Kaspersky Administration Kit 6.0 MP1/MP2

From the administrator workstation, you can view, create, modify, and configure the logical network and manage all Kaspersky Lab applications installed on clients. The administration interface is provided by the Administration Console component, which is an administration plug-in integrated into the Microsoft Management Console (MMC). The Kaspersky Administration Kit interface complies with MMC standards.

To work locally with client computers within the application the Connect to the remote desktop Microsoft Windows standard application (the corresponding command from the context menu of the client computer) has been worked out to establish remote connection with a computer via the Management Console.

To enable the function, allow remote management on the client computer; example: in Windows XP right-click My Computer > Properties > the Remote tab > check Allow users to connect remotely to this computer

The program main window has a menu, a toolbar, a view panel, details and tasks panels. 

• The menu is used to manage files and dialog boxes and provides access to Help topics. 

• Toolbar buttons provide quick access to frequently used menu options. 

• The view panel displays the hierarchical Kaspersky Administration Kit namespace as a console tree. 

• The details panel shows details of the object selected in the console tree. 

• The tasks panel provides quick access via hyperlinks to frequently used operations for the object selected either in the console tree or in the details panel. By clicking the Standard tab in the lower part of the MMC window administrator can switch to the standard Console without the task panel.

The console tree displays logical networks created within a corporate network and properties of a local computer where the Administration Console is installed.

The Kaspersky Administration Kit namespace can have several nodes: the Kaspersky Administration Server (by the number of Administration Servers) and the Local computer object.

Using the Local Computer object, you can locally administer Kaspersky Lab applications installed on the administrator workstation (i.e. on the computer on which the Administration Console is installed).

The Kaspersky Administration Server (<computer name - Administration Server>) node is a container that displays the structure and settings of the selected Administration Server. If the Administration Console and the Server are installed on the same computer, then the Administration Server has the localhost name.

The Kaspersky Administration Server node has the following folders: 

• Protection status

The Protection status folder provides information about anti-virus protection status both on client computers of the logical network and in the computer network in general. The folder contains subfolders with the information structured the following way: 

• Network – information about computers outside the logical network and results of the current and last computer query by the Administration Server of the computer network. 

• Administration Groups – anti-virus protection status on client computers of the logical network. 

• Anti-virus statistics – statistical information about virus activity and status of the real-time protection task on client computers in the logical network. 

• Updates – state of the anti-virus databases used by the applications. 

• Network

After the installation of Kaspersky Administration Kit, the Network item shows the hierarchy of the domain and work groups on your Windows network. The folders on each upper level display computers of this domain or workgroup that have not been assigned to the logical network. After a computer is assigned to a group, information about this computer is deleted from the node. Conversely, when a computer is removed from the logical network, information about this computer again appears in the corresponding folder of the Network node.

To change the folder hierarchy of the Network node so that it corresponds to the Active Directory structure or the IP-subnetworks created in the network, use the View IP-subnetworks or View Active Directory hyperlinks in the tasks panel. If the Network node is viewed as IP-subnetworks, administrator can form its structure by creating IP-subnetworks and changing already existing parameters.

When you highlight a folder in the console tree, the following information about this folder is displayed in the details pane: 

• Name – Computer name in the logical network 
• OS type – workstation or file server 
• Domain – Windows domain or workgroup to which the computer belongs 
• Agent/Anti-Virus – if Network Agent or Anti-Virus is installed /not installed 
• Last visible – Date when this computer was last identified by the server on the logical network 
• Last info update – Date when computer info was last updated 
• DNS domain – The DNS domain to which this computer belongs 
• DNS name – DNS computer name 
• IP address of the computer 
• Last connect – time of the last connection to the Administration Server

By default all parameters are displayed on the Console. But the administrator can remove some of them. To remove some parameters, open the Administration Console > View > Add/Remove Columns > in the open window using the Add/Remove buttons you can configure the Console so that only necessary parameters remain.

	Useful links
	Network scan

The Administration Server creates and updates the data in the Network group. The Server regularly requests data about new computers added to the Windows network and those removed from the network. You can disable request about computers added to the Network group or to its any nested group.

