Kaspersky Lab

Kaspersky Administration KitFeatures Overview

Contents

Kaspersky Administration Kit at a glance

Product benefits Rapid threat protection deployment Centralized threat protection management Threat protection continuity enablement Monitoring and reporting

What is new? Support for more platforms (Mac, Linux, Smartphones)

New Kaspersky Updater

Summary

Kaspersky Administration Kitat a glance

Essential product info

Kaspersky Administration Kit* - an essential tool for managing your company’s threat protection solutions.

It provides mechanisms for fast template-based protection deployment as well as fully customized deployment.

"It provides fast mechanisms for distributing tasks, policies and updates regardless of whether it's for a small workgroup network or a highly distributed corporate network”

It allows monitoring of every aspect of protection and provides threat auto-suppression mechanisms.

Kaspersky Administration Kit provides support for hierarchical groups, task and policy inheritance and control by intermediate administrators, making it an ideal solution for both SMBs and enterprise-level organizations.

PAGE 4 |

*All information refers to Kaspersky Administration Kit 8.0 CF2

Product highlights

Security Administrators have to deal with lots of different tasks daily

Kaspersky Administration Kit is the ideal tool to make security management straightforward and easy.

Centralized administration tool to deployand manage anti-malware protection for servers, workstations and smartphones

Included free of charge in theKOSS product line

Easy-to-use front-end From 10 to tens of thousands of clients Group-based management Automation of recurring tasks Integration with Active Directory Support for Microsoft NAP and

Cisco NAC

…and much more

Management

Installation

Protection

Scanning

Updates

Reports

Alerts

Administrationconsole

PAGE 6 |

Product components

Administrationconsole (MMC)implements GUI

Administrator

Administrationserver

Kaspersky Network Agent

implements tasks, updates and data exchange

Administration console MMC-based GUI dashboards & reports

Administration server task & policy

management data exchange

Kaspersky Network Agent installed on each

protected computer/server

supports negotiation between application and administration server

Administration console

PAGE 7 |

Administration console utilizes the standard Microsoft Management Console

The console can be installed on a workstation/server other than the administration server

Numerous consoles can be connected to one server

Each console can manage many servers

Left of the window shows: Connected administration servers Managed computer groups Discovered computers Repositories (installation packages, updates,

quarantined and unprocessed files, licenses and environment backups)

Depending on the item selected, the right of the window shows: Interactive dashboard for the selected

item(s) Interactive list of objects within the

item selected Reports

PAGE 8 |

Deployment scheme

Administrator

Master administrationserver Administration

server, slave

Main office

Remote OfficeNo IT staff

Remote OfficeIT staff

Administrationserver, slave

Administrator

Support for hierarchical deployment

Remote Office Administrator has access to remote office computers and data only

Administration server bandwidth consumption limiter for narrow channels

Group tasks and policies are propagated from parent to child groups

PAGE 9 |

Communication flow

Administrationserver

Administrationconsole

tasks, policies, updates

status, events

isolated threat files

Secure communication Bi-directional flow Several alert channels Easy-to-use front-end

Kaspersky Network Agent (installed on each

protected computer)

PAGE 10 |

Managed protection made easy

The ‘Getting started’ interactive dashboard provides a quick overview of the corporate protection system.

One click on an action item launches the corresponding step-by-step wizard.

All operations created with the help of wizards can be manually configured.

Product benefits in detailsRapid threat protection deployment

Installation: step-by-step wizards

All-in-one package Administration Kit installation

files include all necessary components: server software, database (Microsoft SQL Express), other components (Microsoft .Net Framework, etc.)

Fast installation Administrative server can be

installed within 15 minutes* Ready to use configuration:

default set of policies and installation packages are generated automatically

PAGE 12 |

* Default configuration. Depends on hardware performance

When it comes to deploying threat protection, Kaspersky Administration Kit provides you with all the necessary tools.

PAGE 13 |

Depending on the network size chosen, Administration Kit will hide less relevant elements and controls in the Administration console interface.

