Kaspersky Lab KASPERSKY ANTI-VIRUS-ADMINISTRATION KIT 5.0 REFERENCE BOOK

KASPERSKY LAB

Kaspersky® Administration Kit

version 5.0

Reference Book

KASPERSKY® ADMINISTRATION KIT

VERSION 5.0

Reference Book

Visit our website: http://www.kaspersky.com/

Revision date: December, 2005

Contents

CHAPTER 1. KASPERSKY® ADMINISTRATION KIT..................................................6

1.1. The purpose of the document...............................................................................8

1.2. Conventions used in this book..............................................................................8

CHAPTER 2. GETTING STARTED.............................................................................. 10

2.1. Starting the program and connecting to the administration server....................10

2.2. Granting rights to users.......................................................................................13

2.3. Viewing information about the computer network IP subnetworks....................17

2.4. Quick Start Wizard...............................................................................................21

CHAPTER 3. VIEWING, CREATING, AND CONFIGURING A LOGICAL

NETWORK................................................................................................................. 27

3.1. Viewing the logical network structure .................................................................27

3.2. Finding a computer in the logical network.......................................................... 35

3.3. Computer queries................................................................................................40

3.4. Creating, modifying, and deleting logical network groups..................................45

3.5. Adding, moving and deleting a computer from a logical network......................47

3.6. Moving a client to another logical network.......................................................... 49

3.7. Local connection of the client computer to the Administration Server............... 52

3.8. Verifying connection of the client computer to the Administration server..........54

CHAPTER 4. HIERARCHY OF ADMINISTRATION SERVERS................................ 56

4.1. Connecting a slave Administration Server to a master Server..........................56

4.2. Viewing the logical network of a slave Administration Server............................58

CHAPTER 5. INSTALLATION AND DEINSTALLATION APPLICATIONS ON

CLIENTS..................................................................................................................... 59

5.1. Viewing the installation package parameters.....................................................59

5.2. Creating installation packages............................................................................63

5.3. Configuring installation package settings for the Network Agent.......................66

5.4. Creating an application deployment task...........................................................67

5.5. Configuring the remote installation task..............................................................76

5.6. Remote software uninstallation........................................................................... 78

4 Kaspersky Administration Kit

5.7. Application Deployment Wizard.......................................................................... 79

5.8. Local installation of Network Agent..................................................................... 82

5.9. Local installation of Network Agent Console Plug-in..........................................86

5.10. Installing applications in silent mode.................................................................87

CHAPTER 6. POLICY MANAGEMENT.......................................................................88

6.1. Creating a policy for an application.....................................................................88

6.2. Viewing and modifying a policy........................................................................... 91

6.3. Activating a policy..............................................................................................100

6.4. Creating a Network Agent policy.......................................................................101

6.5. Exporting and importing policies.......................................................................103

CHAPTER 7. TASK MANAGEMENT.........................................................................105

7.1. Creating a group task........................................................................................105

7.2. Creating a global task........................................................................................114

7.3. Creating a local task..........................................................................................115

7.4. Viewing and changing task settings..................................................................117

7.5. Application start / stop task................................................................................124

7.6. Exporting and importing tasks...........................................................................126

7.7. Starting and stopping tasks............................................................................... 127

7.8. Monitoring and viewing task performance results............................................128

7.9. Deploying group tasks on slave Administration Servers..................................135

CHAPTER 8. MANAGING APPLICATION SETTINGS............................................. 136

8.1. Viewing application settings..............................................................................136

8.2. Administration Server settings.......................................................................... 140

8.3. Network Agent settings.....................................................................................150

CHAPTER 9. UPDATING THE ANTI-VIRUS DATABASE AND PROGRAM

MODULES................................................................................................................151

