Kaspersky Security Center 10 deployment instructions. Installing Kaspersky Security Center. Installing Kaspersky Endpoint Security

Dear colleagues! Today I want to tell you about the Administration System of Kaspersky Anti-Virus. The thing, I can tell you, is very interesting.

With it, you can take control of all computers of your organization in terms of allowing / prohibiting the opening of sites, allowing / prohibiting the launch of programs, including in certain categories (for example, you can prohibit the launch of all browsers, except for certain ones), allow / deny connection any equipment - flash drives, hard drives etc. (for example, to prevent users from leaking information), also automate key updates for Kaspersky Anti-Virus, minimize traffic consumption when updating anti-viruses (after installing KSC and configuring anti-viruses installed on workstations on it, they will be updated from this server, and not from the Internet). To install KSC 10 version, according to the technical consultant of the Kaspersky Lab in the Volga Federal District - Pavel Alexandrov, Windows is suitable (not necessarily server) with at least 2-4 GB random access memory... Recently, the Smart Solutions company held a Practical Workshop on laptops, where your humble servant could personally get acquainted with this creation of the Kaspersky Lab. Kaspersky Security Center 10, as Pavel said, is provided free of charge for those who own a volume license for KES (Kaspersky Endpoint Security) 10. Fortunately, our colleagues are programmers / system administrators budgetary institutions Republic of Tatarstan, you do not need to buy anything - all the necessary tools are available from the GIST network at kav.tatar.ru. And also, for your convenience, colleagues, I post video tutorials kindly provided by Igor Alexandrovich, a specialist of the company NovaInTech -> Link to video tutorials on Youtube ... If after watching the video you still have any questions, I will gladly help you on Skype (lisischko).

P.S. You can make your Kaspersky Anti-Virus management server subordinate to the CIT KSC, I will not say what advantages this gives - I did not do this myself, but this is described on the website kav.tatar.ru

Note1: The list of executable files was not replenished on the server, even with the newly created Inventory task, until the checkbox was ticked in the section “Additional parameters” - “Reports and storages” - Inform the administration server “About running programs” in the Anti-Virus policy.

Note4: From time to time everything starts to freeze on computers controlled by KSC. The task manager showed that the system was loaded by the process "Kaspersky Security Center Vulnerability Assessment & Patch Management Component" (executable file vapm.exe). The analysis of the problem showed that at the time of the system's brakes, the task “Search for vulnerabilities and required updates” was being performed, transferring this task to manual start and stop solved the problem. Also, there is an option with unchecking the "launch missed tasks" checkbox in the task schedule (without transferring the launch to manual mode), but I did not try this option, in view of the decision that this function was unnecessary for us. UPD: less than half an hour after stopping the task and switching the mode of its launch to manual, as it, again, started some kind of trigger. There is no time to sort it out. Removed the task “Search for vulnerabilities and required updates”, you can always add it later.

The larger the network, the more system Administrator (or IT department) is trying to automate the management of software products. Antivirus software is no exception in this regard.

Many antivirus vendors have remote administration tools in their arsenal; today we will talk about a similar solution from Kaspersky Lab.

In general, Kaspersky Security Center is a pretty serious application that cannot be described in one article. Therefore, in this article, we will analyze only its deployment.

You can download Kaspersky Security Center. The product itself consists of a server that will need to be deployed, an administration console that can be installed on another computer for remote server administration, a web console as an alternative to the usual one, and an administration agent that is installed on client computers and is responsible for communication between the anti-virus software and the server.

The server itself needs to be deployed only on operating systemsoh windows family... Moreover, the presence of a server edition is optional. Systems from XP and higher are supported, but only in Professional / Enterprise / Ultimate editions. A complete list of supported systems can be found on the website.

In addition, the server needs MS SQL or MySQL for its work (you can also remotely). If there is no ready-made database server at hand, the installer of Kaspersky Security Center will install MS SQL Express itself, which is quite enough for most organizations.