Customer can choose appropriate database based on their requirements Microsoft SQL Express Microsoft SQL Server My SQL Server

Adjusts to your scale

PAGE 14 |

Multiple deployment options for workstation and server protection

Kaspersky Administration Kit provides several deployment methods: Based on Remote

Procedure Call or Network Agent

Based on login script Based on Active

Directory Group Policy For 3rd party tools and/or

non-automated deployment it provides Standalone package

(generated with 1 click) Installation based on

MSI-standard (unattended/predefined settings)

Incompatible 3rd party software removal wizard

Workstation and server protection can be deployed immediately after Kaspersky Administration Kit is installed

PAGE 15 |

Management of protected object structures

All protected computers and servers are organized in hierarchical groups The group structures can be

imported from Active Directory or text-file, or

Computers can be discovered using ICMP, NetBIOS and AD-Scan and Allocated to groups

according to relocation rules, or

Manually allocatedD

isco

vere

d &

una

ssig

ned

Alre

ady

allo

cate

dNew & unassigned

Relocation rules

Sales Marketing

Reviewing and customizing the installation package

PAGE 16 |

Review of auto-generated installation packages and policies for workstation and server threat protection Customize them, if necessary Installation wizard includes incompatible software removal tool

Product benefits in detailCentralized threat protection management

Centralized threat protection management

PAGE 18 |

Management of sub-level administrator rights

Manage hierarchical groups of protected computers and servers

Virus attack auto suppression mechanism

Auto-applied policy for roaming users

Integration with Cisco NAC and Microsoft NAP solutions

License manager

Managing threat protection is about setting rules and privileges, enforcing policies, and scheduling. It’s about controlling the company-wide system of threat protection applications and agents.

Main office group administrators

Managing group administrator privileges

Predefined administrative groups

Intermediate administrators can be assigned for each managed group of computers

Intermediate administrator privileges can be managed so that sub-level administrators can only manage threat protection within set boundaries

Administrative activities are logged, stored on the administration server and can be analyzed through reports.

PAGE 19 |

“Sales” group “Marketing” group

Masteradministrator

Otheradministrator groups

Nested groups, policies and tasks

Support for nested groups

Protected computers Slave administration

servers Policies and tasks

Task inheritance Policy inheritance

PAGE 20 |

Virus attack auto suppression mechanism

Virus attack auto suppression mechanism allows protection tasks to be set per computer or group of computers which are auto-executed if a virus outbreak is detected:

Customize virus outbreak profile Select policies to be activated in case of outbreak

PAGE 21 |

Special policy for roaming users

Allows special policy for roaming users to be set which is auto-applied if the computer leaves the protected area of the company network.

PAGE 22 |

Administrationserver

Corporate network

Standard policy

Roaming policy

Managing task scope and schedule

Manage protection tasks for pre-defined group(s); per individual computer; or custom set

Set task start time scheduled (regular basis) on demand after application/database

updates

PAGE 23 |

Integration capabilities

Kaspersky Administration Kit can be integrated with Cisco Network Admission Control (NAC) and Microsoft’s Network Access Protection (NAP) solutions. As a result, only those computers that are protected against threats in compliance with company policy are permitted into the corporate network

Support for SNMP monitoring and OLE.API technology enables protection management automation

PAGE 24 |

Managing licenses

License manager to install and monitor licenses for Kaspersky Lab applications on protected computers, with license expiration alerts and generation of reports.

PAGE 25 |

Product benefits in detailThreat protection continuity enablement

Threat protection continuity enablement

PAGE 27 |

Distribution of applications and database updates

Sandbox for update pre-test Backup utility Bandwidth consumption

shaper Remote diagnostics utility Wake-on-Lan protected

computer to run scheduled task.

Once deployed, the threat protection solution is expected to work autonomously and provide a consistent set of capabilities.Kaspersky Administration Kit is designed to ensure your protection system is always online and up to date!

AdministrationServer, Slave

PAGE 28 |

Application and antivirus database update management

Administrationserver, master

Multiple update sources Sandbox for update roll-out pre-test Each Network Agent acts as an update source Remote diagnostics utility to fine-tune update

on managed computers

Kaspersky Network Agent on any

protectedcomputer

Kaspersky LabUpdate Server 2. Test update deployment

“Sales” group “Marketing” group

1. Download update

Remoteoffice

Mobile laptop, outside corporate

network

3. Roll-out updates

Update ok

Test group

Local installation

Threat protection continuity enablement

Backup utility with two interfaces: command line and GUI Backup task can be scheduled or run on demand Complete administration server settings backup for fast recovery in case of hardware failure

