How it Works
Kaspersky
Loading...
ADMINISTRATION KIT 6.0
User Manual
109 pgs1.19 Mb0
User Manual
37 pgs205.77 Kb0

Kaspersky ADMINISTRATION KIT 6.0 User Manual

KASPERSKY LAB
Kaspersky® Administration Kit 6.0
Deployment Guide
KASPERSKY® ADMINISTRATION KIT 6.0
Kaspersky Lab Ltd.
Visit our website: http://www.kaspersky.com/
Revision date: February 2007.
Contents
CHAPTER 1. KASPERSKY® ADMINISTRATION KIT..................................................5
1.1. Purpose, structure and main functions.................................................................5
1.2. Software and Hardware Requirements................................................................7
1.3. Distribution kit ........................................................................................................ 9
1.4. Help desk for registered users..............................................................................9
1.5. The purpose of this document .............................................................................. 9
1.6. Conventions......................................................................................................... 10
CHAPTER 2. TYPICAL SCHEMES OF DEPLOYMENT OF ANTI-VIRUS
PROTECTION............................................................................................................ 11
2.1. Schemes of deployment of anti-virus protection on the computers within the
logical network ................................................................................................... 11
2.2. Building a centralized anti-virus protection administration system .................... 12
CHAPTER 3. INSTALLING KASPERSKY ADMINISTRATION KIT...........................14
3.1. Installing MSDE from the Kaspersky Administration Kit distribution package .. 16
3.2. Installing the Administration Server and Administration Console on Local
Host....................................................................................................................18
3.3. Removing Kaspersky Administration Kit components.......................................34
3.4. Updating the application version.........................................................................34
CHAPTER 4. INSTALLATION AND REMOVAL OF SOFTWARE ON THE
COMPUTERS ............................................................................................................36
4.1. Remote software installation...............................................................................37
4.1.1. Creating an installation package.................................................................. 38
4.1.2. Reviewing and configuring the installation package settings...................... 41
4.1.3. Creating and configuring the Network Agent installation package.............46
4.1.4. Creating and Configuring Administration Server Installation Package.......50
4.1.5. Creating a task for distribution of the installation package on the slave
Administration Servers.................................................................................. 50
4.1.6. Distribution of the installation packages within a group using network
agents............................................................................................................ 52
4 Kaspersky® Administration Kit
4.1.7. Configuring the deployment task..................................................................67
4.1.8. Deploying application to slave administration servers.................................69
4.1.9. Remote software removal............................................................................71
4.2. Deployment wizard.............................................................................................. 72
4.3. Local software installation...................................................................................76
4.3.1. Local installation of the Network Agent........................................................ 77
4.3.2. Local installation of the application administration plugin............................ 82
4.3.3. Installing applications in non-interactive mode............................................83
APPENDIX A. GLOSSARY...........................................................................................85
APPENDIX B. KASPERSKY LAB................................................................................. 92
B.1. Other Kaspersky Lab Products .......................................................................... 93
B.2. Contact Us.........................................................................................................103
APPENDIX C. LICENSE AGREEMENT ....................................................................104
CHAPTER 1. KASPERSKY®
ADMINISTRATION KIT
1.1. Purpose, structure and main functions
Kaspersky
centralized solution for most important administration tasks associated with managing the corporate network anti-virus security system base d on Kaspersky Lab’s applications included into Kaspersky Anti-Virus Business Optimal and Kaspersky Corporate Suite. Kaspersky Administration Kit supports all network configurations that use TCP/IP protocol.
Kaspersky Administration Kit is a tool for corporate network administrators an d anti-virus security officers.
The application enables the administrator to:
Deploy or remove Kaspersky Lab applications
Ensure remote centralized management of Kaspersky Lab applications
®
Administration Kit is an application that is designed to provide a
across a network connec­tion to computers within the network. This feature enables the administra­tor to copy the required set of Kaspersky Lab's application s to a selected computer and then deploy these applications on the network computers.