So, to deploy the server, download and run setup file (I recommend downloading the full distribution). We have chosen a computer with an operating system as a test bench Windows Server 2012 R2.

You will see a convenient menu in which we are currently interested in the "Install Kaspersky Security Center 10" item.

After starting the installation, you will be prompted to accept the license agreement and select the type of installation. For better control over the installation process, let's note the custom installation.

If there are mobile devices on the network, you can install a separate component to manage their protection.

Indicate the size of your network. This point, however, does not carry any important determining force.

Next, the installation program will ask which user to run the Administration Server service from. You can specify an existing user with admin rights, or you can let the installer create a new one.

The next step is to choose a database server. As already mentioned, there are two options - MS SQL or MySQL. If you do not have a ready-made server, Kaspersky Security Center will carefully deploy MS SQL Express.

At this step in the installation process, you may be in for a small surprise if it is not installed on your system. NET Framework 3.5 SP 1.

In Windows Server, the .NET Framework 3.5 SP 1 is built in as a component and only needs to be enabled. If you do not have a server operating system, then you need to go to the Microsoft website and download the installer.

Let's consider the option of including the component in Windows Server. To do this, open the Server Manager and select the "Add Roles and Features" item.

A wizard will start, in which we need to indicate that we are going to install roles or components.

Add Roles and Features Wizard in Windows Server

We select our server and skip the selection of roles. In the list of components, we find Functions .NET Framework 3.5 and mark them with a tick.

Adding a Component to Windows Server

After that, let's go back to installing Kaspersky Security Center directly.

We need to select the SQL authentication mode. It can be either a separate account or a current one.

Kaspersky Security Center Server requires a shared folderthat client computers could access to get updates and installation packages. You can create new folder or specify an existing one.

We indicate the ports through which we will connect to the administration server.

We indicate the server address on the network. If the server has and will static IP address, you can limit yourself to them. Still, it is more convenient to define the server by name.

The last step before installing is choosing the required plugins. Plugins allow you to manage various anti-virus products of Kaspersky Lab. This is useful if you have a whole zoo of versions. Plugins can also be installed later additionally.

Now all that remains is to observe the installation process. Sometimes plugins require a separate license agreement.

Installation of Kaspersky Security Center is now complete.

Now let's go over the initial server setup. The administration console installed along with the server looks like this:

Administration Console of Kaspersky Security Center

The console can be installed separately. And you even need to not log into the server every time for routine actions.

Servers are listed in the left column. So far, there is only our newly created server. If you are administering several servers, then just click Add Administration Server.

So, click on the server you just created and the Wizard will start initial setup... You will be asked to activate the program with a code or key. However, this can be done later.

In addition, the wizard will ask for your consent to participate in the Kaspersky Security Network program. In fact, this is another spy on your computers that sends data to Kaspersky Lab about which resources you visit and where you catch the infection. This is motivated by the creation of a certain knowledge base. In my opinion, for the end user, the meaning of participation in such a program is questionable.

You will also be asked to indicate mailboxes for notifications from the Kaspersky Security Center server. You can skip this step.

After all these steps, the server will start downloading latest versions updates from the network. In the future, it will be possible to configure as an update source not a Kaspersky Lab server on the Internet, but an upstream server, if there are several of them on your network.

After downloading the updates and polling the network, the wizard will display a successful completion message and offer to launch the Protection Deployment Wizard on Workstations.

We will talk about deploying protection on workstations in.

The article examines the product of "Kaspersky Lab" Kaspersky Endpoint Security and its use in a corporate environment, as exemplified by our clients

Good day, dear visitor. From the title of the article, you already understood that today we will be talking about protection. In one of the previous articles, I reviewed a product related to this IT field, which showed itself well. Today I will tell you about an equally interesting product from Kaspersky Lab, whose partners we are, Kaspersky Endpoint Security. It will be reviewed in virtual environment Hyper-V, on second generation machines. The server side will be implemented on a Windows Server 2012 R2 domain controller, AD mode Windows Server 2012 R2, and the client side on Windows 8.1.