9.1. Creating the update task...................................................................................151

9.2. Configuring the update task..............................................................................154

9.3. Viewing update list.............................................................................................155

9.4. Automatic update deployment..........................................................................157

CHAPTER 10. WORKING WITH QUARANTINE......................................................159

CHAPTER 11. EVENTS, REPORTS AND NOTIFICATIONS...................................161

11.1. Logging and viewing events and receiving notifications................................161

Contents 5

11.2. Viewing and modifying report templates........................................................ 169

11.3. Creating a report template ..............................................................................171

11.4. Generating and viewing reports...................................................................... 173

11.5. Generating summary reports on slave Administration Servers.....................174

CHAPTER 12. MANAGING LICENSE KEYS............................................................176

12.1. Viewing information about license keys..........................................................176

12.2. Installing a new license key.............................................................................178

12.3. Creating and viewing the license key report...................................................180

CHAPTER 13. BACKUP COPYING AND RESTORATION OF THE

ADMINISTRATION SERVER DATA.......................................................................181

13.1. Backup data copying task...............................................................................181

13.2. Backup data copying utility..............................................................................184

APPENDIX A. FREQUENTLY ASKED QUESTIONS...............................................186

APPENDIX B. GLOSSARY.........................................................................................190

APPENDIX C. KASPERSKY LAB...............................................................................196

C.1. Other Kaspersky Lab Products........................................................................197

C.2. Contact Us ........................................................................................................202

APPENDIX D. LICENSE AGREEMENT ....................................................................203

CHAPTER 1. KASPERSKY®

ADMINISTRATION KIT

Kaspersky

centralized solution for most important administration tasks associated with managing the corporate network anti-virus security system base d on Kaspersky Lab’s applications included into Kaspersky Anti-Virus Business Optimal and Kaspersky Corporate Suite . Kaspersky Administration Kit supports all network configurations that use TCP/IP protocol.

Kaspersky Administration Kit is a tool for corporate network administrators an d anti-virus security officers.

The application enables the administrator to:

• Deploy Kaspersky Lab applications

• Manage licenses

• Remotely manage Kaspersky Lab applications

Administration Kit is an application that is designed to provide a

across a network connection to computers running Windows. This feature enables the administrator to copy the required set of Kaspersky Lab's applicat ions to a selected computer and then deploy these applications on the network computers.

. This feature allows to install license keys to all installed Kaspersky Lab's in a centralized way, monitor the observance of the License Agreement (that is, the conformity of the number of licenses to the number of applications operating in the network) and the expiration date.

across a network connection to computers running Windows. This feature enables the administrator to create a multi-level anti-virus protection system and manage the operation of all applications from a single administrator's workstation. This is particularly important for larger companies that have a local network consisting of a large number of computers that may cover several separate buildings or offices. This feature enables the administrator to:

• group computers into administration groups based o n the func- tions performed by such computers and the set of applications installed on them;

• configure the application settings in a centralized way by creat- ing and applying group policies;

• configure individual settings of the application for individual computers using the application settings.

• manage the operation of the applications in a centralized way by creating and running group and global tasks.

Kaspersky® Administration Kit 7

• create individual patterns for the application's operation by cre- ating and running tasks for a set of computers from different administration groups.

• Automatically update the anti-virus database and applicati on modules on computers. This features allows centralized updating of the anti-virus database for all installed Kaspersky Lab's applications without accessing the Kaspersky Lab's internet updates server for each individual update. The updating can be performed automatically according to the schedule set up by the administrator. The administrator can monitor the installation of the updates on the client computers.

• Receive report s using a de dicated system

. This feature allows centralized collection of statistical information about the operation of all installed Kaspersky Lab's applications, monitoring the correctness of the operation of these applications and creating reports based on the information obtained. The administrator can create a cumulative net work report about the operation of an application or reports about the opera tion of application installed on each computer.

• Use events notification s ystem. Mail notifica tion sending system

. This feature allows the administrator to create a list of events in the operation of the applications about which her or she will receiv e notifications. The list of such event may, for example, include detection of a ne w virus or an error that occurred when attempting to update the anti-virus database on a computer, detection of a new computer in the network.

Kaspersky Administration Kit application consists of three major components:

• Administration server performs the function of centralized storage of in- formation about Kaspersky Lab's applications installed in the corporate network and about managing such applications.