This feature enables the administrator to create a multi-level anti-virus protection system and manage the operation of all applications from a single administrator's workstation. This is particularly impor tant for larger companies that have a local network consisting of a large number of computers that may cover several separate buildings or offices. This fea­ture enables the administrator to:
group computers into administration groups based o n the func- tions performed by such computers and the set of applications installed on them;
configure the application settings in a c entralized way by creat­ing and applying group policies;
configure individual settings of the application for individual computers using the application settings.
manage the operation of the applications i n a centralized way by creating and running group and global tasks.
.
6 Kaspersky® Administration Kit
create individual patterns for the application's operation by creating and running tasks for a set of computers from different administration groups.
Automatically update the anti-virus database and applic ation modules on computers. This feature allows centralized updating of the anti-virus data­base for all installed Kaspersky Lab's applications without accessing the Kaspersky Lab's internet updates server for each individual update. The updating can be performed automatically according to the schedule set up by the administrator. The administrator can monitor the installation of the updates on the client computers.
Receive reports using a dedicated system
. This feature allows centralized collection of statistical information about the operation of all installed Kaspersky Lab's applications, monitoring the correctness of the operation of these applications and creating reports based on the information ob­tained. The administrator can create a cumulative net work report about the operation of an application or reports about the opera tion of applica­tion installed on each computer.
Use events notification system. Mail notification sending system
. This fea­ture allows the administrator to create a list of events in the operation of the applications about which he or she will receive notifications. The list of such event may, for example, include detection of a new virus or an error that occurred when attempting to update the anti-virus database on a computer, detection of a new computer in the network.
Perform license management
. This capability supports centralized instal­lation of license keys for all installed enterprise applicati ons, tracking of compliance with the license agreement (number of lic enses should corre­spond to number of running applications) and license agreement expira­tion date.
Cooperate with Cisco Network Admission Control (NAC). This functional­ity provides a mapping between host antivirus protection cond itions and Cisco NAC statuses.
Kaspersky Administration Kit application consists of three main components:
Administration server performs the function of centralized storage of in- formation about Kaspersky Lab's applications installed in the corporate network and about managing such applications.
Network Agent coordinates the interaction between the Administration Server and Kaspersky Lab's applications installed on a specific network node (a workstation or a server). This component supports all Windows­applications included in the Kaspersky Lab Business Optimal and
Kaspersky® Administration Kit 7
Kaspersky Corporate Suites. Separate versions of Administration Agent exist for Kaspersky Lab Novell and UNIX applications.
Administration Console provides a user interface to the administration services of the Administration Server and Network Agent. The manage­ment module is implemented as the extension of the Microsoft Manage­ment Console (MMC).
1.2. Software and Hardware Requirements
Administration Server
Software requirements
Microsoft Data Access Components (MDAC) version 2.8 and
above
MSDE 2000 SP 3 or MS SQL Server 2000 SP 31 or higher or MySQL version 5.0.22 (default code page UTF-8) or MS SQL 2-
-5 or higher or MS SQL 2005 Express or higher;
Microsoft Windows 2000 SP 1 or higher; Microsoft Windows XP Professional SP 1 or higher; Microsoft Windows XP Profes­sional x64 and higher, Microsoft Windows Server 2003 or higher; Microsoft Windows Server 2003x64 or higher Microsoft Windows NT4 SP 6a or higher, Microsoft Windows Vista, Mi­crosoft Windows Vista x64..
Hardware requirements:
Intel Pentium III processor, 800 MHz or faster
128 MB RAM
400 MB available space on hard drive
Administration Console
1
You can install MSDE from the package included in the Kaspersky Administration Kit
distribution package.
8 Kaspersky® Administration Kit
Software requirements:
Microsoft Windows 2000 SP 1 or higher; Microsoft Windows XP
Professional SP 1 or higher; Microsoft Windows XP Profes­sional x64 and higher, Microsoft Windows Server 2003 or higher; Microsoft Windows Server 2003x64 or higher Microsoft Windows NT4 SP 6a or higher, Microsoft Windows Vista, Mi­crosoft Windows Vista x64;
Microsoft Management Console version 1.2 or higher
When running under Microsoft Windows NT4 you need Mi cro-
soft Internet Explorer 6.0 installed.