It should be noted that we constantly use this product in our IT outsourcing practice.

What is Kaspersky Endpoint Security?

In Kaspersky Endpoint Security for Windows, world-class technologies for protection against malware can be combined with Application Control, Web Control and Device Control, and data encryption - all within one application. All functionality is managed from a single console, which simplifies the deployment and administration of a wide range of Kaspersky Lab solutions.

Capabilities:

• Single application
• Single console
• Unified politicians

Kaspersky Endpoint Security for Windows is single application, including a wide range of critical protective technologies, such as:

• Anti-malware protection (including firewall and intrusion prevention system)
• Control of jobs
• Application control
• Web Control
• Device control
• Data encryption

Kaspersky Endpoint Security differs in the set of included modules containing a different number of modules depending on the edition:

• STARTING,
• STANDARD
• ADVANCED
• Kaspersky Total Security for Business

In our case, we will use ADVANCED.

The following features are available as part of Kaspersky Endpoint Security for Business STARTING:

The following features are available as part of Kaspersky Endpoint Security for Business STANDARD:

• Anti-malware, firewall and intrusion prevention
• Control of jobs
• Application control
• Web Control
• Device control

... as well as other technologies of Kaspersky Lab for IT security

The following features are available as part of Kaspersky Endpoint Security for Business ADVANCED and Kaspersky Total Security for Business:

• Anti-malware, firewall and intrusion prevention
• Control of jobs
• Application control
• Web Control
• Device control
• Encryption
  ... as well as other Kaspersky Lab technologies for IT security.

Architecture

Server part:

• Kaspersky Security Center Administration Server
• Administration Console of Kaspersky Security Center
• Kaspersky Security Center Network Agent

Client part:

• Kaspersky Endpoint Security

So let's get started

Installing the Administration Server

In our case, the administration server will be installed on the AD controller in windows mode Server 2012 R2. Let's start the installation:

I forgot to clarify, we will use Kaspersky Security Center 10. Installfull distribution downloaded from the Kaspersky Lab website, which includes the installation package for Kaspersky Endpoint Security 10, respectively, and Network Agent 10

In the next window of the wizard, select the path for unpacking the distribution kit and click "Install".

After unpacking the distribution package, we are greeted by the Kaspersky Security Center installation wizard, after clicking the "Next" button, the wizard asks "Network size", since We will have only two clients, one x86, and the other x64 bit, then we indicate "Less than 100 computers in the network."

We set the account under which the Administration Server will start. In our case, the domain administrator account.

Kaspersky Security Center stores all its data in the DBMS. During installation, the wizard prompts you to install Microsoft SQL Server 2008 R2 Express, or, if you have an already installed DBMS, you can select the name of the SQL server and the name of the database.

At the “Administration Server Address” stage, the wizard asks you to specify the server address. we have AD and DNS integrated, it would be more reasonable to specify the server name.

After selecting the plug-ins for management, installation of Kaspersky Security Center will start.

After successful installation and the first launch of Kaspersky Security Center, we are greeted by the Initial Configuration Wizard, in which we can specify the key, accept the agreement to participate in KSN, specify the email address for notifications.

The update parameters are also specified and a policy with tasks is created.

After installation, our server will be installed:

• Administration Server
• Administration Console
• Administration Agent

However, Kaspersky Endpoint Security will not be installed. Let's perform a remote installation, because Administration agent is already installed, then we can deploy Kaspersky Endpoint Security to the server. If there is no Network Agent and all incoming connections are denied in Windows Firewall, remote installation will fail. Expand the node " Remote installation"And select" Run the Remote Installation Wizard ". Select the installation package and click the "Next" button

In the "Select computers for installation" window, select the installation option for computers located in administration groups. Then select the server and click the "Next" button.

