Administration agent kaspersky security center 10.2 480. Deploying anti-virus protection: installing administration agents, checking compatibility. Configuring centralized management on computers with Kaspersky

Utility for removing Kaspersky Lab products (kavremover).

When uninstalling Kaspersky Lab products using standard tools Windows (Control Panel -> Add / Remove Programs) errors may occur, as a result of which the program will not be removed or will be partially removed. To completely remove a Kaspersky Lab product, use the kavremover utility.
The uninstall utility completely removes the following Kaspersky Lab products:

• Kaspersky Safe Kids


• Kaspersky Small Office Security for Personal Computer / File Server (all versions)


• Kaspersky Total Security(all versions)


• Kaspersky PURE (all versions)


• Kaspersky Anti-Virus (all versions)


• Kaspersky Internet Security(all versions)


• Kaspersky Free


• Kaspersky Password Manager (all versions)


• Kaspersky Fraud Prevention for Endpoint (all versions)


• AVP Tool driver


• Kaspersky Security Scan 3.0


• Kaspersky Security Scan 2.0


• Kaspersky Endpoint Security 8/10/10 SP1 MR2 for Windows (for file servers)


• Kaspersky Endpoint Security 8/10/10 SP1 MR2 for Windows (for workstations)


• Kaspersky Anti-Virus 6.0 R2 for Windows Workstations


• Kaspersky Anti-Virus 6.0 R2 for Windows Servers


• Kaspersky Anti-Virus 6.0 FS MP4


• Kaspersky Anti-Virus 6.0 SOS MP4


• Kaspersky Anti-Virus 6.0 WKS MP4


• Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition


• Kaspersky Network Agent 10


• Kaspersky Lab Network Agent 8/9

Working with the utility

For complete removal program, follow these steps:

1. Download the kavremvr.zip archive and then unpack it (for example, using the WinZip archiver program). Or download executable file kavremvr.exe.


2. Run the kavremvr.exe file by double clicking on it with the left mouse button.


3. Check out License agreement Kaspersky Labs. Read the agreement carefully and, if you agree with all of its clauses, click I agree.

1. In the window Kaspersky Lab Products Remover enter in the blank field security code which is shown in the picture. If the code is not clearly visible, to re-generate the code, click on the refresh button to the right of the picture.


2. Select from the menu Found the following products a Kaspersky Lab application that was installed on your computer. Click on Delete... If several Kaspersky Lab products are installed on the computer, select and uninstall them one by one. You can select the program to uninstall from the list of all products supported by the uninstall utility, for this:
   
   
   • Run the kavremvr utility via the command line in manual selection mode, with the nodetect parameter:
   
   
   • kavremvr.exe --nodetect.
   
   
   • Select from the list the desired program and delete it. If there are several such programs, uninstall them one by one.
   
   

1. Removal may take some time. Wait for the dialog box to appear informing you that the product has been successfully removed and click OK.

1. Reboot your computer.

By default, a log of deletion of the view is saved in the folder where the utility is located. kavremvr xxxx-xx-xx xx-xx-xx (pid xxxx) .log where you can view the version of the utility:

Additional information (corporate products)

When uninstalling Network Agent 10 or Kaspersky Endpoint Security 10/10 CF1 / 10 SP1 MR2 for Windows, you may need to specify a password. For this:

1. Run the utility from command line with parameter


2. kavremvr.exe --password-for-uninstall:% PASSWORD% --MSIPARAM: KLLOGIN =% login%, where:
   
   
   • % login%- is the username for the respective product;
   
   
   • % password% - this is the password for the corresponding product.
   
   

   Example: kavremvr.exe --password-for-uninstall: 123 --MSIPARAM: KLLOGIN = Ivanov

1. Select the required program from the list.

During the program operation, the following errors may occur:

Error 1001
Products that cause an error when uninstalling: Kaspersky Endpoint Security 10/10 CF1 / 10 SP1 MR2

Cause: FDE-encrypted drives or drives scheduled for FDE encryption were detected.