Hardware requirements:
Intel Pentium II processor, 400 MHz or faster
At least 64 MB RAM
10 MB of available hard drive space
Network Agent
Software requirements:
For Windows systems:
Microsoft Windows 98; Microsoft Windows ME; Microsoft Win-
dows 2000 SP 1 or higher; Microsoft Windows NT4 SP 6a or higher; Microsoft Windows XP Professional x64 or higher, Mi­crosoft Windows XP Professional SP 1 or higher, and Windows Server 2003 or higher; Microsoft Windows Server 2003 x64 or higher, Microsoft Windows Vista, Microsoft Windows Vista x64;
For Novell systems:
Novell NetWare 6 SP or higher; Novell NetWare 6.5 SP3 or
higher
Hardware requirements:
For Windows systems:
o Intel Pentium processor, 233 MHz or faster o 32 MB RAM o 10 MB available space on hard drive
For Novell systems:
o Intel Pentium processor, 233 MHz or better o 12 MB RAM
Kaspersky® Administration Kit 9
o 32 MB free (available) space on hard drive
1.3. Distribution kit
This software product is supplied free-of-charge with any Kaspersky Lab's application included into the package of Kaspersky Anti-V irus Business Optimal and Kaspersky Corporate Suite (retail box version) and also available for download from Kaspersky Lab's corporate website at www.kaspersky.com
.
1.4. Help desk for registered users
Kaspersky Lab offers a large service package, enabling its legal users to enjoy all available features of Kaspersky Lab's products.
Once you purchase a license for any Kaspersky Lab's product included into Kaspersky Anti-Virus Business Optimal or Kaspersky Corporate Suite, you become a registered user of Kaspersky Administration Kit. After this you will receive the following services during the term of your license:
New versions of the anti-virus software application;
Consultations on matters related to the installation, configuration, and op-
eration of the anti-virus application by phone or based on requests sent using a web form;
When sending a request to the Technical support service, make sure you specify information about the license for Kaspersky Lab's application used in conjunction with Kaspersky Administration Kit.
Information about new Kaspersky Lab applications and about ne w com­puter viruses (for those who subscribe to the Kaspersky Lab newsletter).
Kaspersky Lab does not provide information related to operation and use of your operating system or various other technologies.
1.5. The purpose of this document
This Guide contains a description of the installation of K aspersky Administration Kit and remote installation of applications within a computer net work of simple configuration.
General concepts and application operation scheme are provided in the Kaspersky Administration Kit Administrator's Guide; step-by-step description of
10 Kaspersky® Administration Kit
actions when using the application is provided in the Kaspersky Administratio n Kit Reference Book.
In order to review questions that our users often ask Kaspersky Lab' s support specialists visit our website and follow the Services ÆKnowledge base link. This section contains information about installation, configurat ion and functioning of Kaspersky Lab's applications and about removal of most commonly spread viruses and disinfection of infected files.
1.6. Conventions
Various formatting features and icons are used throughout this document depending on the purpose and the meaning of the te xt. The table belo w lists the conventions used in the text.
Convention Meaning
Bold font
Note
Attention
To perform an action:
1. Step 1.
2. …
[modifier] – modifier name.
Information messages and command line text
Menu titles, commands, window titles, dialog elements, etc.
Additional information, notes.
Information you should pay special attention to.
Description of the successive user's steps and possible actions
Command line modifier
Text of configuration files, information messages and command line
CHAPTER 2. TYPICAL
SCHEMES OF DEPLOYMENT OF ANTI-VIRUS PROTECTION
2.1. Schemes of deployment of anti­virus protection on the computers within the logical network
There are two common scenarios that show how you can deplo y reliable anti­virus protection using Kaspersky Administration Kit:
You can remotely install applications on client computers across the logi­cal network from a single workstation. The installation and connection to the remote management system proceed automatically, requirin g no in­teraction from the administrator and allowing to install the anti-virus soft­ware on any number of client computers.
You can locally install applications o n every networked computer. In this case, all required components and the administrator workstation are manually installed. Connection settings are set during the installation of the Network Agent. This deployment scenario is used only if centraliz ed deployment is impossible.