• Network Agent coordinates the interaction between the Administration Server and Kaspersky Lab's applications installed on a specific network node (a workstation or a server). This component supports all applications included in the Kaspersky Lab Business Optimal and Kaspersky Cor porate Suites.

• Administration Console provides a user interface to the administration services of the Administration Server and Network Agent. The management module is implemented as the extension of the Microsoft Management Console (MMC).

8 Kaspersky Administration Kit

1.1. The purpose of the document

This Reference Book describes the purpose of Kaspersky Administration Kit and contains a step-by-step discussion of all its functions. The basic concepts an d the general operation scheme of the application are discu ssed in the Kaspersky Administration Kit Administrator's Guide.

In order to review questions that our users often ask Kaspersky Lab' s support specialists visit our website and follow the ServicesÆ Knowledge base link. This section contains information about installation, configurat ion and functioning of Kaspersky Lab's applications and about removal of most commonly spread viruses and disinfection of infected files.

1.2. Conventions used in this book

Various formatting features and icons are used throughout this document depending on the purpose and the meaning of the te xt. The table belo w lists the conventions used in the text.

Format feature Meaning/Usage

Bold font

1. Step 1.

2. …

Note.

Attention!

In order to perform...,

Titles of menus, menu items, windows, dialog boxes and their elements, etc.

Additional information, notes

Information requiring special attention

Description of the successive user's steps and possible actions

Kaspersky® Administration Kit 9

Format feature Meaning/Usage

Task, example

Solution

[key] – modifier name

Information messages and command line text

Statement of a problem, example of the demonstration of the application's capabilities

Implementation of the task

Command line modifier

Text of configuration files, information messages and command line

CHAPTER 2. GETTING STARTED

2.1. Starting the program and connecting to the administration server

In order to start the application,

select the Kaspersky Administration Kit item in the Kaspersky Administration Kit group of the standard Run\Programs menu. This pro-

grams group is created only on the administrator's workstations at the time when the Administration Console is installed.

To connect to an Administration Server, select the Kaspersky Administration Server (<Server name>) node in the console tree.

After this, the application tries to connect to the administration server. If there are several administration servers on your network, the program will connect to the last server it connected to during the previous Kaspersky Administration Kit session. Upon the first launch of the application, it is assumed that the administration server and administration console are running on the same computer. Therefore, the program will try to detect the administration server on this computer.

If the server is not found, you will be asked to specif y the server name manually in the Logon dialog box (see Figure 1). Enter the required server name in the Server address field. You can enter the IP-address or NetBIOS name (computer name on the MS Windows network). Communications between the Administration Server and Administration Console are secured by SSL. If you want to disable the SSL protocol, uncheck the Use SSL connection checkbox. However, this might impair information security and data integrity.

To connect to the Administration Server through a port that differs from the default one, enter <Server name>:<Port number> in the Server address field.

Click the Options button to show/hide the following advanced connection settings:

Getting started 11

• Use SSL connection. Select this checkbox to transmit data be- tween the Administration Server and Administration Consol e via SSL. Unselect this box if you do not want to communicat e via SSL. However, this might impair the integrity and safety of the data transmitted.

• Use proxy server. Select this checkbox if you want to connect to the Administration Server via a proxy se rver. Enter the address for connecting to the proxy server in the Proxy server address field. Fill in the User name and Password fields if user authorization is required on that proxy server.

Figure 1. Connecting to the Administration Server

Then the Administration Console verifies user rights to connect to the Administration Server. If the connection is SSL-enabled, the Administration Console authenticates the Administration Server before verifying user rights.

If you connect to the server for the first time or the server certificate for this session differs from your local copy, a request for con necting to this server and receiving a new certificate will be displayed (see Figure 2). Select one of the following:

• I want to connect to the server and download the certificate from it – Select this option to connect to this Administration

Server and receive a new certificate.

