User Guide

ManualsBrandsKaspersky Lab ManualsOtherKASPERSKY ANTI-VIRUS-ADMINISTRATION KIT 4.5

KASPERSKY LABS

Kaspersky

Administration Kit 4.5

USER GUIDE

Summary of content (140 pages)

PAGE 1
KASPERSKY LABS Kaspersky® Administration Kit 4.
PAGE 2
KASPERSKY® ADMINISTRATION KIT 4.5 User Guide  Kaspersky Labs Ltd. Visit our web site: http://www.kaspersky.
PAGE 3
Contents CHAPTER 1. KASPERSKY® ADMINISTRATION KIT .................................................. 7 1.1. What’s new in version 4.5? ................................................................................... 8 1.2. Software and hardware requirements .................................................................. 9 1.3. Distribution kit ...................................................................................................... 10 1.4. Help desk for registered users ..................
PAGE 4
Kaspersky Administration Kit 5.9. Help...................................................................................................................... 43 CHAPTER 6. CREATING AND EDITING A LOGICAL NETWORK ........................... 45 6.1. Creating groups ................................................................................................... 45 6.2. Adding servers..................................................................................................... 46 6.3.
PAGE 5
Contents 5 7.4.2. Updating the anti-virus database storage on a server from another server on the logical network........................................................................ 81 7.5. Configuring and using the quarantine function................................................... 83 7.5.1. Quarantine types .......................................................................................... 83 7.5.2. Selecting a quarantine type................................................................
PAGE 6
Kaspersky Administration Kit A.2. The Edit menu................................................................................................... 117 A.3. The View menu ................................................................................................. 118 A.4. The Object menu .............................................................................................. 119 A.5. The Tools menu ................................................................................................
PAGE 7
CHAPTER 1. KASPERSKY® ADMINISTRATION KIT Kaspersky® Administration Kit was developed specially for administrators of corporate networks or anti-virus security officers. Using this toolkit, a network administrator can manage anti-virus protection (i.e. install, configure, and update the Kaspersky Anti-Virus® software, and also quickly and efficiently deal with virus outbreaks) SIMULTANEOUSLY on all workstations of a corporate network DIRECTLY FROM THE ADMINISTRATING STATION.
PAGE 8
Kaspersky Administration Kit tion because even if an infected file has been deleted, it can be easily restored from the quarantine. • Control user access to anti-virus protection settings. The administrator can prevent users from accessing anti-virus protection settings. This feature substantially enhances anti-virus protection security. • Group computers into logical groups and delegate administrative control over specific groups to particular group administrators.
PAGE 9
Kaspersky® Administration Kit 9 1.2. Software and hardware requirements To run the Kaspersky® Administration Kit software package, you need: • A TCP/IP network • A configured MS Windows network • The MS Windows 95/98/Me/NT/2000/XP operating system. If installing on a computer running MS Windows NT 4.0, the service pack 6 must be preinstalled.
PAGE 10
Kaspersky Administration Kit 1.3. Distribution kit You can purchase Kaspersky Anti-Virus® Personal either from our distributors (retail box) or online at one of our Internet shops (for example, www.kaspersky.com, the Buy online link). The retail box includes: • A sealed envelope with an installation CD containing files for the software product; • User Guide; • A license key written on the installation CD; • License agreement.
PAGE 11
Kaspersky® Administration Kit 11 • new versions of this anti-virus software product provided free of charge; • phone or e-mail advising on matters related to the installation, configuration, and operation of this anti-virus product; • information about new Kaspersky Labs products and about new computer viruses (for those who subscribe to the Kaspersky Labs newsletter). Kaspersky Labs does not provide information related to operation and use of your operating system or various other technologies.
PAGE 12
Kaspersky Administration Kit 1.5. Conventions In this book we use various conventions to emphasize different meaningful parts of the documentation. The Table below lists the conventions used in this User Guide. Convention Meaning Bold font Menu titles, commands, window titles, dialog elements, etc. Note. Attention! To do this, 1. Step 1. 2.
PAGE 13
CHAPTER 2. BUILDING UP ANTIVIRUS PROTECTION 2.1. The Kaspersky Anti-Virus® logical network The Kaspersky Anti-Virus® logical network (logical network) is a number of computers interconnected into a local network and running the Kaspersky AntiVirus® package components managed by Kaspersky® Administration Kit. Computers within a logical network can perform the following functions: Kaspersky Anti-Virus® workstation (workstation1) is a computer that is protected from viruses.
PAGE 14
Kaspersky Administration Kit The structure of a logical network or the network configuration, i.e. information about the hierarchical interconnections between groups, servers, and workstations, is stored on one of the servers. This server is called the primary server of the logical network. The same computer can function as a workstation, a server, and an administrating station. The number of workstations, servers, and administrating stations is unlimited but there must be only one primary server.
PAGE 15
building up anti-virus protection 15 Below all the above mentioned types of addresses are referred to as the object address. 2.3. Creating a logical network The process may be divided into the following stages: 1. 2. 3. Project your logical network: the logical network administrator (the administrator) chooses the computers on which to organize administrating stations, the primary server, servers, and workstations. Logical networks can have various configurations.
PAGE 16
4. Kaspersky Administration Kit • Define alert-forwarding settings on the servers (alerts are generated by tasks running on workstations) (see Chapter 7 on page 65). • Customize anti-virus settings for workstations. • Divide (if required) the logical network into groups (see subchapter 6.1 on page 45). Assign access rights to other users: • Allow or prohibit users to access the Kaspersky AV Control Centre settings on workstations (see subchapter 8.1 on page 96).
PAGE 17
building up anti-virus protection 17 • contol access to the settings of Kaspersky Anti-Virus® applications on workstations (see subchapter 8.1 on page 96); • assign administrators to the logical groups (see subchapter 8.2 on page 99). To configure a logical network, the administrator must know not only his or her user name and password but also the network access passwords to the workstations and servers to be added to the logical network.
PAGE 18
Kaspersky Administration Kit If the administrator fails to connect to a workstation (i.e. the connectionfailed message appears on the screen), and at the same time the computer is available on the local network, it is advisable to check whether ® the Kaspersky Anti-Virus software is still running on this workstation or it has been deleted or reinstalled by the user. For details see subchapter 9.4 on page 107. • Check your mailbox and read alerts delivered from workstations (see subchapter 9.