Remote installation can be used for installation of any applications selected by the user. However, bear in mind that Kaspersky Administration Kit supports administration of only Kaspersky Lab's application the distribution package of which includes a specialized component - the application administration plu gin.
12 Kaspersky® Administration Kit
2.2. Building a centralized anti-virus protection administration system
The first step to building a system of centralized managem ent over an enterprise network through Kaspersky Administration Kit is to design a logical network. At this stage, you should make the following decisions:
1. Select isolated sections within the network and determine the number of Administration servers that must be installed. The use of hierarchy of administration servers will allow to considerably decrease the load on the communication channels and increase the system reliability.
2. Which computers in the corporate network structure will function as the main Administration server, the slave servers administrator servers, administrator's workstations, and client computers. Note that all computers on which Kaspersky Lab applications are installed will act as client computers.
3. Which criteria will be used to organize client computers in groups? What will be the group hierarchy?
4. Which deployment scenario will be used: remote or local installation?
During the next stage, the administrator has to build a logical net work, i.e., install the following Kaspersky Administration Kit components on net worked computers, namely:
1. Install the Administration Servers on computers within the corporate network.
2. Install the Administration Console on computers from which the administration will be provided.
3. Make decision regarding assigning of the logical network administrators, determine which other user categories will interact with the system and assign a list of functions to be performed to each category.
4. Create lists of users and grant to each group access rights required to perform functions assigned to this group and related to access rights.
Typical Schemes of Deployment of anti-virus protection 13
After this, it is required to create a hierarchy of the Administration servers and for each Server create a logical network structure as follows: create a hierar chy of the administration groups and distribute computers among the corresponding groups.
During the next stage, you should install the Network Agent and selected Kaspersky Lab applications on client computers and install the corresponding administration plugins on the administrator workstation.
If you use the remote installation option, the Network agent may be installed together with any application, in this case no separate installation of the Ne twork agent is required.
During the final step, you should configure the installed ap plications by a ssigning and applying group policies and creating tasks.
Using the Quick Start Wizard, the administrator can easily build an anti-virus protection system for his/her network and perform minimum configuration. Briefly configuring the anti-virus protection system means creating a logical network identical to the domain structure of the Windows network and the anti-virus protection system based on versions 5.0 and 6.0 of Kaspersky Anti-Virus for Windows Workstations.
CHAPTER 3. INSTALLING
KASPERSKY ADMINISTRATION KIT
Before starting the installation, make sure that the computer meets the so ftware and hardware requirements to the Administration Server and the Administrator's workstation (see section 1.3 on page 9).
MSDE (Microsoft Data Engine), MySQL server or Microsoft SQL server is used to store the Administration Server information. If no MSDE or SQL server is installed, you have to install one of them before installing the Administration Server. In order to do it, you can use the distribution packages you have. In order to install MSDE you can also use Kaspersky Administration Kit distribution package. The MSDE installation procedure from the Kaspersky Administration Kit is discussed in detailed below (see section 3.1 on page 16).
For installation of Kaspersky Administration Kit the local administrator' s right s are required for the computer on which the installation is performed.
The setup wizard will offer you to install the application components of Kaspersk y Administration Kit (the Administration Server and Administration Console) on the computer on which the setup wizard is run. Such configuration is recommended at the initial stage of creating the centralized administration system.
All the required ports should be open on a host computer for installed applic ation components to work properly. A listing of default ports used by Kaspersky Administration Kit is given in Table 1.
Installing Kaspersky Administration Kit 15
Table 1
Port Num-
ber
Protocol Description
Host Running Administration Server
13000 TCP and
UDP
SSL protocol is used:
to receive data from clients;
to connect to update agents;
to connect to slave Administration Servers;
to receive notification of host shutdown.
13292 TCP Used for connection to mobile devices.2 14000 TCP Used:
to receive data from clients;
to connect to update agents;
to connect to slave Administration Servers.
18000 HTTP Used by Administration Server to download data
from a Cisco NAC authentication server.