• I want to specify the certificate file location – Select this op- tion to specify the location of the certificate file. Click Browse…

12 Kaspersky Administration Kit

to browse for the certificate file. The file has the .cer extension and is located in the Cert folder in the Kaspersky Administration Kit directory on the Administration Server. The Console will attempt to authenticate the server using the certificate you specified.

You can copy the certificate file to a shared folder or a floppy disk. This copy can be used to configure access settings.

Figure 2. Request for connecting to the Administration Server.

User rights are verified using the Windows user authentication pr ocedure. If the user is not authorized to access the Administration Server, i.e. he/she has no logical network operator (KLOperators) or administrator rights (KLAdmins), try logging on under another account (see Figure 3). In the corresponding form, specify the user account (name and password) that has a logical network operator or administrator rights.

Figure 3. Registering a user to access the Administration Server

Getting started 13

If the connection is successful, the logical network structure and settings appear in the console tree.

To disconnect from the Administration Server

select the Kaspersky Administration Server (<Server name>) node in the console tree and select the Disconnect from the Administration Server command or use the analogous shortcut menu item in the Action menu.

To connect to another Administration Server:

Select the Kaspersky Administration Server (<Server Name>) node i n console tree of the Kaspersky Administration Kit main windo w and click the Logon server option on the shortcut menu or on the Action menu. In the Logon dialog box (see Figure 1), e nter the server name (see above) and, if necessary, check the Use SSL connection checkbox to enable secure connection.

If you have no logical network operator or administrator rights for the selected network, access to the Administration Server will be denied.

If the connection to the server is successful, the contents of the Kaspersky Administration Server (<Server name>) node is refreshed.

To add a new administration server to the console tree:

Select the Kaspersky Administration Server node in the Kaspersky Administration Kit main window, open the shortcut menu, and click the New/KAV Server command (or select this command from the Action menu).

As a result, a new node named Kaspersky Administration Server (<Not connected>) will appear in the console tree. Use this no de to connect to another server installed on your Windows network.

2.2. Granting rights to users

In order to grant rights to users for working with the logical network of the Administration Server:

14 Kaspersky Administration Kit

1. Select the node that corresponds to the Administration Server you need in the main Kaspersky Administration Kit window, open the shortcut menu and select the Properties command or use the corresponding item in the Action menu.

2. Select the Security tab in the Properties: <Server name> window that will open (see Figure 4).

Figure 4. Granting rights to access the Administration Server

The top part of the tab contains the list of users registered on the computer where the Administration Console is installed. The bottom part contains the list of possible permissions:

• All.

• Reading:

o connecting to the Administration Server

Getting started 15

o viewing the logical network structure (or administration

group);

o viewing the values of application's policies, tasks, and set-

tings.

• Executing: starting and stopping existing group and global tasks.

• Writing:

o creating a logical network, adding groups and client com-

puters to this logical network (or to an administration group);

o installation of the Network Agent component to the client

computer;

o creating required installation packages for the Kaspersky

Lab's anti-virus applications and installing th em (along with licenses keys to such applications) on the client computers;

o updating the version of applications installed on the client

computers;

o creating policies, tasks for groups and individual computers,

configuring application settings;

o centralized management of applications, receiving reports

about their operation using services provided by the Administration Server, the Network Agent and the Administration Console components;

o granting to users and groups of users access rights to the

functionality of Kaspersky Administration Kit.

In order to assign rights, select the required group of users and check boxes next to the names of the permissions you wish to grant. If you wish to check all boxes, check the All box.

You can add a new group or a new user by clicking the Add button. You can add only users or groups of users that are registered on the Administration Console computer.

1. After you are done with the settings, press the Apply or the OK button.

In order to grant rights for working with an administration group:

16 Kaspersky Administration Kit

1. Select the administration group you need in the console tree, ope n

the shortcut menu and select the Properties command or use the analogous item from the Action menu.

2. Select the Security tab in the Properties: <Server name> window

that will open (see Figure xx). T his tab is similar to th e Security tab of the Administration Server settings configuration window.

Figure 5. Granting access right to an administration group

Rights for working with the logical network and all objects included into the structure of such network are configured in the Administration Server network.

