Kaspersky Lab Integration with Microsoft Operations Manager

KASPERSKY LAB
Integration with Microsoft Operations Manager
ADMINISTRATOR GUIDE
INTEGRATION WITH MICROSOFT OPERATIONS
MANAGER
Administrator Guide
http://www.kaspersky.com
Revision date: November 2006
Table of Contents
CHAPTER 1. INTRODUCTION ...................................................................................... 4
CHAPTER 2. INSTALLING AND UNINSTALLING THE MANAGEMENT PACK........ 5
1.1. Installing the management pack ........................................................................... 5
1.2. Uninstalling the management pack ...................................................................... 6
CHAPTER 3. VIEWING EVENTS IN OPERATOR CONSOLE .................................... 8
CHAPTER 4. E-MAIL NOTIFICATIONS......................................................................... 9
APPENDIX A. KASPERSKY LAB................................................................................. 10
A.1. Other Kaspersky Lab Products .......................................................................... 11
A.2. Contact Us........................................................................................................... 19
APPENDIX B. LICENSE AGREEMENT....................................................................... 20
Chapter 1. Introduction
Some Kaspersky Lab products have the capability of integrating with Microsoft Operations Manager through a special management pack that enables you to:
Automatically detect computers on the business's network that have a manageable Kaspersky Lab application installed.
Gather information on operation of the program managed on each computer, output to the Microsoft Operations Manager console, or send e-mail notifications with a description of events that occur in program operation and recommendations for eliminating the errors.
Chapter 2. Installing and
uninstalling the management pack
This section covers installation and uninstallation of management packs for Kaspersky Lab products through Microsoft Operations Manager.
1.1. Installing the management pack
To integrate with Microsoft Operations Manager, take the following steps:
1. Deploy Microsoft Operations Manager in the network (for more details,
see the documentation for that application).
2. Copy the management pack file with the extension *.akm to the
computer from which Microsoft Operations Manager will be used by the administrator.
3. Open Microsoft Operations Manager Administrator Console. To do so
run the command Start \ Programs \ Microsoft Operations Manager \ Administrator Console.
4. Install the new management pack. To do so, select Microsoft
Operations Manager/ Management Packs from the administrator's console tree and use the command Import/Export Management Pack on the context menu.
The Management Pack Import/Export Wizard will then start. Follow its instructions. To import the management pack for Kaspersky Security specify the path to the pack file with the extension *.akm.
5. To distribute the management pack to all computers where Microsoft
Operations Manager is deployed, we recommend running a synchronization procedure. To do so, select Microsoft Operations
Manager/ Management Packs from the console tree and use the Commit Configuration Change command on the context menu. The
synchronization procedure may take some time.
6 Integration with Microsoft Operations Manager
Once the management pack is integrated with Microsoft Operations Manager, the pack requires no further configuration (except for e-mail notifications configuration, for details see Chapter 4 on page 9).
1.2. Uninstalling the management pack
To uninstall the management pack, take the following steps:
1. Open the Microsoft Operations Manager Operator Console using the
Start \ Programs \ Microsoft Operations Manager \ Operator Console command.
In the Operator Console, select All: Public Views/ Kaspersky Lab, and using the Delete command from the context menu, delete the folder in it with the name of the Kaspersky Lab application managed, with all nested objects.
If the Kaspersky Lab folder does not contain any other items, you can delete it as well.
2. Open the Microsoft Operations Manager Administrator Console. To do
so run the Start \ Programs \ Microsoft Operations Manager \ Administrator Console command. Take the following steps:
delete the group of rules for the Kaspersky Lab application managed with all the nested subgroups of rules from the node
Microsoft Operations Manager/ Management Packs/ Rule Groups/ Kaspersky Lab.
If the error "This rule group may not be deleted because one or more rules in the group is associated with an alert" occurs, you
must wait, until all obsolete data is deleted from the Microsoft Operations Manager database. You can speed this up by changing the interval for cleaning the database on the
Database Grooming tab that opens when you select Global Settings from the context menu under Microsoft Operations Manager/ Administration/ Global Settings.
delete all groups with the name of the Kaspersky Lab managed program from the Microsoft Operations Manager / Management Packs / Computer Groups node;
Installing and uninstalling the management pack 7
delete all attributes with the name of the Kaspersky Lab managed program from the Microsoft Operations Manager / Management Packs / Computer Attributes node.
Note that some attributes can be used simultaneously by management packs for several Kaspersky Lab programs. For example, the Kaspersky Anti-Spam Service for Microsoft Exchange Server and Kaspersky Anti-Virus Service for Microsoft Exchange Server attributes are used by the applications Kaspersky Security for Microsoft Exchange Server and Kaspersky Anti-Virus for Microsoft Exchange Server. Before deleting attributes, be sure that they are not being used by other management packs.
delete the KAV Administrators group from the node Microsoft Operations Manager / Management Packs / Notifications / Notifications Group, provided it is not used by any other
Kaspersky Lab management packs;
delete the script Kaspersky Lab: Service Monitoring from the node Microsoft Operations Manager / Management Packs / Scripts, provided it is not used by any other Kaspersky Lab management packs.
3. To distribute the changes to computers where Microsoft Operations Manager is deployed, run a synchronization procedure. To do so, select Microsoft Operations Manager/ Management Packs from the administrator's console tree and use the Commit Configuration Change command from the context menu. The synchronization procedure may take some time.
Chapter 3. Viewing events in
operator console
To work with the management pack via Microsoft Operations Manager, take the following steps:
1. Open Microsoft Operations Manager. To do so use the command Start \ Programs \ Microsoft Operations Manager \ Operator Console.
2. In the console tree, select Kaspersky Lab and the folder with the name of the Kaspersky Lab managed program contained in it. This folder contains the following objects:
Computers: information on network computers with the
Kaspersky Lab managed program installed.
Warnings: information on important or security-critical events in
the operation of the Kaspersky Lab managed program.
Events: information about all important events that occur in
program operation.
Status: information on the status of computers in the group with
the name of the Kaspersky Lab managed program.
When you select an object from a folder in the right-hand part of the window, a list of information will be displayed for that object.
Loading...
+ 17 hidden pages