Error 1002

Products that cause an error when uninstalling: Kaspersky Network Agent 10 CF1, Kaspersky Endpoint Security 10/10 CF1 / 10 SP1 MR2
Reason: a password for uninstallation was set for the specified products, but the user did not enter the password in the command line.





Error 1003
An error can occur when uninstalling any Kaspersky Lab product.
Reason: KAVRemover is launched from a directory that contains non-ASCII characters in its path from a localization different from the current Windows localization. For example, such a situation may arise if the username is specified in non-Latin letters, and the user launches the utility from his desktop.

Yes, we do. Volume licenses for government agencies are available at special prices.
Educational institutions can take part in the action:.
Within the framework of which educational state institutions are provided:

• discounts up to 80%;

• "First Aid" for public school and preschool institutions 188 rubles;

• purchase of solutions for the protection of workstations, file servers, mail systems and Internet gateways of the institution;

• renewal of the subscription for the purchased product on preferential terms;

• additional purchase of licenses - in accordance with the established licensing rules;

• technical support.

A special offer is available for medical institutions:.
Within the framework of which medical institutions are provided:

• renewal of the subscription for the purchased product on preferential terms (with a 30% discount from the standard renewal cost specified in the official price list);

• technical support.

Scientific institutions can participate in the promotion:.
Organizations engaged in the following areas of activity can apply for support under the program:

• research;

• training and retraining of personnel;

• additional education and professional development;

• institutes of the Russian Academy of Sciences;

Within the framework of this program, it is provided:

• delivery of Kaspersky Security for Business products and, and with a 30% discount from the price specified in the official price list;

• renewal of the subscription for the purchased product with a 30% discount from the standard renewal cost specified in the official price list;

• technical support.

Yes, it is possible to use home licenses to protect your organization. But if this organization has 2-3 devices. If the number of workstations, servers and mobile devices more than 5, then it is recommended to use a product for small business - Kaspersky Small Office Security. The use of home versions in educational institutions is possible.

Installation of Kaspersky Endpoint Security for Windows XP is possible locally and remotely:

To receive branded gifts from Kaspersky Lab, buy licensed products for business and home participating in the promotion. Anyone can take part in the action. If you are a system administrator in one or several organizations and annually update the protection of servers and workstations, then you should not miss the opportunity to receive gifts.

The fastest and easiest way is to contact a consultant in the dialog box or by calling 8-800-250-16-03. If you have purchased a license earlier, then be ready to inform the consultant of its number.
We will also promptly create price proposals to government organizations to form the maximum initial price when planning public auctions.

To receive updates for version 6.0, in addition to the license, you must purchase the item “Kaspersky Renewal of license for previous versions applications * "for the required number of nodes. The expiration date of this license will be 12/31/2017 or aligned with the expiration date of the KES license (if it ends in 2017).

From January 1, 2018, support for version 6.0 will be completely discontinued, and FSTEC has also issued an official letter about the need to migrate from KAV6 to other products. You can get acquainted with the letter by link

At the moment, upon request in the Customized media pack, it is possible to order distributions with forms for 6.0, but FSTEC certificates there only until 01/01/2018 and will not be extended:

Kaspersky Endpoint Security Strong Encryption differs from Lite in terms of encryption bit. But the difference is noticeable only for licensees and, but for licensees of packages or distributions there is no difference. In the Lite version, encryption is 56-bit, and in Strong, it is 256-bit. But for Russian organizations it is necessary to use 56-bit encryption according to the 2012 law.

Computers on which the Administration Server component is installed are called Administration Servers (hereinafter also referred to as Servers).

Administration Server is installed on a computer as a service with the following set of attributes:

• under the name "Kaspersky Security Center Administration Server";
• with automatic startup type at start operating system;
• with account Local system or a user account in accordance with the choice made during the installation of the Administration Server.

Administration Server performs the following functions:

• storing the structure of administration groups;
• storing information about the configuration of client computers;
• organization of repositories for software distributions;
• remote installation of programs on client devices and removal of programs;
• updating databases and application modules of Kaspersky Lab;
• managing policies and tasks on client computers;
• storing information about events that occurred on client devices;
• generating reports on the operation of Kaspersky Lab applications;
• distribution of keys to client devices, storage of information about keys;
• Sending notifications about the progress of tasks (for example, about detected viruses on a client computer).

