISA Server 2004 Enterprise Edition • Hand-held computers (PDAs), running Symbian OS, Microsoft Windows CE and Palm OS, and also smartphones running Microsoft Windows Mobile 2003 for Smartphone and Microsoft Smartphone 200
Appendix A Kaspersky® Mail Gateway Kaspersky Mail Gateway is a comprehensive solution that provides complete protection for users of mail systems. This application installed between the corporate network and the Internet scans all components of e-mail messages for the presence of viruses and other malware (Spyware, Adware, etc.) and performs centralized anti-spam filtration of e-mail stream.
Appendix B. License agreement End User License Agreement NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT ("AGREEMENT") FOR THE LICENSE OF SPECIFIED SOFTWARE ("SOFTWARE") PRODUCED BY KASPERSKY LAB ("KASPERSKY LAB"). IF YOU HAVE PURCHASED THIS SOFTWARE VIA THE INTERNET BY CLICKING THE ACCEPT BUTTON, YOU (EITHER AN INDIVIDUAL OR A SINGLE LEGAL ENTITY) CONSENT TO BE BOUND BY AND BECOME PARTY TO THIS AGREEM ENT.
Appendix B 21 All references to "Software" herein shall be deemed to include the software activation key ("Key Identification File") with which you will be provided by Kaspersky Lab as part of the Software. 1. License Grant.
Integration with Microsoft Operations Manager 1.1.5 You shall not rent, lease or lend the Software to any other person, nor transfer or sub-license your license rights to any other person. 1.1.6 You shall not use this Software in automatic, semi-automatic or manual tools designed to create virus signatures, virus detection routines, any other data or code for detecting malicious code or data. 1.2 Server-Mode Use.
Appendix B 23 (i) Kaspersky Lab will provide you with the support services ("Support Services") as defined below for a period of one year following: (a) Payment of its then current support charge, and: (b) Successful completion of the Support Services Subscription Form as provided to you with this Agreement or as available on the Kaspersky Lab website, which will require you to produce the Key Identification File which will have been provided to you by Kaspersky Lab with this Agreement.
Integration with Microsoft Operations Manager (i) Kaspersky Lab warrants that for six (6) months from first download or installation the Software purchased on a physical medium will perform substantially in accordance with the functionality described in the Documentation when operated properly and in the manner specified in the Documentation. (ii) You accept all responsibility for the selection of this Software to meet your requirements.
Appendix B 25 (c) Loss of the use of money; (d) Loss of anticipated savings; (e) Loss of business; (f) Loss of opportunity; (g) Loss of goodwill; (h) Loss of reputation; (i) Loss of, damage to or corruption of data, or: (j) Any indirect or consequential loss or damage howsoever caused (including, for the avoidance of doubt, where such loss or damage is of the type specified in paragraphs (ii), (a) to (ii), (i).