Host Designated as Update Server
13000 TCP Used by clients to connect. 13001 TCP Use by client computers to connect if a host with
Administration Server is designated as update agent.
14000 TCP Used by clients to connect.
2
Mobile device is any handheld device where Kaspersky Anti-Virus 6.0 Mobile
Enterprise Edition is installed.
16 Kaspersky® Administration Kit
Port Num-
ber
14001 TCP Use by client computers to connect if a host with
Client Running Administration Agent
15000 UDP Use to receive requests to connect to Administra-
Protocol Description
Administration Server is designated as update agent.
tion Server.
3.1. Installing MSDE from the Kaspersky Administration Kit distribution package
Before installing MSDE you must install Microsoft Data Access Components (MDAC) 2.8 or higher (the distribution package is available Microsoft website).
Installation of MSDE from the Kaspersky Administration Kit distribution package to a computer is performed locally.
To install MSDE:
1. Run the executable file in the MSDE2KSP3 directory on the Kaspersky Administration Kit 5.0 installation CD. The installation wizard will then suggest that you configure settings and run the application. Follow the setup wizard’s instructions.
2. First steps are common and include unpack ing required files from the distribution package and copying them to the hard drive of your computer, verification of the required software, accepting the license agreement and providing information about the user and the company.
3. Then define the following in the Installation folder dialog box:
in the Application modules field - the folder for installation of the MSDE application files. The default folder is: <Disk:\Program Files\Microsoft SQL Server. If this folder does not exist, it will be created automatically.
Installing Kaspersky Administration Kit 17
in the Database field - a folder that will be used to store the MSDE server database. The default folder is also <Disk:\Program Files\Microsoft SQL Server.
To select the folders use the Browse button.
4. After this, in the SQL server name dialog box (see Figure Figure
1) specify the name that will be assigned to this server. By default the name is not created and to address the server the name of the computer on which the server is installed will be used. If you wish to assign a different name, uncheck the By default box and enter a new name in the SQL server name.
After you have configured the settings, you can review them and start the installation. Once the installation is successfully completed, MSDE will be installed on your computer.
Figure 1. Selecting the server name
18 Kaspersky® Administration Kit
3.2.
Installing the Administration
Server and Administration Console on Local Host
This section describes a local installation of Administration Server and/or Console. If there is even a single Administration Server running on a network, additional servers may be installed using forced installation under the remote installation task. When creating the task, use an Administration Server installation package
To install the Administration Server and / or the Administration Console on local host,
1. Run the setup.exe file in installation CD. The installation wizard will then suggest that you configure settings Follow the setup wizard’s instructions.
2. First, the wizard will unpack required files from the distribution package and copy them to the hard drive of your computer, offer yo u to accept th e license agreement and provide information about the user and the company.
3. Then define the folder to be used to install the components. The default folder is: <Disk:\Program Files\Kaspersky Lab\Kaspersky Administration Kit. If this folder does not exist, it will be created automatically. To change the folder, use the Browse button.
4. After this, select Kaspersky Administration Kit components that you wish to install (see Figure 2):
Administration Server. Under this option, it can be specified whether standard Kaspersky Lab components to integrate with Cisco NAC are to be installed. If installation is required, check Kaspersky Lab Posture Validation Server for Cisco NAC. Parameters for cooperation with Cisco NAC may be configured under properties or Administration Server policies (cf. Kaspersky Administration Server Reference Guide).
Administration Console.
Network Agent
Installing Kaspersky Administration Kit 19
Figure 2. Selecting components for installation
You can select either all components or the Administratio n Console only. You cannot select installation of the Administration Server without installation of the Console. The default option is to install all components.
A server version of the Network Agent will be installed with the Administration Server. Their joint installation is impossible using a regular version of the Network Agent. If this component is already installed on your computer, remove it and reinstall the Administration Server.
Pay attention to the information displayed in the wizard window:
in the Description field in right section - about the component selected;
in the bottom section - about the disk space required to install the se-
lected components and available disk space on the dr ive selected for the installation.