PAGE 19
building up anti-virus protection 19 To avoid confusion, logical network administrators are not recommended to ® change Kaspersky Anti-Virus settings on the workstations supervised by subordinate group administrators. If it is necessary to change the settings, the supervising administrator must inform the subordinate administrator about this.
PAGE 20
CHAPTER 3. INSTALLING THE SOFTWARE PACKAGE 3.1. Installing Kaspersky® Network Control Centre In this subchapter we describe the step-by-step installation of Kaspersky® Administration Kit on a computer that does not have preinstalled components from this package. For instructions on how to reinstall, add or uninstall separate components, see subchapter 3.2 on page 27. The setup wizard will suggest you to install Kaspersky® Network Control Centre and Kaspersky AV Server on the same computer.
PAGE 21
Installing the software package 21 4. The destination folder wizard box will appear on your screen. The Destination Folder info field displays the default destination directory. To install the component to a different folder, click Browse and select a folder into which you want to install ® Kaspersky Anti-Virus components. 5. The program group wizard box will appear on your screen. The Program Folders input field displays the default program group.
PAGE 22
Kaspersky Administration Kit 7. The Start Copying Files wizard box (see Figure 3) will appear on your screen. This box displays the details you entered in the previous box. Review the information before proceeding. If some data are not correct, use the Back button to return to one of the previous wizard boxes and correct the mistake. 8. The Report Viewer Settings wizard box will appear on your screen (see Figure 4).
PAGE 23
Installing the software package Figure 4. The Report Viewer Settings box Figure 5.
PAGE 24
Kaspersky Administration Kit Figure 6. Setting a server service account Using the option buttons in this dialog box, specify whether the server will be started under the system account or under a userdefined account. If you choose the user-defined account, enter the account name, a password, and password confirmation in the corresponding input fields.
PAGE 25
Installing the software package Figure 7. Selecting storage folders 13. After the selected component files are copied onto the hard disk, the wizard will open the Key File dialog box (see Figure 9). By default, the dialog box list contains the key file (files) that comes with the installation CD. To add other files to this list, click Add and select the required file in the MS Windows standard dialog box. To remove an unwanted file from the list, select it and click Remove. 14.
PAGE 26
Kaspersky Administration Kit Figure 8. The Kaspersky AV Control Centre network access password box Figure 9.
PAGE 27
Installing the software package 27 3.2. Adding, reinstalling and/or uninstaling separate components To add, uninstall, or reinstall any of the Kaspersky® Administration Kit components, run the setup wizard as described in subchapter 3.1 on page 20. However, the installation procedure will differ from that described for the first installation of Kaspersky® Administration Kit. After the installation wizard info box, the installation mode wizard box will appear on your screen (see Figure 10). Figure 10.
PAGE 28
CHAPTER 4. GETTING STARTED This chapter briefly describes how to start working with Kaspersky® Administration Kit after it is installed on your computer. It also discusses how to create and start working with a simple logical network. We assume that the user is familiar with the basics of the standard MS Windows graphic interface.
PAGE 29
Getting started 4. Point and click Kaspersky® Network Control Centre. The ® Kaspersky Network Control Centre Login dialog box will appear on your screen (see Figure 11). ® Figure 11. Entering Kaspersky Network Control Centre 5. Enter the primary server address in the Primary Kaspersky AV Server address text field. Kaspersky AV Server must be preinstalled and started on the defined computer. 6.
PAGE 30
Kaspersky Administration Kit ! Import network configuration from local file – Import the logical network configuration from a file. Select this option if you have an existing network configuration file. This file can be created by exporting your previous logical network to a file (see subchapter 7.7.1 on page 94). Enter the complete file name in the text field below or select it using the button . Figure 12. Creating a new logical network configuration 9.
PAGE 31
Getting started Add a server to the logical network. To do this: 1. Click the KAV Network icon located in the upper left corner of the main window. 2. Select Add server from the Object menu (+) or press button on the toolbar. The Add KAV server dialog box will the appear on your screen (see Figure 14). Enter the required server address in the Address text field. Figure 14. Adding a server 3. Enter the server name to be added to the logical network in the Name text field (if necessary).
PAGE 32
Kaspersky Administration Kit Figure 15. Adding a workstation 3. Enter the required workstation address in the Address of workstation(s) text field. It is impossible to add a workstation to the logical network if its NetBios name consists of numbers only (e.g. 123). We recommend that you add such a station using its IP address. 4.
PAGE 33
Getting started Figure 16.
PAGE 34
CHAPTER 5. USER INTERFACE 5.1. Main window The Kaspersky® Network Control Centre main window (see Figure 17) contains the following items: • menu bar • toolbars • network pane • object property pane • info bar • status bar. ® Figure 17.
PAGE 35
User interface 5.2. Menu The menu bar is located at the top of the main window. Some commands in these menus can substituted by appropriate key combinations or toolbar buttons (see subchapter 5.3 on page 35). For example, instead of selecting the Login item from the Network menu, you can use the key combination + or press the toolbar button. The appropriate key combinations are displayed to the right of these menu commands.
PAGE 36
Kaspersky Administration Kit • The levels below may contain groups of the second, third, fourth, etc. nesting levels. Groups of any level are marked with the • The level above the last contains server addresses and their names enclosed in brackets. Servers are marked with the contain more than one server. • icon. icons. One group may The last level contains workstation addresses and names enclosed in brackets. Workstations are marked with the icons. Figure 19.
PAGE 37
User interface 2. Right-click the object to open its shortcut menu (see Figure 20). Figure 20. The shortcut menu for a group 5.6. Object property pane In the right frame of the main window, you can see the current object property pane.
PAGE 38
Kaspersky Administration Kit 5.6.1. Tabs for groups On the General tab for a group (see Figure 21), you can set the account and password for an administrator who is authorized to access this group. Using the fields on this tab, you can create a multilevel structure for administration of your logical network. To change the administrator name, enter the new name in the Administrator text field. To change the administrator password, click Change in the Password field to open the password-input dialog box.