Several Administration Servers can be installed in an enterprise network, which can form a hierarchy of the "master server - slave server" type. Moreover, each Administration Server can have several slave Servers.

Administration Server is managed through the Administration Console installed on any computer in the network.

Kaspersky Lab specialists do not recommend installing two versions of the Console on the Administration Server. For example, if you installed new versions of the Administration Server and the Console, but for some reason also left the previous version of the Console, then the joint operation of the Consoles different versions may cause operational problems.

How to install and configure Kaspersky Security Center Network Agent

Network Agent can be installed and configured as follows:

• Locally by running the setup file (by default it is located: \\<Адрес сервера администрирования>\ KLSHARE \ Packages \ NetAgent_10.1.249). After starting, you must follow all the steps of the installation wizard.
• Remotely, through the Administration Console using the installation package.
for system administration, you need to install.

If you already have a license for Kaspersky Lab's corporate anti-virus and you are using the Kaspersky Security Center solution for centralized management, then you do not need to install anything.

Kaspersky System Management is a set of system administration functions included in the Kaspersky Security Center application.

This functionality is available when activating licenses for solutions, and a separate Kaspersky System Management solution, which can be used without antivirus or in addition to the main license of Kaspersky Endpoint Security for Business Starter or.

DLP for mail and SharePoint are new features included in the latest releases of antivirus products that ensure the security of mail servers or collaboration clients. To use these functions, you must enter a special license key, which must be purchased separately. The code comes with the product to protect itself mail server... The DLP function of the solution becomes available after activating the antivirus product.

02/01/2017 the release of updates has stopped anti-virus databases for KES 6.0.

To receive updates, you need to additionally purchase "Kaspersky Renewal of license for previous versions of applications *" for the required number of nodes. But the right to use will expire on December 31, 2017.

On January 1, 2018, the release of updates for 6.0 will be discontinued. FSTEC has published a letter about the mandatory transition from KAV 6 to other solutions.

Now, through a request, you can get installation files with forms for 6.0, the FSTEC certificates themselves will end on January 1, 2018.

If you purchased only Kaspersky System Management for System Administration, then you need to download Kaspersky Security Center.

If you already have a corporate license antivirus Kaspersky Lab and you use the Administration Console to full management, then you do not need to put anything.

Kaspersky System Management is a suite of administrative features included in Kaspersky Security Center.

All of these features are included when activating a license for products,. In addition, these functions are included in the Kaspersky System Management solution, which can be used without antivirus or in addition to the KES Starter license.

The difference in the bitness of the encryption module, Lite has 56, and Strong has 256. A significant difference is present only for Kaspersky Endpoint Security for Business, and installation files no. By law, Russian enterprises are allowed to use 56-bit encryption.

Administration Server (or Server) is a PC with an installed Administration Server client.

The Administration Server service has the following properties:

"Kaspersky Security Center Administration Server".

with autorun when loading the OS.

with the Local system or user account, depends on the settings during the installation of the Administration Server.

Administration Server has the following features:

storage of the structure of administration groups

storing data on client PC settings

providing a repository of app installers

remote installation of programs on client computers, removal of programs

setting up policies and setting goals on client PCs

storing data about actions that happened on client devices

preparation of reports on the functioning of Kaspersky Lab anti-virus solutions

storage of keys for client PCs

messages about the execution of targets (whether threats were detected or not)

Many Administration Servers can be installed in a corporate network, thanks to which it is possible to create a hierarchy of the "Main server - Slave server" type. Moreover, the server can have many more servers under its control.

The Administration Server is managed through the Administration Console installed on any PC in the corporate network.

Kaspersky Lab experts advise against installing 2 versions of the Console on the Administration Server. Since if you install fresh versions of the Administration Server and Console, but forget to erase previous version Consoles. The simultaneous operation of two Consoles may cause a failure.

To download Network Agent follow the link.