If you selected only the Administration Console, n o further steps devoted to configuring the installation settings will be required and you will switch directly to the stage where you only review these settings and start the installation.
20 Kaspersky® Administration Kit
5. If you selected installation of the Administration Server, define during the next step under which account the Administration Server will be started as a service on this computer (see Figure 3).
Figure 3. Selecting the account
You can select one of two options:
Domain User account - the Administration Server will be started under the user account included into the domain. In this case t he Administration Server will initiate all operations using the rights of this account and during the next stage you will be offered to specify the user whose account will be used.
If a Windows domains structure has been created within the cor porate network we recommend selecting the domain administrator's account in order to start the Administration Server. In the future it will allow to avoid configuring additional settings, for example, specif ying acc ount of a us er who is granted with the domain administrator's rights when creating a deployment (remote installation) task (see section 0 on page 54).
Local System account - the Administration Server will be started under the System account with all rights granted to this account. In this case you do not select a user account and will switch directly to the stage where you will have to specify the recourse to store the Administration Server's information database .
Installing Kaspersky Administration Kit 21
For the correct operation of Kaspersky Administration Kit it is mandatory that the account used to start the Administration Server is granted the rights of the administrator for the resource used to store the Administra­tion Server's information database.
6. If you selected a domain's user account to start the Administration Server under, you will be offered to specify such user.
In order to do it, in the User name field in the wizard window (see Figure
4) select the user name using the Browse… button or enter this name manually out of names registered within the current domain. After this, enter the password used to register the user in the domain.
Figure 4. Selecting user
If you selected a user who does not have the domain administrator's rights, the Administration Server will be launched under his account, however the functionality of Kaspersky Administration Kit will be somewhat restricted. For example, it may not have the rights required to execute a deployment task using a launch scenario (see section 0 on page 54) and polling some domains of the Windows network.
For the correct operation of the Administration server, the account used to launch it must have the following rights:
Log on as a service;
Act as part of the operating system;
Access this computer from the network;
22 Kaspersky® Administration Kit
Replace a process level token;
Increase quotas/ Adjust memory quotas for a process.
If the user you selected is a domain administrator, but it does not have the rights listed above, such rights will be granted to this user (see Figure 5).
Figure 5. Message about rights granted to the user.
7. During the next stage you will be offered to define resourse Microsoft SQL server (MSDE) or MySQL (see Figure 6), that will be used to store the Administration Server information database.
Figure 6. Selecting the database
8. If during the previous stage you selecte d MSDE or Microsoft SQL server and you are planning to use a server installed within the corporate networ k t o wo r k wi t h K a sp e r s k y A dm in i stration Kit, indicate such server's
Installing Kaspersky Administration Kit 23
name in the SQL server name and specify the name of the database that will be created to store the Administration Server data in the SQL
server database name (see Figure 7). The default database name is KAV.
Value (local) will be automaticall y assigned to the Server name field if an SQL server is detected on the computer from which Kaspersky Administration Kist is being installed. To display the list of all Microsoft SQL servers installed in the network, press the Browse… button.
If the Administration Server will be started under the local administrator's account or under the system account, the Browse button will not be available.
Figure 7. Selecting SQL server
If during the previous stage MySQL server was selected, specify in this window (see Figure 8) its name in the MySQL server name field (by default IP address of the computer onto which Kaspersky Administration Kit is being installed will be used) and specify port to be used for connection in the Port field (the default port is 3306). In the MySQL server database name field specify the database name that will be created to store the Administration Server data (by default the database will be created under name KAV).
24 Kaspersky® Administration Kit
If during the previous stage MySQL server was selected, specify in this window
Figure 8. Selecting MySQL server
If there are no SQL servers in the network and you cannot use them, yo u have to install one (see section 3.1 on page 16).
If you wish to install an SQL server on the computer from which you are installing Kaspersky Administration Kit, you have to abort the installation and restart it after you have installed the SQL server.
If you install Kaspersky Administration Kit onto a remote computer, it is not required to interrupt the Kaspersky Administration Kit installation wizard. Install the SQL server and return to the Kaspersky Administration Kit installation.