PAGE 39
User interface The Storages tab (see Figure 22) displays the following items: • The contents of the directories where the anti-virus database and program updates used by subordinate workstations are stored (see subchapter 7.4 on page 78). • The contents of the folders that store suspicious files detected by the antivirus programs (the so-called server quarantine. For more details about the quarantine please refer to subchapter 7.5 on page 83).
PAGE 40
Kaspersky Administration Kit Figure 23. The Options tab for a server On the Deployment tab, you can remotely install (deploy) programs on workstations (see subchapter 6.3 on page 47). On the General tab, you can change the network access password to the server (about the password, see subchapter 2.2 on page 14, and about changing the password, see subchapter 10.2 on page 113). 5.6.3. Tabs for workstations To define settings for a workstation, you can use the following five tabs.
PAGE 41
User interface Figure 24. The Tasks tab for a workstation The Settings tab (see Figure 25) contains options allowing you to define the Kaspersky AV Control Centre settings for management of the workstation via the network (see Chapter 7, subchapter 8.1.1 on page 96, and the Kaspersky AV Control Centre description). The General tab allows you to change the network access password to the workstation (about the password, see subchapter 2.4 on page 16 and about changing the password, see subchapter 10.
PAGE 42
Kaspersky Administration Kit Figure 25. The Settings tab for a workstation 5.7. Info bar The info bar contains the following two tabs: Attention and Off-line.
PAGE 43
User interface Figure 27. The info bar. The Off-line tab You may sort the rows in these lists by any column, either alphabetically or numerically, in ascending or descending order. To do this, click the required column title: once to sort in ascending order or twice to sort in descending order. The info bar has its shortcut menu. To hide or display the info bar: select the Information bar command from the View menu. To hide the bar, click the button in the upper left corner of the bar frame. 5.8.
PAGE 44
Kaspersky Administration Kit To refer to Help topics, select the Contents command from the Help menu (+). Click Help in any dialog box to display detailed information about this dialog box. By pressing the button (you will see a question mark to the right of ® your cursor) and clicking any element of the Kaspersky Network Control Centre window, you can view information about this element.
PAGE 45
CHAPTER 6. CREATING AND EDITING A LOGICAL NETWORK The creation of a logical network includes the following standard stages: • Creation of groups (see subchapter 6.1 on page 45); • Addition of servers to the groups (see subchapter 6.2 on page 46); • ® Installation of the Kaspersky Anti-Virus programs on workstations (see subchapter 6.3 on page 47); • Addition of workstations to the supervising servers (see subchapter 6.3 on page 47); • Customization of alert settings (see subchapter 7.2.
PAGE 46
Kaspersky Administration Kit (+). The Add KAV group dialog box will appear on your screen (see Figure 29). Figure 29. Adding a group 3. Enter the new group name in the Name text field. 4. Click OK. 6.2. Adding servers You can add servers directly to the logical network as well as to the groups of any nesting level. Each group must have at least one server. To add a server, follow these steps: 1.
PAGE 47
Configuring a logical network Figure 30. Adding a server 5. Click OK. 6. If the server is password protected for network access and you did not enter the password or entered a wrong password, the Password to access object via network dialog box will appear on your screen (see Figure 31). Figure 31. Entering the password to access a server via network 7. Enter the password in the Password field. After this, the server will be added to your logical network.
PAGE 48
Kaspersky Administration Kit chapter we assume that the required software has already been installed on ® computers. Keep in mind that Kaspersky Administration Kit allows the ® administrator to install Kaspersky Anti-Virus on workstations (including those computers that are supposed to be used as workstations) from the administrating station. For details of the remote installation procedure (deployment) see subchapter 6.4 on page 50. To add a workstation to a server, follow these steps: 1.
PAGE 49
Configuring a logical network Note that workstations appear in the list not immediately after you have installed the Kaspersky Anti-Virus® package on them. It may take more time, approximately three minutes. Now you can exclude the workstations already added to the logiExclude adcal network from the list. To do this, check the dresses already added to KAV Network check box. If you want to add workstations by their IP addresses, check the Add by IP address check box.
PAGE 50
Kaspersky Administration Kit 4. If the workstation to be added is password protected for network access, enter the password in the Password field. If you are adding more than one workstation, the program will try to use this password for all the workstations to be added. (The next step allows you to define a separate password for every workstation to be added.) Click OK. 5. If the network password of the workstation (see subchapter 6.
PAGE 51
Configuring a logical network 51 6.4.1. Uploading the software to the program storage. Customizing the programs to be installed Kaspersky AV Server uses a special folder, the so-called program storage, to store copies of installation files for software to be remotely installed on workstations. The location of the program storage is defined during the installation of Kaspersky AV Server (see subchapter 3.1 on page 20).
PAGE 52
Kaspersky Administration Kit Figure 35. The product upload wizard box 4. The installation file to be uploaded to the server must contain a special file with the product description (the file extension is .kpd). Click the button at the right of the KAV Product description file path field and select the required file in the MS Windows standard dialog box. 5.
PAGE 53
Configuring a logical network 8. 53 After the files are copied, the upload finished box will appear on your screen. To view the operation report, click the Details button. To finish uploading the program to the storage and exit the dialog box, click the Finish button. The name of the product copied into the storage will appear in the Contents of Program storage list (see Figure 36). Figure 36.
PAGE 54
Kaspersky Administration Kit Figure 37. Defining deployment settings First, you must select one of the appropriate installation methods: • Computer based deployment • Login script based deployment The first installation method provides more advanced features for the product installation but it can be used only if both the server and the target workstation are operating under the MS Windows NT/2000/XP operating systems. The second installation method is more broad-based.
PAGE 55
Configuring a logical network 55 option buttons at the first level of the settings tree to select the installation mode (Install, Modify, Repair, or Remove; for details of the installation modes see subchapter 3.2 on page 27). 3. If you select the Install or Modify modes, click the corresponding joint to expand the tree branch.
PAGE 56
Kaspersky Administration Kit Figure 39. Selecting the product language 11. After the files have been copied, the information box with further instructions will appear on your screen. Click OK to close this dialog box. The program creates the PRODUCT.AVP subfolder in the destination folder and places the selected installation file and the avpdtup.exe application into this subfolder. The avpdtup.