A system restart will be required after updating important modules of Kaspersky Endpoint Security. the package is new enough, no reboot is needed. In the choice of credentials, we will leave everything by default, i.e. empty. After clicking the Next button, we will see the progress of the installation of Kaspersky Endpoint Security.

Creating groups

Because Since the policies and tasks intended for servers differ from the policies and tasks of workstations, we will create groups corresponding to the type of administration for different machines. Expand the node "Managed computers" and select "Groups", click "Create a subgroup". Let's create two subgroups, "Workstations" and "Servers". From the "Managed computers - Computers" menu, using "drag and drop" or "cut & copy", move "DC" to the "Servers" group and create a policy and tasks for this group, different from the tasks and policy in the "Managed computers" node ".

Installing Kaspersky Endpoint Security

To install Kaspersky Endpoint Security remotely, you need to disable UAC during installation. The requirement is "inconvenient", so we will create a policy for Windows Firewall in the GPO, in which we will allow incoming connection according to the following predefined File and Printer Sharing rule.

After setup and distribution group policy, let's go to the administration console. Expand the "Administration Server" node and select "Install Kaspersky Anti-Virus", click "Run the Remote Installation Wizard". In the window of the installation package selection wizard, select the required package and click "Next". Select clients in the "Unassigned computers" group and click "Next".

In the next window, we will leave everything as default and click "Next". After the window with the choice of the key, the wizard offers to ask the user about restarting the system after the installation of Kaspersky Endpoint Security is completed, leave it by default and click "Next". At the step "Removing incompatible programs" you can make adjustments, of course, if necessary. Further, the wizard offers to move the client computers to one of the groups, in our case, move them to the "Workstations" group.

As we can see, the console “speaks” about the successful installation of Kaspersky Endpoint Security on client stations.

As we can see, after the installation, the Administration Server transferred the client machines according to the conditions in the remote installation task.

Kaspersky Endpoint Security on a client machine.

Let's create a policy for client stations, in which we enable "Password protection", this is necessary, for example, if the user wants to turn off the anti-virus.

Let's try to disable protection on the client machine.

Rules for moving computers

On the administration server, you can set movement rules for client computers. For example, let's create a situation in which Kaspersky Endpoint Security will be installed on a newly discovered PC. This is useful in a scenario where the organization has a new PC installed.

To automate the deployment of Kaspersky Endpoint Security, we will set the rules for moving for computers. To do this, select the "Unassigned computers" node and select the "Configure rules for moving computers to administration groups" item and create a new rule.

In the created rule, the newly discovered PC will be added to the "Workstations" group from the specified range of IP addresses.

Next, let's create a task for automatic deployment of anti-virus protection for machines on which it is not installed. To do this, select the "Workstations" group and go to the "Tasks" tab. Let's create a task for installing anti-virus protection with the "Immediate" schedule.

So, we can see that the client computer has been added to the Workstations group.

Let's go to the "Tasks" tab and see that the installation task has started.

Let me remind you that the situation was reproduced on a machine without anti-virus protection (although before that I demonstrated remote installation on one of them, after that, the antivirus was removed to demonstrate this scenario) and, as you can see, the installation takes place on a machine without anti-virus protection, a machine with anti-virus protection was not touched. After installing anti-virus protection tools, the KES policy will be applied to this client computer.

Reports

The reports in Kaspersky Endpoint Security are more than informative. For example, let's take a look at the report "About versions of Kaspersky Lab applications".

The report, in some detail, displays information about installed programs Kaspersky Lab. You can see how many agents, client solutions and servers are installed. Reports can be deleted and added. You can also view the status of anti-virus protection using the "Computer selection", which helps to conveniently sort computers with infected objects or critical events.

In conclusion, I would like to say that only a small part of the Kaspersky Lab anti-virus complex has been reviewed. Management, indeed, is convenient and intuitive. But it is worth noting the enormous workload of client systems during the search for viruses and potential threats, this workload is mainly caused by heuristic analysis, which requires quite a few resources. The product is very easy to administer and is suitable for both an AD environment and a workgroup. This product is installed by many of our customers and shows itself only from the good side.

