Kaspersky Administration Kit 6.0 MP1/MP2

In order to protect Kaspersky Anti-Virus 6.0 against unauthorized access the mechanisms of self-defense, external service control and password-protection have been added to the application functionality. These mechanisms may help administrator to protect the Anti-Virus from being unloaded by users on their client computers

Program self-defense service is not available in Kaspersky Anti-Virus installed on PC’s running under Microsoft Windows 98/ME

Self-defense settings can be configured remotely in the application policy on the Settings tab:

1. in the drop-down menu select Service

2. in the Self-Defense section configure the necessary settings – check: 

• Enable self-defense – enables self-defense mechanism and prevents the application from change or deletion of its files on a hard drive, processes from the RAM, records in the system registry 

• Disable external service control - prevents the application service from being stopped either manually or by other programs.

This enabled checkbox does not influence the application management via Kaspersky Administration Kit 

• Enable password protection - restricts access to application. To enter a password and to protect settings from modifying, click Settings. In the Password protection window: 
• enter the password in the New password field and confirm it in the next field 

If you are already using or have used a password and want to change it, you must also fill in the Old password field.If the password is not known, new policy should be created. 

• Select the scope to which the restrictions will apply. Any setting can be blocked (except notifications of dangerous events)as well as the following settings: 
• changing program settings 

• exiting the program (using the Exit command of the context menu of the Anti-Virus icon in the system bar) 

• stopping/pausing protection components or virus scan tasks

3. Once the settings are configured, lock the Self-Defense section

Once the password has been set for the task Stopping\ pausing protection components or virus scan tasks, an administrator cannot stop protection and its components (a dialog window to enter a password will not be displayed). For the administrator to be able to stop protection and some components remotely through Kaspersky Administration Kit, “unlock” the settings “Enable” of protection and/or the required components.

Example:

 

After you have “unlocked” the setting be sure to check that the component has not be unloaded on a client computer. It may happen if once the settings are “unlocked”, local settings are applied to the computer, in which this component is not set to load. For the component to be always loaded: in the policy go to the Enforcement tab > click the Advanced link > select the variant Modify all policy settings to the local settings at first policy application > click the button Change now

If a user has rights of a local administrator on a client computer (but does not know the password), (s)he cannot change the password or cannot run actions whose performance is password-protected. Even if self-defense settings were not locked but they were enforced on a client computer, you must know the password to modify these password-protected settings locally.