PAGE 57
Configuring a logical network 6.4.3. Computer based deployment To start computer–computer deployment, select Computer based deployment in the upper area of the Deployment tab. Figure 40 shows the Deployment tab with the selected computer based deployment. Figure 40.
PAGE 58
Kaspersky Administration Kit 2. If you do not see the required computer in the network tree, add it manually to the tree. To manually add a computer, select the Add computer command from the shortcut menu of the Microsoft Windows Network object (see Figure 41) and enter the name of the target computer in the text field. Figure 41. Adding a computer to the network tree 3.
PAGE 59
Configuring a logical network 4. In the pane below the network tree, define the installation settings for the selected computers: ! Administrative disk share name – the shared resource of the computer whereon the installation file will be copied for further installation. By default, the hidden shared resource is C$. ! User name and Password – the name and password of a user with administrative privileges to this computer. If you skip these fields, you will be logged on under the current account.
PAGE 60
Kaspersky Administration Kit 6. Click the Deploy button. 7. The language selection dialog box will appear on your screen (see Figure 44). Select the desired language for your product in the drop-down list and click OK. Figure 44. Selecting the product language 8. The program will begin copying files to the target workstations. The copying progress will be tracked in a special dialog box (see Figure 45).
PAGE 61
Configuring a logical network Figure 46. The deployment report 6.5. Adding objects to a logical network To add new objects to your logical network, follow the same steps as during creating your logical network. Therefore, for details of how to add: • groups, refer to subchapter 6.1 on page 45; • servers, refer to subchapter 6.2 on page 46; • workstations, refer to subchapter 6.3 on page 47.
PAGE 62
Kaspersky Administration Kit 6.6. Moving and removing logical network objects You can move and remove servers, workstations, and groups from the logical network. To do this, you can use your keyboard, the program menu, toolbar buttons, and the mouse. When moving logical network objects, keep in mind these rules: • Any server can be moved to any group. • Any workstation can be moved to any server. • Any group can be moved to any group, excluding its own subgroups.
PAGE 63
Configuring a logical network 6.7. Searching for and renaming logical network objects To find an object on the logical network, follow these steps: 1. Select the Find command from the Edit menu (+) or click the button in the standard toolbar. 2. In the Find network object dialog box (see Figure 47), select the type of an object you are searching for: All, Group, Server, or Workstation. 3. Enter a string from the object name in the Object name text field. 4.
PAGE 64
Kaspersky Administration Kit To search for an object by its name, use the drop-down list in the toolbar. Enter a string from the object name in the drop-down list and press the key. To rename a logical network object, follow these steps: 1. In the network pane, select the object to be renamed. 2. Select the Rename command from the Edit menu or from the object’s shortcut menu.
PAGE 65
CHAPTER 7. CONFIGURING A LOGICAL NETWORK 7.1. General features of workstation settings 7.1.1. Copying Kaspersky Anti-Virus® settings to another workstation Kaspersky Anti-Virus® settings, including a list of tasks to be performed, can be copied from one workstation to another. To copy the Kaspersky Anti-Virus® package settings from one workstation to another, follow these steps: 1. Select the source workstation in the network pane. 2.
PAGE 66
Kaspersky Administration Kit 7.1.2. Off–line mode. Pending application of new settings The settings for a Kaspersky Anti-Virus® workstation are stored on this workstation and the supervising server. Usually these copies of settings are identical. However, the workstation can be unavailable for the administrator (e.g.
PAGE 67
Configuring a logical network 67 7.2. Alerts and e-mail notifications from workstations and servers 7.2.1. Alerts from workstations and their severity levels After you have added a server to the logical network, it is advisable that you define how the alerts will be processed. Alerts are delivered to the server from the tasks performed on the supervised workstations3.
PAGE 68
Kaspersky Administration Kit For example, the alerts Infected object found and Object deleted generated by the Kaspersky AV Scanner program contain critical information. Figure 49. Alerts generated by Kaspersky AV Scanner 7.2.2. Enabling workstations to send alerts via the supervising server To enable a workstation to send alerts via the supervising server, follow these steps: 1. Select the required workstation in the network pane. 2.
PAGE 69
Configuring a logical network 69 Figure 50. Sending alerts via the server is enabled 7.2.3. Forwarding alerts according to their severity level Further processing of alerts and their forwarding to different recipients according to their severity level is performed on the supervising server. To define the alert forwarding settings, follow these steps: 1. Select the required server in the network pane. 2. In the server property pane, switch to the Options tab and click the Alert forwarding button.
PAGE 70
Kaspersky Administration Kit Figure 51. Defining recipient addresses for alerts Figure 52. The alert-forwarding settings tree with hidden branches Figure 53. The Alerts with severity level - … branch Each Alerts with severity level - … branch allows you to define the processing method for alerts of the corresponding severity level (see Figure 53).
PAGE 71
Configuring a logical network Subject The subject of these alerts. Message The alerts text. 7.2.4. Virus outbreak alerts Detection of viruses on several workstations simultaneously or within a short period of time indicates a special type of virus threat – a network virus outbreak (in other words, we assume that a virus is proliferating throughout your local network).
PAGE 72
Kaspersky Administration Kit 7.2.4.1. Defining symptoms indicating a virus outbreak If required, expand the Parameters branch (see Figure 54). A virus outbreak is identified by the number of infected computers detected within a predefined period of time. For the situation to be identified as a virus outbreak, this number must be equal or exceed the value in the Number of virused computers within watching time period field.
PAGE 73
Configuring a logical network Figure 55. Defining mail service settings There are two methods that can be used to send e-mail messages: • MAPI (for details see subchapter 7.2.5.1 on page 73); • SMTP (for details see subchapter 7.2.5.2 on page 74). From The string that will be entered in the From field of alerts. This parameter is required when working with some SMTP servers and is used to identify the user. For details of the types of e-mail messages sent by the server, refer to subchapter 9.6.