Everything, people, peace to you!

The connection gateway is used if it is not possible to establish a direct connection with the Administration Server and the client computer. For example, the Administration Server is located in a corporate network, and the client computer is not included in it.

How to install

To locally install Network Agent in connection gateway mode:

1. Run the setup file on the device that will be the connection gateway.

By default, the installation file is located:
\\<Адрес сервера администрирования>\\ KLSHARE \\ Packages \\ NetAgent_10.4.343.

1. Read the terms of the License Agreement and check the box I accept the terms of the License Agreement.

1. Select the installation folder.

1. Ask Server addressand uncheck Allow Network Agent to open UDP port.

1. Skip step Proxy server configuration.
2. Please select Use as a gateway for connections in the DMZ.

1. Please select Get from Administration Server.

1. Set tags if you use them. For more information on using tags, see the article How and why to use tags in Kaspersky Security Center 10.

1. Skip step Extra options.
2. Check the box Run the program during installation.

1. Click on Install.

How to setup

1. Open Kaspersky Security Center 10.
2. Discover context menu node Managed devices and press Create a → Group.

1. Give a name new group and press OK.

1. Discover Properties node Administration Server.
2. Go to section Update Agents and uncheck Assign Update Agents Automatically.Click Add.

1. In the field dropdown menu, click Add a connection gateway located in the DMZ at.

1. Enter the connection gateway address and click OK.

1. Select the set of devices associated with this connection gateway. Click on OK.

During the next scan of the network, the Administration Server will find the connection gateway added by IP address and place it in Unassigned devices.

1. Add connection gateway to group External devices created in step 3.
2. Discover Properties node Administration Server and go to section Update Agents... Click on Add to.
3. In the dropdown menu of the field A device that will act as an update agent click Add a device from the group.Add connection gateway from the group Externaldevices and press OK.Repeat step 8.
4. Select the added connection gateway and open it Properties.

1. Go to section Gateway... Check the box Connection gateway and Initiate creation of a connection to the gateway from the Administration Server side... Ask Gateway address for remote devices, for example, abc-lab.kaspersky.com. Click on OK.

You can create a Network Agent policy for the connection gateway. When creating in step Net uncheck the box Use UDP port.

Objective.

This lab focuses on installing the Security Center Antivirus Management Server.

Preliminary information.

Before proceeding with the installation, you need to decide on a general scenario for deploying anti-virus protection. The two main scenarios offered by the Security Center developers are:

• - deployment of anti-virus protection inside three organizations;
• - deployment of anti-virus protection of the client organization's network (used by organizations acting as ssrvisnroviders). The same scheme can be used within an organization with several remote divisions, computer networks which are administered independently of the head office network.

In these labs, the first scenario will be implemented. If you plan to use the second one, then you will additionally need to install and configure the Web-Console component. And here it is necessary to say about the architecture of the Security Center. It includes the following components:

• 1. Administration Server, which performs the functions of centralized storage of information about the LAN programs installed in the organization's network and their management.
• 2. Administration agent interacts between the Administration Server and the LC programs installed on the computer. There are versions of the Agent for different operating systems - Windows, Novell and Unix.
• 3. Administration Console provides user interface to manage the Server. Administration Console is designed as an extension to Microsoft Management

Console (MMS). It allows you to connect to the Administration Server both locally and remotely using local network or via the Internet.

4. Kaspersky Security Center Web-Console is designed to monitor the status of anti-virus protection of the network of a client organization managed by Kaspersky Security Center. The use of this component will not be studied in this laboratory workshop.