PAGE 29 |

Remote diagnostics

Remote diagnostics utility for troubleshooting and manual operations on protected computers. Features include:

Enabling and disabling trace, changing the trace level, and downloading the trace file

Downloading application settings

Downloading event logs

Launching diagnostics and downloading results of operation

Starting and stopping applications

PAGE 30 |

Managing computer power when performing antivirus tasks

Kaspersky Administration Kit can manipulate computers on which a task is set to run:

Computers, that are sent to sleep or hibernation mode to preserve power, can be woken up for antivirus operations

Computers can be switched back to their previous state when a task is completed

PAGE 31 |

Product benefits in detailMonitoring and reporting

Monitoring and reporting

PAGE 33 |

Dashboards

Report templates and new template creation wizard

Report generation subsystem and export to HTML, XML and PDF

Threat protection event collector

Administrator(s) operation logging.

Administration Server,Slave

PAGE 34 |

Monitoring and reporting: how it works

Critical/Error

• Infected objects detected

• Update error

Warning

• License expires soon

• …

Info

• Update successful

• …

Notifications / AlertsKaspersky Administration Kit collects and stores protection-related events from managed computers.

Administrationserver,Master

ReportingReports provide extensive overview of protection activity for chosen set of computers, group(s), slave administration servers and their computers, and the whole network for any period of time

Remote office

Main office

Administration console

Reports Interactive dashboards

with context management tasks

Wide set of report templates

Built-in report editor Reports are generated

on demand and on schedule

Support for report export to network share or email in html, XML and PDF formats

Notification methods Email Net-send SNMP Run application Event Viewer

Dashboards

and reports

What’s new?

Introducing centralized management of anti-malware protection for Mac

Kaspersky Administration Kit provides:

Centralized deployment Centralized configuration Centralized notifications &

reporting

Platforms Supported: Mac OS X 10.6 (32/64-bit

edition) – Snow Leopard Mac OS X 10.5 (32-bit

edition) – Leopard Mac OS X 10.4 (32-bit

edition) – Tiger Mac OS X Server 10.6

Introducing centralized management of anti-malware protection for smartphones

Kaspersky Administration Kit enables administrators to”

Manage deployment, configuration, events and reporting in a centralized manner

Manage lists of file types to check Set actions upon malware detection Manage antivirus update schedules Enable Anti-Theft components Select folders to be encrypted Enable Anti-Spam for calls, SMSs and Privacy Protection Manage schedule for synchronization with administration

server

Platforms supported: Symbian S60 9.1 - 9.4 (Nokia only) Windows Mobile® 5.0 - 6.5 BlackBerry 4.5 - 5.0

Introducing centralized management of antimalware protection for Linux

PAGE 38 |

Kaspersky Administration Kit provides

Centralized deployment Centralized configuration Centralized notifications &

reporting

Platforms Supported: Mandriva Linux 2010 Spring 32-

bit Red Hat® Enterprise Linux® 5.5

Desktop 32-bit & 64-bit Fedora 13 32-bit & 64-bit CentOS-5.5 32-bit & 64-bit SUSE Linux Enterprise Desktop

10SP3 and 11SP1 32-bit & 64-bit openSUSE Linux 11.3 32-bit & 64-

bit Ubuntu 10.04 LTS Desktop

Edition 32-bit & 64-bit Debian GNU/Linux 5.0.5 32-bit &

64-bit

New Updater

PAGE 39 |

Each network agent and each slave administration server can act as a node in an update distribution network

Update task can run on demand and on schedule

Update task has rich capabilities for logging update results and notifications

New update distribution subsystem provides faster update distribution

New update distribution subsystem is a reliable mechanism to distribute updates and installation packages for Kaspersky Lab and 3rd party applications

Summary

PAGE 40 |

Kaspersky Administration Kit is a powerful and flexible tool that allows the centralized deployment and management of integrated, enterprise-level threat protection systems based on Kaspersky Lab applications

Main Kaspersky Administration Kit advantages are:

Rapid threat protection deployment

Centralized threat protection management

Threat protection continuity enablement

Powerful reporting system

Global and local support expertise

Thank You

Kaspersky Administration KitFeatures Overview

Kaspersky Lab