PAGE 74
Kaspersky Administration Kit 7.2.5.2. Sending messages via SMTP To send messages via SMTP you must select the Send mail using SMTP and define the SMTP settings (see Figure 57). Figure 57. SMTP settings SMTP server address The SMTP server address. In this text field, you can enter the dotted decimal notation (e.g. 125.5.29.1), FQDN (e.g. test.mail.ru), or the computer name on the Microsoft network (e.g. test). SMTP server port The SMTP server port number. The default value is 25. 7.3.
PAGE 75
Configuring a logical network Figure 58. Remote management settings for a server The settings tree on the Options tab contains the following branches: Security The server security settings for the remote ® management of Kaspersky Anti-Virus (for details see subchapter 7.3.
PAGE 76
Kaspersky Administration Kit The Security branch of the Remote management settings tree (see Figure 59) contains the following options: Allow all addresses This option allows remote management of the server from all network computers; Allow only addresses from the list This option button allows remote management of the server only from those computers whose IP addresses are listed below (fixed IP addresses are required).
PAGE 77
Configuring a logical network 77 7.3.4. Specifics of setting remote management of workstations The remote management settings for a workstation can be defined on the Settings tab in the workstation property pane. By clicking the Remote management button, you display the remote management settings tree, which looks similar to the one described above (see Figure 61). Figure 61.
PAGE 78
Kaspersky Administration Kit 7.4. Setting automatic updating of anti-virus databases on workstations It is advisable to regularly update Kaspersky Anti-Virus® anti-virus databases on workstations. The best way to keep your computers safe is to set automatic updating of anti-virus databases from the database-update storage on a server. Update your anti-virus database on all workstations in a timely fashion to minimize the possibility of virus penetration.
PAGE 79
Configuring a logical network Return to the Schedule window and click Next (for details of how to schedule the automatic updating, refer to subchapter 7.6 on page 89). 4. In the Alerts dialog box, you can configure alerts to be sent by the task. Keep the default settings and click Next to open the User Account dialog box. 5. In the User Account dialog box, specify the user account under which the updating task will be performed and click Next. 6.
PAGE 80
Kaspersky Administration Kit Figure 63. Scheduling the task Figure 64. Adding the start time for updating For details of how to create and configure a new task, refer to the Kaspersky AV Control Centre description in the User Guide "Kaspersky ® Anti-Virus for Workstations". If the updating task already exists on the workstation, select it from the task list on the Tasks tab and click the button at the right side of the tab (or select the Properties command from the task shortcut menu).
PAGE 81
Configuring a logical network 81 Figure 65. Selecting the source for retrieving updates 7.4.2. Updating the anti-virus database storage on a server from another server on the logical network If your logical network contains more than one server, you are recommended to configure other servers to automatically retrieve the anti-virus database updates from one server. This facilitates management of your network and reduces the possibility that a server may fail to timely update its database storage.
PAGE 82
Kaspersky Administration Kit Figure 66. Logical network configuration for updating server storages 2. Select this workstation and, as described in subchapter 7.4.1 on page 78, switch to the Connection tab (see Figure 67) in the workstation property pane. Figure 67. Updating storages from a server 3. Check the Update ‘Updates Storage’ folder of KAV Server and Update ‘Bases Storage’ folder of KAV Server boxes. 4. Select the Update Kaspersky Anti-Virus® from KAV Server option.
PAGE 83
Configuring a logical network 83 To configure the S0 server to retrieve updates via the Internet, follow these steps: 1. Kaspersky AV Control Centre must be installed on the computer with the S0 server (during the installation of Kaspersky AV Server, this program is installed by default). Add it as a workstation to the logical network and attach it to the S0 server (see subchapter 6.
PAGE 84
Kaspersky Administration Kit infected files but does not delete them from their original locations. The infected files are automatically deleted from the computer only if the Delete option in the ® ® Kaspersky Anti-Virus Scanner and Kaspersky Anti-Virus Monitor settings is enabled.
PAGE 85
Configuring a logical network 7.5.3. Working with quarantined files 7.5.3.1. Working with server quarantine You can review a complete list of files quarantined on the server, add files to the quarantine, restore them from the quarantine or delete them. To review a list of files quarantined on a server, follow these steps: 1. Select the required server in the network pane. 2. In the server property pane, switch to the Storages tab. 3. Press the Quarantine button.
PAGE 86
Kaspersky Administration Kit 2. In the Exctract files from Quarantine wizard box (see Figure 71), press the button to define the target folder where the restored file will be placed. Figure 71. The file restoration wizard box 3. Check the Decrypt box. 4. Click Next>. 5. The restoration progress box will appear on your screen. When the file is restored click Finish. To delete a file from the quarantine, follow these steps: 1.
PAGE 87
Configuring a logical network 2. The file properties box will appear on your screen. The information in this box is similar to the information displayed in the table but it is arranged in a more convenient fashion (see Figure 72). Figure 72. File properties To add a file to the quarantine, follow these steps: 1. Press the button or select the Add file to quarantine command from the shortcut menu. 2.
PAGE 88
Kaspersky Administration Kit 7.5.3.2. Local quarantine To view a list of files quarantined on a workstation, follow these steps: 1. Select the required workstation in the network pane. 2. In the workstation property pane, switch to the Quarantine tab. The table listing the files quarantined in a local folder will appear on the tab (see Figure 74). The options for handling files quarantined in a local folder are similar to those described for the server quarantine.
PAGE 89
Configuring a logical network 7.6. Scheduling Kaspersky AntiVirus® components to be automatically started on workstations The task is understood as a program with predefined settings that is scheduled to start at a certain time, or upon some event, or as required by the user. The user can create, configure, delete and launch tasks on workstations.
PAGE 90
Kaspersky Administration Kit 2. The task properties window will appear on your screen. Switch to the Schedule tab (see Figure 76). Figure 76. Scheduling the task 3. Select the condition for the task is to be started. When you select the required option, you will see interface items that can be used to set advanced scheduling options (see below). 4. Define the advanced settings and click OK.
PAGE 91
Configuring a logical network ! If you select the By condition option (see Figure 78), choose ® the required Kaspersky Anti-Virus task from the If task dropdown list, and the required exit code from the Finished with exit code drop-down list. Figure 78. Scheduling a task to be started by condition ! ! If you select the Hourly option, enter the value indicating minutes of each hour (from 0 to 59) in the Minute field.