Based on this information, the server then refreshes the Network group and folder. New computers that appear on the Windows network are automatically included in a specified folder in the Network group or in the specified group of the logical network. Network Agent and anti-virus applications are installed on them as well. The folder to which the detected computers will be assigned can be specified in the properties of the Network group on the Computers tab, and the application necessary to install on these computers can be chosen on the Computers tab in the properties of the selected administration group. 

• Groups

The Groups node is used to store, display, configure, and change the logical network structure, group policies, and group tasks.

Root objects in the Groups folder correspond to the highest level of the logical network hierarchy. The Policies, Tasks and Administration servers folders are mandatory for each group item. These folders are used to operate the policies and tasks of the upper hierarchical level and to organize slave Servers.

After the installation of Kaspersky Administration Kit, the Groups folder stores no items and the Policies, Tasks and Administration servers folders are empty. The administrator can build the logical network structure by adding client computers, nested groups and slave Servers to the Groups folder.

Groups are displayed as folders similar to the structure of the parent Groups folder: 

• The nested Policies, Tasks and Administration servers folders that store policies, tasks and slave Servers for this group are automatically created when each group is created. 
• When client computers are added to a group, they are displayed in the details panel as a table. 
• If you create a nested folder inside the current folder, it will have the same structure as the parent folder.
• When a slave Server is added the structure similar to the master Server is created automatically.

The Network group of the slave Server contains all computers of the domains and/or work groups in the corporate network, even those computers that are already added to logical networks of other Administration Servers.

When a slave Server is connected the Policies, Tasks and Administration servers folders are also created automatically. This way a hierarchy of groups and Servers of any depth can be built.

The contents of the folder selected in the console tree are displayed in the details panel. In addition to the information in the Network folder, the following data is available for each client

	Useful links
	What does color of a client computer icon mean?

• Status - Current status of the computer (OK/ Warning/ Critical). List of conditions according to which the Warning or the Critical status is granted to the computer can be found in the Administration Server properties on the Computer status tab. The Administrator of the logical network can regulate computer's status conditions by checking/ unchecking the checkboxes on this tab.

According to the computer status the color of the computer icon changes next to its name. 

• - the OK status. 
• - the Warning status. 
• - the Critical status.

Computer icon can change its brightness as well. Brightness of the computer icon shows if the computer connects with the Administration Server or not. If the icon is not bright, then the Agent did not connect to the Server during the set time period. The default period is 60 minutes. This parameter can be changed in Server > Properties >the Settings tab > the Host visibility timeout, min field. 

• On-demand scan – time of the last on-demand scan of a client computer for viruses (i.e. the time when the corresponding task finished). 

• Viruses found – Total number of viruses detected from the first scan until the virus counter was reset last. To reset the counter, go to > Properties > the Protection tab > click Reset virus counter. 

• Real-time protection status – Current real-time protection status for this client (including file/ mail/ scripts / macros scan). If any of the tasks is running then the real-time protection status is Running 

• Connection IP - IP-address used by the Administration Agent to connect to the Administration Server.
• The Updates node contains a list of anti-virus database and applications modules updates which can be delivered to clients. 

• The Remote install node has a list of installation packages for Kaspersky Lab applications which can be used to deploy applications to client computers. 

• The Reports node displays templates of reports on the status of logical network protection. 

• The Computers queries node helps to search client computers by specified parameters and to save the search results to definite folders. 

• The Events node displays a list of events which have occurred during application performance and have been recorded in the Administration Server database. 

• The Global tasks node has a list of global tasks assigned to a bunch of logical network computers. 

• The Licenses node shows licenses installed on client computers. 

• The Storages node contains objects located by anti-virus applications to quarantine or backup folders on client computers.

The objects themselves are not located on the Administration Server. In the console tree each category of objects in the Kaspersky Administration Kit namespace has its own shortcut menu. These menus include both standard MMC shortcut menu commands and commands added to manage the anti-virus protection of this object.

When working with the Console to view the changes, click the F5 button or the Refresh link in the tasks panel. It is connected to the Microsoft Management Console operating peculiarities.