In order to configure individual access rights for an administration group that are different from those specified in the Administration Server settings, uncheck the Inherit box.

1. After this configure the access rights you wish to grant to the us ers

and groups of users in the list. Right are granted the same way as for the Administration Server.

2. After you are done with the settings, press the Apply or the OK

button.

Getting started 17

2.3. Viewing information about the computer network IP subnetworks

In order to view information about the computer network, received by the Administration Server during a regular poll:

Select the Network node in the console tree.

In order to select a presentation method of the computer network while

viewing the Network folder,

select the Network node in the console tree and select a comman d from the View group in the shortcut menu:

• Domains – to displa y the structure of the computer net work as an hierarchy of folders that reflects the structure of domains and workgroups of the Windows corporate network. Each of the folders on the end level contains a list of computers of the respective domain or workgroup not included into the structur e of the logical network.

• Active Directory - to display the hierarch y of folders that cor- responds to the Active Directory structure.

• IP subnetworks – to display the computer network as IP sub- networks.

In order to create a new IP subnetwork:

1. Select the Network node in the console tree, open the sh ortcut menu and select the New/IP subnetwork command or use the analogou s item from the Action menu.

The New/IP-subnetwork command is available only when displaying the Network folder as IP-subnetworks.

2. In the New IP subnetwork window that will open (see Figure 6xx) specify values for the following settings:

• subnetwork name;

• method of description of the subnetwork and values of settings

for the method selected;

18 Kaspersky Administration Kit

Select one of the following options:

o Specify the IP subnetwork using address and the sub-

network mask; in this case you must specify the Subnetwork mask and Subnetwork address in the correspond-

ing entry fields.

o Specify IP subnetwork using the start and the end ad-

dress; after this, enter the start and the end IP addresses.

The values of the settings are specified in the decimal notation.

• a time interval after which information about an inactive com- puter will be deleted from the Administration Server database in the IP address validity period (hours).

Figure 6. Creating a new IP subnetwork

3. After you are done with configuring the settings, press the OK button.

In order modifying the IP subnetwork settings:

select the node that corresponds to the subnetwork you need in the Network folder, open the shortcut menu and select the Properties command

or use the corresponding item in the Action menu. This will open dialog window Properties: <Subnetwork name> that in-

cludes the General and IP ranges tabs. You can do the following in the General tab (see Figure 7):

Getting started 19

Figure 7. Viewing IP subnetwork settings

The General tab

• change the subnetwork's name;

• determine the whether the A dministration Server will automati-

cally move new computers added to the subnet work to include them to the structure of the logical network. In order to do this, check the Move computers into group and select the required administration group using the Select button.

• change the value of the time interval after which information about an inactive computer will be deleted from the Administration Server database - in the IP address lifetime (hours).

• permit or cancel polling of the computers in this subnetwork by the Administration Server when performing a regular polling of the computer network. If you do not want the Administration Server to poll the computers during the next poll, uncheck the Allow IP subnetwork scanning box.

You can add or delete IP ranges that define the subn etwork and change the alter their settings in the IP ranges tab (see Figure 8).

• start and end IP addresses of the range;

• subnet work mask and address .

20 Kaspersky Administration Kit

In order to add an IP range that defines the subnet work press the Add button. In the IP range window that will open (see Figure xx) specify the method of the range description and enter the values for the method selected. Select one of the following options:

• Specify the IP subnetwork using address and subnetwork mask; in this case you must specify the Subnetwork mask and Subnetwork address in the corresponding entry fields.

• Specify IP subnetwork using the start and the end IP address; after this, enter the start and the end IP addresses.

The values of the settings are specified in the decimal notation.

Figure 8. Viewing IP subnetwork settings

The IP ranges tab

Getting started 21

Figure 9. Adding an IP range

2.4. Quick Start Wizard

To create a system of centralized management of antivirus protection:

1. In the console tree of the Kaspersky Administration Kit main window, select the Kaspersky Administration Server (<Server Name>) node and open the shortcut menu for this node. Click Quick Start Wizard on the shortcut menu or on the Action menu.