PAGE 92
Kaspersky Administration Kit Figure 80. Adding the time for a task to be started Enter the required value in the Time… field in the HH:MM format and press OK. To delete an item from the time list, select it from the list and click the button. To edit an item in the time list, select it from the list and click the button. You will see the Modify dialog box that is similar to the Add time dialog box described above.
PAGE 93
Configuring a logical network Figure 81. Scheduling a task to be started weekly Figure 82. Scheduling a task to be started monthly Check the boxes corresponding to the required dates and specify the time to the time list (for details of how to add time to the list, see above). The above figure shows a task that will be started every 1st, 11th, and 22nd days of a month at 7:30 p.m. and 1:40 a.m. (6 times per month).
PAGE 94
Kaspersky Administration Kit 7.7. Exporting, importing, and printing settings 7.7.1. Exporting and printing the logical network hierarchy You can print your logical network hierarchy or save it to a text file or to a special network configuration file. To do this, follow these steps: 1. Select the root item called KAV Network from the list of logical network objects. 2. Select one of the following commands from the Network menu: ! Export allows you to save the logical network description to a file.
PAGE 95
Configuring a logical network 95 The file created when exporting workstation settings can be used to apply these settings to a new workstation during deployment (see subchapter 6.4.1 on page 51) or to import these settings to another existing workstation.
PAGE 96
CHAPTER 8. ASSIGNING ACCESS RIGHTS TO OTHER USERS The administrator can grant / limit access of other users to the Kaspersky AntiVirus® settings on workstations (see subchapter 8.1 on page 96) and assign the subordinate administrators to logical network groups (see subchapter 8.2 on page 99). 8.1. Securing Kaspersky Anti-Virus® settings on workstations Kaspersky® Network Control Centre allows the administrator to prevent users from changing the Kaspersky Anti-Virus® settings on the supervised workstations.
PAGE 97
assigning access rights to other users Figure 83. The Settings tab in the workstation property pane Password The password needed to access the workstation settings. button. The To change the password, click the Change password dialog box will appear on your screen (see Figure 84). 1. Define the password in the New password text field. 2. Confirm the password you entered in the Confirm password text field. 3. Click OK. Figure 84.
PAGE 98
Protect resident stopping Kaspersky Administration Kit nontask If you check this box, the program will prompt for the password when someone attempts to stop non-resident tasks running on the workstation. Protect KAV Control Centre settings modification If you check this box, the program will prompt for the password when someone attempts to change the Kaspersky Anti-Virus® settings on the workstation.
PAGE 99
assigning access rights to other users 99 If an administrator tries to access the workstation settings that are being currently ® modified by another administrator, Kaspersky Network Control Centre will display the corresponding warning (see Figure 86). Figure 86. The Network object is locked message 8.2. Assigning an administrator to a group The administrator can delegate some of his or her administrative privileges to group administrators.
PAGE 100
Kaspersky Administration Kit Figure 87. Assigning an administrator to a group 5. The Change password dialog box will appear on your screen. Enter the administrator password in the corresponding field and confirm it in the field below (see Figure 88). Figure 88. Changing the password 6. Click OK. 7. If required, enter comments for the new administrator in the Comment frame on the General page (This frame is available only of you selected one group). 8. Click the Apply button.
PAGE 101
assigning access rights to other users 101 After this, inform the new group administrator about his logon name and password. Under this account, the administrator can access objects of the group(s) he or she was assigned to. If the group administrator selects the root group in the network pane, the following message will appear in the object property pane: Access denied.
PAGE 102
CHAPTER 9. MAINTAINING A LOGICAL NETWORK 9.1. Viewing network reports The most effective tool for monitoring all events on a logical network is a network report. To receive a report about all the events related to virus detection, unsuccessfully updating the anti-virus programs, or an accidental disconnection of an object from the logical network, select the Report command from the View menu. The network report window displayed by Kaspersky® Report Viewer will appear on your screen (see Figure 90).
PAGE 103
Maintaining a logical network 103 • Date– The date and time when this event occurred; • Event– The event description; • Object adress – The address of the related network object (an object where the corresponding task was performed or an object that was disconnected from the network; • Type – the type of the network object (workstation or server); • ® Components – the Kaspersky Anti-Virus task that generated this message.
PAGE 104
Kaspersky Administration Kit To produce this selection, choose the Select command from the Edit menu. The submenu displayed below will appear on your screen. Figure 91. The object selection submenu Select the Custom… command from this submenu. The Select objects by custom criteria dialog box will appear on your screen (see Figure 92). Figure 92.
PAGE 105
Maintaining a logical network 105 If you select several objects of the same type, the properties of the first object will be displayed in the object property area (see Figure 94). After you make changes or deselect objects, you will see a dialog box asking you whether the settings for the first object should be applied to the selected group. Figure 93. Selection of servers and workstations in the on-line mode Figure 94.
PAGE 106
Kaspersky Administration Kit 9.3. Viewing task performance results The results of tasks automatically executed on workstations can be viewed on the Tasks tab in the workstation property pane. A task report contains the results of the last task launch (see Figure 95). If the administrator selects a workstation that is currently switched off or unavailable, the Task tab will display information that was copied to the server when the workstation was on-line.
PAGE 107
Maintaining a logical network 9.4. If a workstation or a server are unavailable If a workstation is unavailable, it is indicated by the mark in the network pane. The off-line mode of a workstation is also indicated in the network report (see subchapter 9.1 on page 102). Kaspersky® Network Control Centre automatically detects workstations in the offline mode.
PAGE 108
Kaspersky Administration Kit To troubleshoot the network connectivity, you can test the connection with this workstation using the appropriate operating system tools, for example the Ping command. If the test results show that the computer is connected to the network, this means that Kaspersky AV Control Centre installed on this computer is corrupted.
PAGE 109
Maintaining a logical network 109 To disable the Attention flag of the selected workstation, select the Clear Attention flag command from the Object menu or press the button in the toolbar. 9.6. Receiving e-mail from workstations We recommend the administrator to check his or her mailbox and review alerts ® generated by Kaspersky Anti-Virus tasks on a regular basis. Alert messages from workstations are sent by the supervising server, which forwards them to the specified addresses.
