Manualshelf

User's Manual

ManualsBrandsKaspersky Lab ManualsWhiteboard AccessoriesKaspersky Lab Kaspersky Lab Whiteboard Accessories 6
11121314151617181920
Understanding Kaspersky Administration Kit 19
In the client settings, you can check/uncheck the Keep connection checkbox to
keep or terminate the client–server connection after the above operations are
over. Permanent connection is preferred if connecting to a client is impaired for
some reasons (the client is behind a firewall, client ports cannot be opened, the
client IP address is unknown, etc.) or you need to constantly monitor the
performance of Kaspersky Lab applications.
The administrator can force synchronization to start by clicking the Force
synchronization command on the shortcut menu of the client computer
(see section 2.10.4 on page 29). In this case, the connection is initiated by the
server. To enable connection, the UDP port is opened on the client computer.
The server sends a connection query to the client’s UDP port. In response, the
server rights to connect to the client are verified (based on a digital signature),
and, if the signature is valid, the connection is established.
A second type of connection is also used to retrieve data from client computers –
update the lists of applications and tasks running on the client and refresh
application statistics.
2.3. Secure connection to the
Administration Server
Data exchange between clients and the Administration Server and connections
of the console to the Administration Server are secured by SSL protocol (Secure
Socket Layer). SSL protocol is responsible for authentication of communicating
parities, encryption of the data being transferred and preventing modification of
data during the transfer. Data integrity ensures that the data has not been
corrupted or altered in transit. An SSL-enabled connection involves
authentication of both sides of a network communication session and encryption
of data using the open key method.
2.3.1. Administration Server certificate
Administration Server certificate is used to authenticate the Administration
Console when it is connected to the Administration Server and is being
established or data is being transferred from client computers.
The Administration Server certificate is created during the installation of the
Administration Server. The certificate is stored on the Administration Server, in
the Cert folder in the installation directory.
The Administration Server certificate can be created only once, during server
installation. To restore the certificate, you must reinstall the Administration Server
and restore the lost data from the Backup (about backup options, see 6.5 on
page 77).