Scribd
Upload
24 views

1 +overview

Uploaded by

Ashraf Saeed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
24 views

1 +overview

Uploaded by

Ashraf Saeed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Technical Training

Disclaimer
This content is not related to Kaspersky education from any side and nothing from the inner content ( documents , labs , expressions )
are attributed to Kaspersky paid portals or documentation , All slides are made by instructor effort with screenshots from giant labs ,
labs are practiced in private environment “EVE-NG Community Version” , all rights are reserved.
Solution Major Components

KSC “Kaspersky Security Center” :- A software usually called


administration server that’s hosted individually or in a cluster to centrally Network
manage all the endpoints that have Kaspersky applications installed on Agent +
KES
them for the purpose of protection , device control or disk encryption .
KES “Kaspersky Endpoint Security” :- An application that’s used to
protect against malwares and hackers , control the device of the
user and encrypt files or drives .
KSC (
Network Agent :- Connection channel between KES and KSC to Network Administration Network
Agent + Server + SQL + Agent +
receive settings for KES from KSC and send events from KES to KES Admin Console KES
KSC . )

SQL Database :- Used to be the storage for events and some of


settings .

Admin Console :- Could be MMC or Web Console , The management Network


Agent +
interface that’s used for creating needed tasks , policies and doing KES
monitoring .
1
Kaspersky Licensing

There are different levels of licenses in Kaspersky endpoint security for business :-
- Cloud :- Managing your environment from Cloud KSC .
++ Workstations , Servers , Mobile Devices , MDM , Web Control , Device Control , Encryption And
Vulnerability & Patch Management .
- Select ( On Prem KSC ) :-
++ Workstations , Servers , Mobile Devices , MDM , Web Control , Device Control And Application Control .
- Advanced ( On Prem KSC ) :- All Features Enabled .
- Solution doesn’t need any license on KSC .
Targeted Licenses :- You can purchase individual licenses to be activated alone without having the full bundle .
- Encryption .
- MDM .
- Vulnerability & Patch Management .
- Activations starts from 1 year and could be renewed .

2
Kaspersky Management

How can Kaspersky KSC manage computers with Net Agents And KES apps ?!
- The communication is happening between KSC which is the management central device and the network
agent installed on pc managed by the KSC .
- Each Component has its function in the management process .
- As we’ll see in the below table .

Component Listening Port Functions


KSC TCP 13000 Supports SSL Used to receive logs & information “like Softwares
installed on machine ” from net agents ( clients )
Net Agent UDP 15000 Used to receive commands from administration server ,
updates and KES policy settings .

NOTE :-
// Network agent connects to the administration server as an updating signals on a specified schedule , by default it
occurs each 15 minutes .
// Administrator of KSC can send a manual synchronization .
3
Kaspersky Management

KSC Core Functions :-


- Tasks :- Operations that depend on scheduling to apply specific settings like updating or viruses scanning .
- Policies :- Operations that identify the global settings for the whole application installed on the client . In simple
words HOW to do something , for each application you will find a policy
- Q / Is the client himself able to run policies and tasks on his own machine ?
A/ It depends on the lock button for each module inside the policy of each application .

4
Kaspersky Management

KSC Groups And Their Relationship With Tasks And Policies :-


- Managed Devices :- It’s the root group that should contain all the subgroups and their corresponding device ,
exists by default .
- You can create new groups and assign devices to these groups .

5
Kaspersky Management

- For each group you can apply different policies for different applications .
- For same group only one policy from different policies could be active for the same application .
- If you applied a policy on a parent group , it will be applied by default to subgroups unless there is no other
policies applied on these subgroups .
- If subgroups took the policy from parent , they could edit only unlocked items configured in parent policy .
- Of course, administrator can disable this default behaviors of inheritance from parent groups to their subgroups by
disabling inheritance options in policies existed inside subgroups .

6
Kaspersky Management

- By the same idea you can create tasks on the level of groups , will be applied on subgroups .
- Unlike policies you could have multiple tasks from the same type into one group since tasks are identified by
multiple components ( schedule , devices , scope and others ) .

You might also like