9. During this step you have to define the authentication m ode to be used b y the Administration Server to connect to the SQL server.
For MSDE or Microsoft SQL server you can select of the following two options (see Figure 9).
Microsoft Windows Authentication Mode - in this case the account used to start the Administration server will be used t o verify the rights;
Installing Kaspersky Administration Kit 25
SQL Server Authentication Mode - if you select this option, the account specified below will be used to verify the rig hts. Fill in the Account, Password and Confirm password fields.
If Administration Server Database is on another computer, you need to choose SQL server authentication mode when installing or updating an Administration Server.
Figure 9. SQL server authentication mode
For MySQL server indicate the account and the password (see Figure
10).
26 Kaspersky® Administration Kit
Figure 10. MySQL server authentication mode
10. After this (see Figure 11), specify the location to store the shared folder that will be used:
to store files required for remote installation of applications (files will be copied to the Administration Servers when installation packages are created);
to store the updates copied from the updates source to the Administration server.
This resource will be public to all users for reading only.
Installing Kaspersky Administration Kit 27
Figure 11. Creating a shared folder
You can select one of the following two options:
Create new shared folder - to create a new folder; you will have to specify path to the folder in the field below.
Select existing shared folder - in order to select a shared folder from the list of existing shared folders.
A public shared folder can be stored either locall y, on the computer from which the installation is performed or remotely, on any of the computers included into the corporate network. A shared folder can be specifi ed bot h using the Browse button, and manually by entering a UNC path (for example, \\server\KLShare
) in the appropriate field.
By default a local folder KLShare will be created in the folder specified for installation of the Kaspersky Administration Kit application components.
11. Use the next wizard dialog to specify Administratio n Server address (cf. Figure 13) by setting:
DNS name. This option is used when there is a DNS serve r on the network which clients can use to obtain Administration Server address.
28 Kaspersky® Administration Kit
NetBIOS name. This option is used where clients obtain Administration Server address through the NetBIOS protocol or if there is a WINS server on the network.
IP address. This option is used where the Administration Server has a static IP address which will not subsequently change .
If required, check Allow NetBIOS Name Service in Kaspersky Antivirus 6.0 Anti-Hacker. This will open UDP port 137 in Kaspersky Antivirus 6.0 Anti-Hacker installed on the host. This port is used to obtain Administration Server IP address.
Figure 12. Administration Server Address
12. After this configure settings to be used for connection to the Administration Server (see Figure 13);
port number t hat will be used to connect to the Administration Server. By default port 14000 will be used. If it has been assigned, you can change it.
SSL port number that will be used for secure connection to the Administration Server u sing SSL protocol. By default port 13000 port is used.
Installing Kaspersky Administration Kit 29
If the Administration Server is running Microsoft Windows XP SP 2, then the in-built firewall will block TCP port under numbers 13000 and 14000. Therefore, in order to ensure access, these ports must be opened manually on the host running the Administration Server.
Figure 13. Settings used to connect to the Administration Server
13. In this wizard window (see F igure 14), indicate the method for creation the certificate to be used for authentication of the Administration Server being installed.
Two options are provided:
Create new certificate - select this option if you are installing a new Administration Server. Save a backup copy of the certificate so that later, if required, it would be easier for you to restore the date and structure of the logical network of this Server. In order to do it, check the Create a backup copy of the certificate box.
Restore certificate - select this option if you are restoring the Administration server with no backup copy available. In this case you can restore the data and the structure of the logical network of the previous Administration Server.
30 Kaspersky® Administration Kit
Figure 14. Selecting the method to be used to receive the Administration Server certificate
14. If during the previous stage you selected creation of a new certificate and saving its backup copy, specify the following in the corresponding window (see Figure 15):
folder for saving the backup copy of the certificate file;
password that will be use for encryption when creati ng a new
certificate and its decryption during its restoration from a backup copy;
password confirmation.
In order to be able to restore the data of the Administration Server later, you must save the Server's certificate.
When restoring the certificate you must enter the same pass­word that was used for backup copying. If you enter an incor­rect password, the certificate will not be restored.
Loading...
+ 79 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use