Installation instructions:

Open the distribution locally (by default, it is located in the \\<Адрес сервера администрирования>\ KLSHARE \ Packages \ NetAgent_10.1.249), then follow the instructions that appear.

Run the installation file remotely via Kaspersky Security Center.

Configure group policies.

Purpose of work.

Lab focuses on automated deployment of tools antivirus protection v computer network... This article covers the tasks of installing the Network Agent and scanning computers for software incompatible with Kaspersky Lab products.

Work description.

In the previous lab, the Administration Server and Management Console were installed. Communication between the administration server and client computers is provided by the administration agent. Therefore, it must be installed on each client computer that will be connected to the centralized anti-virus protection management system. There was no need to install the agent separately on the computer where the administration server was installed, since the server version of the agent was automatically installed along with the server (its peculiarity is that the agent interacts only with the administration server installed on the same computer).

Let's start everything virtual machines that make up our laboratory bench, and consider the process of automated deployment of administration agents. On the AVServ server, launch the Kaspersky Security Center administration console (you can also manage the server from workstation Station 1, on which the administration console was installed during the first job). First, let's take a look at the list of managed computers that already have an administration agent. Opening the node Managed computers, go to the tab Computers(fig. 5.47). The displayed list displays only one computer - AVScrv, on which the server version of the Network Agent is installed. The status "critical" is set due to the fact that the anti-virus software is on this computer not yet available.

Rice. 5.47.

The first thing to do during agent deployment is to discover computers. In the administration console, go to the node Unassigned computers(fig. 5.48). Search can be done by polling computers in Windows networking using service info Active Directory or by the range of ip-addresses. The exact method depends on the organization of the protected network. For example, if there are computers on the network that are not included in the Windows domain, searching in a range of ip addresses may be preferable to retrieving information from Active Directory.

In our example, all three of the above methods are suitable. Let's use the search on the Windows network - in the corresponding section in the administration console window, click the link Interview now.

Rice. 5.48.

After the poll is over (the process of its passage is illustrated by the "status bar"), we open the node corresponding to the found Labs domain, and we see all the detected computers. Select them and click the link Set program(fig. 5.49). This will launch the Remote Installation Wizard.

Here it is necessary to explain some of the features associated with remote software installation using Security Center tools. Before you start deploying the program, you need to create an installation package. This is done through the knot Repositories-> Installation packages(fig. 5.49). There you need to run the wizard, which will ask for the name of the installation package and the path to the distribution files.

Rice. 5.49.

In our case, Kaspersky Security Center 9.0 was installed from full version distribution kit and both installation packages - for the administration agent and for the anti-virus Kaspersky product Endpoint Security 8 for Windows - were automatically provisioned. So in the first window of the installation wizard, you only need to specify the required package (Fig. 5.50).

The next step is to choose the method that will be used to install the redistributable package. Due to the fact that the Network Agent has not yet been installed on client computers, leave the checkboxes Windows tools from the folder general access and Do not install the program if it is already installed(fig.5.51).

Rice. 5.50. Remote Installation Wizard: Selecting an installation package

Rice. 5.51. Remote Installation Wizard: Selecting an Installation Method

To install Windows tools passed correctly, TCP ports 139 and 445, UDP 137 and 138 must be opened on the client computer. By default, this setting is made on all client computers included in the Windows domain (in the case of a Windows 7 client, there are some features that are described below). If there are computers on the network that are not included in the domain, an attempt automatic installation administration agent on them may fail. In this case, you can use the riprcp.exe utility for preparing your computer for remote installation, which will make all the necessary settings (see below).

After selecting the installation packages and the installation method, you will need to specify account, on behalf of which the installation will be carried out. You can skip this step if the Network Agent is already installed on the computers. In our case, you need to press the button Add and specify an entry with administrator rights (Fig. 5.52). If computers are not included in the domain, you may need several such records.

Rice. 5.52.

The next window determines how the computer will be restarted, if it is needed as a result of the package installation. The default setting is to ask the user for permission to reboot.

For the purposes of our laboratory, the preferred option would be To restart a computer. And when deploying new software in an existing enterprise network, when installing on servers, you should choose Do not restart your computer and reboot manually later.