PAGE 110
Kaspersky Administration Kit is the alert severity level; is the name of the program that forwarded this message (KAV Control Centre or KAV Server); is the name of the computer the message was sent from. 9.7. Starting tasks on workstations If the administrator wants to execute necessary tasks on a workstation, he or she can do this directly from the administrating computer. For example, the administrator is able to remotely disinfect infected files on a workstation.
PAGE 111
Maintaining a logical network 9.9. Key file installation on a workstation When you are extending your Kaspersky Anti-Virus® user license or changing the terms of the current license, the new or prolonged user rights must be confirmed by the appropriate user key file (for details of key files, see the User Guide "Kaspersky Anti-Virus® for Workstations").
PAGE 112
Kaspersky Administration Kit 4. Review information in the License, Expiration date and Comment fields to make sure that the key file you are about to install corresponds to your license. If you selected the wrong file, button and select another file, or click Cancel to click the cancel the installation. 5. Click Next to proceed. 6. The installation finished dialog box will appear on your screen. Click Finish to exit the dialog box.
PAGE 113
CHAPTER 10. ORGANIZING ADMINISTRATORS GROUP WORK 10.1. Changing administrator names and passwords Administrators must not disclose to anybody their passwords to the network configuration. If a group administrator forgets his password he or she can obtain a new one from the supervising administrator. If the logical network administrator password is lost, Kaspersky® Network Control Centre must be reinstalled and the entire logical network must be redeveloped.
PAGE 114
Kaspersky Administration Kit The appearance of the main window and the General tab in the object property pane will change depending on the objects you selected: • If a single object is selected, the object property pane will show this object’s properties (see subchapter 5.6 on page 37). • If several objects of various types are selected, only the General tab will be available in the object property pane.
PAGE 115
Organizing administrators group work 115 Figure 99. Changing the password 3. Click OK. 4. If you select one object in the network pane, enter comments in the Comment field on the General tab. If you select several objects, this field is unavailable. 5. Click the Apply button.
PAGE 116
APPENDIX A. PROGRAM MENU A.1. The Network menu Command Key combination Button in the toolbar Comments (The command to…) allows you Login + Enter the program (see subchapter 8.2 on page 99). Save + ~~Save your logical network structure onto the primary server disk (see subchapter 7.7.1 on page 94). Export – Print +~~
~~Print preview – – Preview the logical network hierarchy before printing. Print setup – – Display dialog. Exit – – Exit the program.~~
~~PAGE 117~~
Appendix A 117 A.2. The Edit menu Command Key combination Button in the toolbar Comments (The command to…) allows you Cut + Cut the selected object from the logical network. Copy + Copy the selected workstation settings (see subchapter 7.1.1 on page 94). Paste + Paste the object or the workstation settings (see subchapter 7.1.1 on page 94). Delete ~~Delete the selected object from the logical network. Rename – – Rename the selected network object.~~
~~PAGE 118~~
Kaspersky Administration Kit A.3. The View menu Command Key combination Button in the toolbar Comments (The command to…) allows you Report – Display the network report (see subchapter 9.1 on page 102). Toolbars – – Display/hide the toolbars (see subchapter 5.3 on page 35). Network bar – – Display/hide the status bar (see subchapter 0 on page 43). Information bar – – Display/hide the info bar (see subchapter 5.7 on page 42).
~~PAGE 119~~
Appendix A 119 A.4. The Object menu Command Key combination Button in the toolbar Comments (The command to…) allows you Reload object settings Update the settings. Clear "Attention" flag – Clear the Attention status for the current workstation (see subchapter 9.5 on page 108). Add group + Add a group to the logical network (see subchapter 6.1 on page 45). Add server + Add a server to the logical network (see subchapter 6.2 on page 46).
~~PAGE 120~~
Kaspersky Administration Kit A.5. The Tools menu Command Key combination Button in the toolbar Comments Ping computer… – – Use the Ping system command (see subchapter 9.4 on page 107). Options – – Define timeouts for the logical network objects (see subchapter 9.4 on page 107). (The command to…) allows you A.6. The Help menu Command Key combination Button in the toolbar Comments Contents – – Display the Help system contents (see subchapter 5.9 on page 43).
~~PAGE 121~~
APPENDIX B. THE PROGRAM TOOLBAR DIRECTORY B.1. The Standard toolbar Button Menu Key combination Comments Network | Login + Enter the program (see subchapter 8.2 on page 99). Network | Save + ~~Save your logical network structure onto the primary server disk. Network | Print +~~
~~Print the hierarchy. Edit | Cut + Cut the selected object from the logical network. Edit | Copy + Copy the selected workstation settings (see subchapter 7.1.1 on page 65).~~
~~PAGE 122~~
Button Kaspersky Administration Kit Menu Key combination Comments Edit | Find + Find an object on the logical network (see subchapter 6.7 on page 63). Help | What’s this + Use the screen tips (see subchapter 5.9 on page 43). (The button allows you to…) B.2. The Action bar Button Menu Key combinatio n Comments Edit | Select | On-line Workstations – Select all the workstations in the on-line mode from the logical network hierarchy (see subchapter 9.1 on page 102).
~~PAGE 123~~
Appendix B Button 123 Menu Key combinatio n Comments Object | Add server – Add a server to the logical network (see subchapter 6.2 on page 46). Object | Add workstation – Add a workstation to the logical network (see subchapter 6.3 on page 47). Object | Clear Attention flag – Clear the Attention status for the current workstation (see subchapter 9.5 on page 108). Object | Reload object settings Update the selected object settings.
~~PAGE 124~~
APPENDIX C. GLOSSARY group administrator A user who is authorized to manage servers and workstations constituting a group. logical network administrator The user who created the original network configuration. The logical network administrator defines the administrator’s symbolic name and the password when starting the Kaspersky® Network Control Centre program the first time. administrator The logical network administrator or a group administrator.
~~PAGE 125~~
Appendix C 125 settings tree A settings unit presenting options in the form of a tree with conventional controls as joints (buttons, drop-down lists, check-boxes and etc.). The settings tree allows you to combine the advantages of hierarchical data formatting with features of conventional control items. quarantine The directory containing infected and suspicious files in the encoded form, which reduces the risk of infection from a virus and eliminates repeated scanning.