2. During the first stage the polling of the computer network and identifying of computers within this network take place (see Figure

10). Based on the results of such polling, a service group Network and the structure of the Network folder is formed. The information obtained will be used for the automatic creation of the l ogical n et work. In order to view the structure of the computer network use the View the network scanning results hyperlink.

22 Kaspersky Administration Kit

Figure 10. Polling the computer network

3. At this stage you will have to specify the method for creating a logical network (see Figure 11). You can select one of the following options:

Selecting a method for creating a logical network

Figure 11. Quick Start Wizard.

Getting started 23

• I want to create logical network tree based on the Windows domain structure – Create a logical network automatically

based on the structure of Windows domains and user groups displayed in the Unassigned group folder.

If a computer is not available in the Unassigned mode when you are creating a logical network (switched off or disconnected from the network), the wizard will not add this computer to the logical network. You can add this computer later when manually configuring the logical network (see section 3.5 on page 47). Creating a logical network using the Quick Start Wizard does not disturb network integrity: new groups are added; they do not replace the existing groups. A client computer that has been already assigned to an existing group will not be added t his time because the Unassigned group displays only computers that are not included in the logical network.

• I want to create logical network tree manually – Create a logical network later.

• I want to import logical network tree from the previous version of Kaspersky Administration Kit – Use the logical net-

work structure as it existed in the previous versions of Kaspersky Administration Kit. The restored structure will be as follows: servers and administration groups will be imported as administration groups, and workstations attached to each server will be added as members of the corresponding administration group.

To restore and import the structure of the previous logical network, the application uses data stored on the main server in the configuration file ncd.dat. The file is located in a folder NCD in the Kaspersky Administration Server installation folder. If the Administration Server is now installed on the same computer where the main server was previously installed, the configuration file will be found automatically. If the Administration Server is unable to find the ncd.dat file, select it manually using the Browse button.

4. In the next wizard box ( Figure 12), configure settings for sending alerts via e-mail and NET SEND generated by Kaspersky Lab applications and specify the template for alert messages (for more details, see section 6.2 o n page 91). These settings will be used as default settings for application policies.

24 Kaspersky Administration Kit

5. In the next stage, you should configure the system of anti-virus protection (Figure 13).

Figure 12. Configuring the notifications forwarding settings

Figure 13. Quick Start Wizard.

Configuring the anti-virus protection system

Getting started 25

Quick Start Wizard creates a system of anti-virus protection for logical network clients using Kaspersky Anti-Virus 5.0 for Windo ws Workstations. In this case, the Administration Server creates a policy and defines a minimum set of tasks for the highest hierarchical level of Kaspersky Anti-Virus 5.0 for Windows Workstations. It also configures a global task of retrievin g updates for the Administration Server.

When forming a system of anti-virus protection for logical network clients using Kaspersky Anti-Virus 5.0 for Windows Workstations. The Administration Server creates the following:

• In the Policies folder of the Groups group, it creates a policy for Kaspersky Anti-Virus 5.0 for Windows Workstations. This policy is titled the Policy for Kaspersky Anti-Virus for Win- dows Workstations and has default settings.

• In the Global Tasks node of the console tree, there is a global task for updating the Administration Server. This policy is called Download updates task and has default settings.

• The task of the backup copying of data of the Administration Server in the Global Tasks node of the console tree with the

name Backup copying of Administration Server data and default settings.

• In the Tasks folder of the Groups task, the updating task for Kaspersky Anti-Virus 5.0 for Windows Workstations is created. This task is called Update task for Kaspersky Anti-Virus for Windows Workstations and has default settings.

• In the Tasks folder of the Groups group, the on-demand scan task is created for Kaspersky Anti-Virus 5.0 for Windo ws Workstations. This task is titled Full scan task and has default settings.

A policy for Kaspersky Anti-Virus 5.0 for Windows Workstations is not created if a policy for this application already exists in the Groups folder. If group tasks for the Groups group and the global updating task with these names have been already created, these tasks will not be formed at this time.