• 1. Installing and configuring Administration Server and Console.
• 2. Creation of administration groups and distribution of client computers among them.
• 3. Remote installation on client computers of the Network Agent and anti-virus programs of the LC.
• 4. Updating signature databases of LC programs on client computers.
• 5. Configuring notifications about anti-virus protection events.
• 6. Launching the on-demand scan task and checking the operation of event notifications on client computers.
• 7. Analysis of reports.
• 8. Setting automatic installation anti-virus programs to new computers on the network.

This lab will review the implementation of the first stage. In fig. Figure 5.35 shows a diagram of a laboratory bench that simulates a protected network (it was also described earlier in Table 5.4). The goal of this lab is to install the Security Center Server and Administration Console on the AVServ.

Figure: 5.35.

Table 5.5

Differences in versions of the distribution kit of Kaspersky Security Center 9.0

Component	Full
	version	version
Administration Server distribution kit
Kaspersky Endpoint Security for Windows distribution kit
Network Agent distribution kit
Microsoft SQL 2005 Server Express Edition
Microsoft .NET Framework 2.0 SP1
Microsoft Data Access Component 2.8
Microsoft Windows Installer 3.1
Kaspersky Security Center System Health Validator

The Security Center distribution kit can be downloaded from the link http://www.kaspersky.com/downloads-security-center. In this case, you can choose the version of the downloaded distribution - Lite or full. Table 5.5 lists the differences in distributions versions for version 9.0, which was used in the preparation of the descriptions of the laboratory works. To complete the laboratory you will need full version, since along with the installation of the administration server, the MS SQL Server 2005 Express DBMS will be installed, which is used to store data on the state of anti-virus protection.

Work description.

After completing the preparatory steps, launch the Security Center installation program on the AVServ server. After the welcome window, you will be asked for the path to save the files required during the installation process, another welcome window and a window with license agreementto be accepted to continue with the installation process.

When choosing the type of installation, mark the "Custom" item, which will allow you to get acquainted in detail with the list of installed components and applied settings.

If you select the "Standard" option, the wizard will install the Administration Server together with the server version of Network Agent, Administration Console, application management plug-ins available in the distribution package, and Microsoft SQL Server 2005 Express Edition (if it has not been installed earlier).

The next step is to select the server components to be installed (Fig. 5.36). We need to install the Administration Server, and leave a check mark on this item.

We will not use Cisco NAC technology, which allows us to check the security of a mobile device or computer connecting to the network.

Also, as part of the laboratory workshop, it is not planned to deploy anti-virus protection on mobile devices (such as smartphones), so these components are not installed now.

The selected network size affects the setting of values \u200b\u200bfor a number of parameters that determine the operation of anti-virus protection (they are listed in Table 5.6). These settings can be changed, if necessary, after server installation.

You will also need to specify the account under which the administration server will run, or agree to create a new record (Fig. 5.37).

In previous versions of Windows (for example, when installing on Windows Server 2003), the System Account option may appear in this window. Anyway, this entry must have administrator rights, which is required both to create a database, as well as for the subsequent operation of the server.

Table 5.6

Parameters set based on network size

Parameter / number of computers		100-1000	1000-5000	More
Display in the console tree of the node of slave and virtual Administration Servers and all parameters associated with slave and virtual Servers	absent	absent	present	present
Displaying sections Safetyin the properties windows of the Server and administration groups	absent	absent	present	present
Creating a Network Agent policy using the Quick Start Wizard	absent	absent	present	present
Random distribution of the start time of the update task on client computers	absent	within 5 minutes	within 10 minutes	within 10 minutes

Figure: 5.37.

The next step is to select the database server to use (Fig. 5.38). For data storage Security Center 9.0 can use Microsoft SQL Server (versions 2005, 2008, 2008 R2, including Express editions 2005, 2008) or MySQL Enterprise. In fig. 5.38, andthe window for selecting the type of DBMS is shown. If the MySQL server is selected, you will need to specify the name and port number for the connection.