~~PAGE 126~~
Kaspersky Administration Kit workstation settings protecting password ® A password defined by the administrator to protect the Kaspersky Anti-Virus package settings (the Kaspersky Anti-Virus® Control Centre settings) on a workstation from unauthorized changes by other users and from unauthorized termination of resident and non-resident tasks. network access password to a workstation A password protecting a workstation from unauthorized addition to the logical network.
~~PAGE 127~~
Appendix C 127 Server. Communication between the Kaspersky Anti-Virus® components on workstations and the toolkit administrating component is supported by Kaspersky Anti-Virus® Control Centre that is installed on user computers together with the ® Kaspersky Anti-Virus package. workstation A computer that is the subject of anti-virus protection. This computer must have the Kaspersky Anti-Virus® package and the Kaspersky Anti-Virus® Contol Centre program preinstalled.
~~PAGE 128~~
Kaspersky Administration Kit required components are placed into one of the server storages (program storage) and subsequently copied to the target computers. After the installation of the required software on a workstation, the workstation can be attached to the required server (i.e. added to the logical network). severity level of an alert An alert attribute that is used by the server to classify alerts delivered from the tasks on workstations.
~~PAGE 129~~
APPENDIX D. FREQUENTLY ASKED QUESTIONS Question: What Kaspersky Labs software products can be used together with Kaspersky® Administration Kit? Answer: Kaspersky Anti-Virus® for Workstation, Kaspersky Anti-Virus® for MS NT Server, Kaspersky Anti-Virus® for Firewall, Kaspersky Inspector, and Kaspersky WEB Inspector.
~~PAGE 130~~
Kaspersky Administration Kit Answer: When customizing the Kaspersky AV Scanner and Kaspersky ® AV Monitor tasks from Kaspersky Network Control Centre, you cannot: 1. define and change the scanner and monitor settings in the Expert mode. 2. observe the required local disk on a remote computer in the list of objects or using the Browse button (where available). Disks and directories can be added to the location to be scanned using the Add folder command in the shortcut menu.
~~PAGE 131~~
APPENDIX E. KASPERSKY LABS LTD. Kaspersky Labs is a privately-owned, international, anti-virus softwaredevelopment group of companies headquartered in Moscow (Russia), and representative offices in the United Kingdom, United States of America, China, France and Poland. Founded in 1997, Kaspersky Labs concentrates its efforts on the development, marketing and distribution of leading-edge information security technologies and computer software.
~~PAGE 132~~
Kaspersky Administration Kit E.1. Other Anti-Virus products Kaspersky Anti-Virus® Lite The program is the most easy-to-use Kaspersky Labs anti-virus product that is developed for protection of home computers running Windows 95/98/Me, Windows 2000/NT Workstation, Windows XP.
~~PAGE 133~~
Appendix E data transferred when using the HotSync™ utility or when data is beamed from ® other portable devices. Kaspersky Security for PDA also provides protection of data stored in pocket computers (PDAs) against unauthorized access. It supports the encrypted access to the device and encrypts all the data stored on the device and on memory cards. Kaspersky Anti-Virus® Business Optimal The package has been developed to provide full-scale data-protection for small and medium-size corporate networks.
~~PAGE 134~~
Kaspersky Administration Kit You are free to choose any of the anti-virus programs according to the operation systems and applications you use. Kaspersky® Anti-Spam Kaspersky® Anti-Spam is a cutting edge software suite designed to help organizations with small and medium size networks wage war against the onslaught of undesired e-mail (spam).
~~PAGE 135~~
APPENDIX F. LICENSE AGREEMENT NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT (“AGREEMENT”), FOR THE LICENCE OF SPECIFIED SOFTWARE (“SOFTWARE”) PRODUCED BY KASPERSKY LAB. (“KASPERSKY LAB”). IF YOU HAVE PURCHASED THIS SOFTWARE VIA INTERNET BY CLICKING THE ACCEPT BUTTON, YOU (EITHER AN INDIVIDUAL OR A SINGLE ENTITY) CONSENT TO BE BOUND BY AND BECOME A PARTY TO THIS AGREEMENT.
~~PAGE 136~~
Kaspersky Administration Kit 1.1 Use. The Software is licensed as a single product; it may not be used on more than one Client Device or by more than one user at a time, except as set forth in this Section. 1.1.1 The Software is “in use” on a Client Device when it is loaded into the temporary memory (i.e., random-access memory or RAM) or installed into the permanent memory (e.g., hard disk, CD-ROM, or other storage device) of that Client Device.
~~PAGE 137~~
Appendix F 137 Software does not exceed the use limits specified for the licence you have obtained. This licence authorises you to make or download such copies of the Documentation for each Client Device or seat that is licensed as are necessary for its lawful use, provided that each such copy contains all of the Documentation proprietary notices. 1.3 Volume Licences.
~~PAGE 138~~
(iv) Kaspersky Administration Kit “Support Services” means (a) Daily updates of antivirus databases; (b) Free software updates, including version upgrades; (c) Extended technical support via E-mail and hot phone-line provided by Vendor and/or Reseller; (d) Virus detection and curing updates in 24-hours period. 4. Ownership Rights. The Software is protected by copyright laws.
~~PAGE 139~~
Appendix F 139 (v) The warranty in (i) shall not apply if you (a) make or cause to be made any modifications to this Software without the consent of Kaspersky Lab, (b) use the Software in a manner for which it was not intended or (c) use the Software other than as permitted under this Agreement; (vi) The warranties and conditions stated in this Agreement are in lieu of all other conditions, warranties or other terms concerning the supply or purported supply of, failure to supply or delay in supplying the
~~PAGE 140~~
Kaspersky Administration Kit (iii) Subject to paragraph (i), the Kaspersky Labs liability (whether in contract, tort, restitution or otherwise) arising out of or in connection with the supply of the Software shall in no circumstances exceed a sum equal to the amount equally paid by you for the Software. 8. The construction and interpretation of this Agreement shall be governed in accordance with the laws of England and Wales.