If necessary, you can customize updating options. T o do this, click the Updater settings… button and specify the required values in the dialog box that appears on your screen (for more details, see section 9.2 on page 154).

Click Next. The wizard window displays the process of creating the tasks and policy. If errors occur, you will see an error message.

26 Kaspersky Administration Kit

6. In the final window of the wizard you will be offered to launch the Deploy wizard. You can use this wizard to install the Net work Agent. If

you do not wish to install the application immediately after the Quick Start Wizard is completed, uncheck the Launch the Deploy Wizard box.

CHAPTER 3. VIEWING,

CREATING, AND CONFIGURING A LOGICAL NETWORK

3.1. Viewing the logical network structure

To view information about the structure of a group that is a part of the logical network group:

Select the desired group folder in the Groups folder. A list of objects included in this group will be displaye d in the details panel (you can als o expand the corresponding branch of the console tree).

• To view information about group policies, select the Policies folder. If policies are applied to the selected group, they will be displayed in the details panel; otherwise the details panel is empty.

• To view information about group tasks, select the Tasks folder. If tasks are defined for the selected group, they will be displayed in the details panel; otherwise the details panel is empty.

• To work with the logical network of the slave Administration Server, select the Servers folder.

• A list of clients included in the selected group is displa ye d in the details panel.

In order to view the group’s setting and settings of the interaction of the Administration Server with the client computers that are a part of the group:

select a folder with the name of the group you need in the Groups folder and then use the Properties command from the shortcut menu or from the Action menu. This will open the <Group name> Properties dialog box with two tabs: General and Computers.

28 Kaspersky Administration Kit

The General tab (Figure 14) displays the following informat ion:

Figure 14. Viewing group properties. The General tab

• Group name

• Parent group name (if there are no par ent groups for this gro up,

the value is Groups)

• Statistic information about the group structure – number of nested groups and total number of clients, including clie nts in the nested groups

• Creation date

• Date when the name or attributes of the group were last modi-

fied (if the group name and group properties have not chan ged, the value is <Unknown>)

Click Reset virus counter to reset a virus detection counter for all clients in the group.

The Computers tab (Figure 15) displays the following information:

Viewing, creating, and configuring a logical network 29

Figure 15. Viewing group properties. The Computers tab

• The New computer detected section shows what installation packages are used to remotely install Kaspersky Lab applications on the new client computers added to the group.

For the Unassigned group properties (see Figure 32), the New com- puter detected section contains the Add computer to group checkbox. If this checkbox is checked, new computers on the Windows network will be automatically included in the logical net work group specif ied in the text field below.

• The Computer activity text box shows the actions to be applied to clients not responding over a specified time interval (for example, notifying logical network administrators or removing the clients from the group).

The Computer status tab contains the criteria for the diagnostics of the status of the client computers based on the information about the status of the anti-virus protection for this computer and about the activity of the client computer in the network. Based on these conditions, the client computer will be assigned one of the statuses: Critical or Warning. If the client computer does not meet any of the above c onditions, its status will be OK.

30 Kaspersky Administration Kit

Figure 16. The Computer status tab

You can change the threshold values for some of the conditions. In order to do this, select the required condition in the Cond ition column and double-click it to open the editing window (see Figure 117).

For example, you can establish the maximum number of days during which the client computer will not connect to the Administration Server. After this period of time is elapsed, the computer will be assigned the Critical status.

If the computer status is OK, then a green icon -

will appear. If the computer status is Warning, a yellow icon - will be displayed. If the computer status is Critical, a red icon -

will be displayed.

Figure 17. The Computer status tab

+ 178 hidden pages

Kaspersky Lab KASPERSKY ANTI-VIRUS-ADMINISTRATION KIT 5.0 REFERENCE BOOK

Specifications and Main Features

Frequently Asked Questions

User Manual

1.1. The purpose of the document

1.2. Conventions used in this book

2.2. Granting rights to users

2.4. Quick Start Wizard