If you use an existing instance of MS SQL Server, you will need to specify its name and the name of the database (by default, it is called KAV). In our laboratory work we will use the recommended configuration, which implies the installation of MS SQL Server 2005 Express along with the installation of the Security Center (Fig.5.38, b).

Figure: 5.38.

After selecting SQL Server as the DBMS used, you must specify the authentication mode that will be used when working with it. Here we leave the default setting - authentication mode Microsoft Windows (fig.5.39).

To store installation packages and distribute updates, the administration server will use the folder provided in general access... You can specify an existing folder or create a new one. The default share name is KL8NAKE.

Figure: 5.39.

You can also specify the port numbers used to connect to the Security Center Server. By default, TCP port 14000 is used, and for a secure SSL connection, TCP port 13000. If you can connect to the administration server after installation, you should check if these ports are blocked by the gateway. windows screen... In addition to those mentioned above, UDP port 13000 is used to send information about shutdown of computers to the server.

Next, you will need to specify how the administration server is identified. It can be ip address, DNS names or NetBIOS. Used for laboratory practice virtual network a Windows domain is organized and a DNS server is present, so we will use domain names (fig. 5.40).

Figure: 5.40.

The next window allows you to select the plugins to install to manage antivirus software LK. Looking ahead, we can say that the product will be deployed Kaspersky Endpoint Security 8 for Windows, the plug-in for which we will need (Fig. 5.41).

Figure: 5.41.

After that, the selected programs and components will be installed on the server. When the installation is complete, the Administration Console will be launched, or, if you unchecked the box in the last window of the installation wizard, launch it from the Start menu -\u003e Programs -\u003e Kaspersky Security Center.

Exercise 1.

As described, install the Administration Server on virtual machine AVServ.

Initial server configuration is performed when the console starts. In the first step, you can specify activation codes or files license keys for antivirus products of LC. If you have a "corporate" key for several computers, with the default settings, the key will be automatically distributed by the server to client computers.

Figure: 5.42.

You can also agree or refuse to use Kaspersky Security Network (KSN), a remote service for providing access to the Kaspersky Lab's knowledge base on the reputation of files, Internet resources and software.

The next step is to configure parameters for notifying the anti-virus protection administrator by e-mail... You need to specify the mailing address, smtp-ssrvsr and, if necessary, parameters for authorization on the server (Fig. 5.42). If the laboratory does not have a suitable mail server, you can skip this step and make settings later.

If the Internet is accessed through a proxy server, you will need to specify its parameters. After passing this stage, the automatic creation of standard policies, group tasks and administration tasks will be performed. They will be discussed in more detail in the next laboratory work.

Figure: 5.43.

Next step - automatic start download updates. If the download has started successfully, you can, without waiting for the end of the message, click the Next button and after finishing the initial setup wizard, go to the main window of the Administration Console (Fig. 5.43). It should show that there is one managed computer on the network (along with the Administration Server, the Administration Agent was installed on the AVScrv computer), on which there is no anti-virus protection. This is regarded as a critical event.

Task 2.

Execute initial setting server.

Separately, the administration console can be installed from the Console folder of the distribution disk by running the Setup program. If you are using a distribution kit downloaded from the Internet, then you need to open the folder specified at the beginning of the installation to save the distribution files. By default, this is the C: KSC9 ussianConsole folder.

Figure: 5.44.

Task 3.

Install the Security Center Administration Console on the Stationl .labs.local virtual machine. Check the connectivity to the AVServ.labs.local server. To do this, in the console window, you must specify its address or name (Fig. 5.44), and also agree to receive a server certificate (Fig. 5.45).

Figure: 5.45.

Figure: 5.46.

If the connection fails, check if the ports used to connect to the Security Center server are blocked on the AVScrv server (see above). The setting can be checked through the Control Panel: System and Security -\u003e Windows Firewall -\u003e Allow the program to run through windows firewall... The appropriate permissive settings must be present, see fig. 5.46 (the names of the rules remain as in previous version product - Kaspersky Administration Kit).