Rice. 5.53.

In the next windows of the wizard, you will need to press the button several times. Further, to confirm your choice and start the created task for execution. Going to node Tasks for sets of computers, you can track the installation process and evaluate its result. In the example shown in Fig. 5.54, on one computer the installation was successful, on two it failed.

Rice. 5.54.

If in the one shown in Fig. 5.54 window with the report follow the link More details, then we will see that the installation of the agent on the Serv server was successfully completed, but the program could not be installed on the NB1 and Station 1 computers because "The computer may be disconnected from the network." This can happen due to the fact that the computer is turned off, there are problems in the network infrastructure or the firewall settings on the computer do not allow remote installation... In our example, the reason for the failure is the firewall settings.

In such cases, when installing Kaspersky Anti-Virus on computers running Windows 7, it is recommended to pre-configure shared access to network folders.

If the Windows 7 computer is included in the domain, you need to open Control Panel -> Network and Sharing Center, then choose Change advanced sharing options and in the block Access to shared folders select Enable Sharing, so that network users can read and write files to shared folders (fig.5.55). This setting must be done on NB1 and Station 1 computers.

Rice. 5.55.

Rice. 5.56.

More generally, the problem with Windows settings can be solved by running the riprcp.exe utility on computers. On the AVServ server, it is located in the folder where the Security Center was installed: C: Program Files (x86) Kaspersky LabKaspersky Security Center. You can copy the utility to a shared folder and run it from there on machines where the installation failed. After launching the utility, you need to avenge the necessary changes (Fig. 5.56), and after making them you may need to reboot. For a large network, this task can be automated using administrative scripts.

After the changes have been made, we will re-run the task of installing the administration agents (Fig.5.54, the button Run bottom right). The installation should now be successful.

Exercise 1.

Deploy Security Center Administration Agents to virtual machines laboratory stand.

After the installation of network agents in the group Managed computers all 4 virtual machines of the laboratory stand should appear. If only one AVServ is displayed, it may be just old data, and you need to run the command Refresh from the context menu.

The next task in preparing for the deployment of anti-virus software is to search for programs installed on computers that are incompatible with the anti-virus software of the PC. Such programs will have to be uninstalled.

Remote uninstallation of applications from client computers can be performed by running remote uninstallation tasks. Security Center allows you to create tasks of the following types:

• - group tasks created for client computers of selected administration groups;
• - tasks for sets of computers that are created for selected client computers, depending on whether these computers belong to any administration group.

But before you uninstall the program, you need to find it. Generating a report on incompatible programs can help with this.

To do this, go to the node Reports and notifications, choose there and, if necessary, select the item in the context menu Refresh. The report will include programs identified by the administration agents that are known to the Security Center as incompatible. First of all, these are other antivirus products.

In our case, the report indicates the presence of Microsoft programs Security Essentials 2 x64 on the NB1 computer (Fig.5.57).

Rice. 5.57.

Find NB1 in the group of managed computers and create a task to uninstall the Microsoft Security Essentials antivirus (Fig.5.58). Please note that after starting the wizard, the node became active. Tasks for sets of computers.

Rice. 5.58.

Rice. 5.59.

In the first window of the wizard, you must specify the name of the task being created - "Removing Security Essentials". Next, you need to select the type of task: we are interested in remote uninstallation of the program, which refers to tasks for the application Kaspersky Security Center Administration Server, subgroup Additionally(fig.5.59).

Rice. 5.60.

Rice. 5.61.

We also know that this program is in the list of PC incompatible with antiviruses. We indicate this when choosing the type of program to be removed (Fig. 5.60).

In the next window, press the button Add and in the list of incompatible programs we will find Microsoft Security Essentials 2 x64 (Fig. 5.61).

In the next window of the New Task Wizard, you will need to specify the method in which the uninstallation utility will be downloaded to the client computer. Network Agent is already installed on the NB1 computer, so you can leave the default settings (Fig. 5.62). Next, there will be a request to restart the computer after uninstallation, select the option To restart a computer.

Rice. 5.62.

The next wizard window allows you to specify the account to use. This is required if the Security Center Administrator Agent is not available on the client computer. In our case, this window can be skipped, since the agent is present on the NB1 computer.

In the launch schedule, select the option Immediately and in the last window, confirm the creation of the task.

Now let's select the created task in the node Tasks for sets of computers and wait until the end of its execution, which may require certain time... The report showed that the task has completed and a computer restart is required (Fig. 5.63). After automatic reboot, the task will be marked as completed successfully. Thus, we have completed the necessary steps prior to the deployment of anti-virus protection tools on the network.

Rice. 5.63.

Task 2.

Scan computers for incompatible applications and remove any antivirus programs that are found.

This material was prepared for specialists involved in the management of antivirus protection and security at the enterprise.

This page describes and analyzes the most interesting functionality of the latest versions of Kaspersky Endpoint Security 10 and the Central Management Console of Kaspersky Security Center 10.

The information was selected based on the experience of communication between NovaInTech specialists, with system administrators, heads of IT departments and security departments of organizations that are just switching to Kaspersky anti-virus protection, or are going through the process of switching from using the 6th version of the anti-virus on client computers and the Administration management console Kit 8. In the latter case, when anti-virus protection from Kaspersky Lab is already in use, it is also common that IT specialists do not know the most interesting moments in the work of new versions of products that really help make life easier for these same IT professionals, and at the same time increase the level of security and reliability.

After reading this article and watching the videos, you can briefly familiarize yourself with the most interesting functionality provided by latest version Kaseprky Security Center and Kaspersky Endpoint Security management consoles and see how it works.

1. Installing the Administration Server of Kaspersky Security Center 10.

The required distributions can be found on the official Kaspersky Lab website:

ATTENTION! The distribution kit is complete versions of Kaspersky Security Center already includes the latest version of the Kaspersky Endpoint Security distribution kit.

First of all, I would like to tell you about where to start installing anti-virus protection from Kaspersky Lab: Not from the anti-viruses themselves on client computers, as it might seem at first glance, but from the installation of the administration server and the central management console of Kaspesky Security Center (KSC ). With the help of this console, you can deploy anti-virus protection on all computers of your institution much faster. In this video you will see that after the installation and minimal configuration of the KSC administration server, it becomes possible to create an antivirus solution installer for client computers that even a completely unprepared user can install (I think every administrator has such "users") - the installation interface contains everything 2 buttons - "Install" and "Close".

The administration server itself can be installed on any computer that is always turned on or as accessible as possible, this computer must be visible to other computers on the network, and it is very important for it to have access to the Internet (for downloading databases and synchronizing with the KSN cloud).

Watch the video, even if you installed the central console before, but in previous versions - you may hear and see something new for yourself ...

LIKE THE VIDEO?
We also do delivery of Kaspersky products... And even more - we provide technical support. We care about our clients.

2. Setting up centralized management on computers with Kaspersky already installed.

It is often found that in small organizations, system administrators install and configure anti-virus protection on each computer manually. Thus, the time they spend on maintaining anti-virus protection increases and they do not have enough time for some more important tasks. There are cases when administrators, simply due to lack of time, simply do not know about what is in corporate versions anti-virus protection from Kaspersky Lab, in general there is a centralized management, and they do not know that for this miracle of civilization, you do not need to pay anything.

In order to "connect" the already installed client antiviruses with the administration server, you need very little:

• Install the Administration Server (Section 1 of this article).
• Install the Administration Server Agent (NetAgent) on all computers - I will describe the installation options in the attached video below.
• After the installation of the administration server agent, computers, depending on your settings, will be either in the "Not distributed computers" section or in the "Managed computers" section. If computers will be in "Not allocated computers" - they will need to be transferred to "Managed computers" and set up a policy that will apply to them.

After these actions, your computers will be visible to you from the central console, users will no longer be able to manage the antiviruses installed on their machines and, as a result, there will be less infections and less headache for the administrator.

In the video below, I will try to describe the scenarios for installing NetAgents on client computers, depending on how your network is arranged.