Settings of a managed device

Expand all | Collapse all

To view the settings of a managed device:

1. In the main menu, go to Assets (Devices) → Managed devices.

   The list of managed devices is displayed.

2. In the list of managed devices, click the link with the name of the required device.

The properties window of the selected device is displayed.

The following tabs are displayed in the upper part of the properties window representing the main groups of the settings:

• General

  This tab comprises the following sections:

  • The General section displays general information about the client device. Information is provided on the basis of data received during the last synchronization of the client device with the Administration Server:
    • Name

      In this field, you can view and modify the client device name in the administration group.

    • Description

      In this field, you can enter an additional description for the client device.

    • Device status

      Status of the client device assigned on the basis of the criteria defined by the administrator for the status of anti-virus protection on the device and the activity of the device on the network.

    • Device owner

      Name of the device owner. You can assign or remove a user as a device owner by clicking the Manage device owner link.

    • Full group name

      Administration group, which includes the client device.

    • Last update of anti-virus databases

      Date the anti-virus databases or applications were last updated on the device.

    • Connected to Administration Server

      Date and time Network Agent installed on the client device last connected to the Administration Server.

    • Last visible

      Date and time the device was last visible on the network.

    • Network Agent version

      Version of the installed Network Agent.

    • Created

      Date of the device creation within Kaspersky Security Center Cloud Console.

    • Do not disconnect from the Administration Server

      If this option is enabled, continuous connectivity between the managed device and the Administration Server is maintained. You may want to use this option if you are not using push servers, which provide such connectivity.

      If this option is disabled and push servers are not in use, the managed device only connects to the Administration Server to synchronize data or to transmit information.

      The maximum total number of devices with the Do not disconnect from the Administration Server option selected is 300.

      This option is disabled by default on managed devices. This option is enabled by default on the device where the Administration Server is installed and stays enabled even if you try to disable it.

  • The Network section displays the following information about the network properties of the client device:
    • IP address

      Device IP address.

    • Windows domain

      Windows domain or workgroup, which contains the device.

    • DNS name

      Name of the DNS domain of the client device.

    • NetBIOS name

      Windows network name of the client device.

    • IPv6 address
  • The System section provides information about the operating system installed on the client device:
    • Operating system
    • CPU architecture
    • Operating system vendor
    • Operating system folder
    • Device name
    • Virtual machine type

      The virtual machine manufacturer.

    • Dynamic virtual machine as part of VDI

      This row displays whether the client device is a dynamic virtual machine as part of VDI.

    • Operating system build
  • The Protection section provides the following information about the current status of anti-virus protection on the client device:
    • Visible

      Visibility status of the client device.

    • Device status

      Status of the client device assigned on the basis of the criteria defined by the administrator for the status of anti-virus protection on the device and the activity of the device on the network.

    • Status description

      Status of the client device protection and connection to Administration Server.

    • Protection status

      This field shows the current status of real-time protection on the client device.

      When the status changes on the device, the new status is displayed in the device properties window only after the client device is synchronized with the Administration Server.

    • Last full scan

      Date and time the last malware scan was performed on the client device.

    • Virus detected

      Total number of threats detected on the client device since installation of the security application (first scan), or since the last reset of the threat counter.

    • Objects that have failed disinfection

      Number of unprocessed files on the client device.

      This field ignores the number of unprocessed files on mobile devices.

    • Disk encryption status

      The current status of file encryption on the local drives of the device. For a description of the statuses, see the Kaspersky Endpoint Security for Windows Help.

  • The Device status defined by application section provides information about the device status that is defined by the managed application installed on the device. This device status can differ from the one defined by Kaspersky Security Center Cloud Console.
• Applications

  This tab lists all Kaspersky applications installed on the client device.This tab contains the Start and Stop buttons that allow you to start and stop the selected Kaspersky application (excluding Network Agent). You can use these buttons if port 15000 UDP is available on the managed device for receipt push-notifications from Administration Server. If the managed device is unavailable for push-notifications, but the mode of continuous connection to Administration Server is enabled (the Do not disconnect from the Administration Server option in the General section is enabled), the Start and Stop buttons are available too. Otherwise, when you try to start or stop the application, an error message is displayed. Also you can click the application name to view general information about the application, a list of events that have occurred on the device, and the application settings.

• Active policies and policy profiles

  This tab lists the policies and policy profiles that are currently assigned to the managed device.

• Tasks

  On the Tasks tab, you can manage client device tasks: view the list of existing tasks, create new ones, remove, start and stop tasks, modify their settings, and view execution results. The list of tasks is provided based on data received during the last session of client synchronization with the Administration Server. The Administration Server requests the task status details from the client device. If port 15000 UDP is available on the managed device for receipt push-notifications from Administration Server, the task status is displayed and buttons for managing the task are enabled. If the managed device is unavailable for push-notifications, but the mode of continuous connection to Administration Server is enabled (the Do not disconnect from the Administration Server option in the General section is enabled), the actions with tasks are available too.

  If connection is not established, the status is not displayed and buttons are disabled.

• Events

  The Events tab displays events logged on the Administration Server for the selected client device.

• Security issues

  In the Security issues tab, you can view, edit, and create security issues for the client device. Security issues can be created either automatically, through managed Kaspersky applications installed on the client device, or manually by the administrator. For example, if some users regularly move malware from their removable drives to devices, the administrator can create a security issue. The administrator can provide a brief description of the case and recommended actions (such as disciplinary actions to be taken against a user) in the text of the security issue, and can add a link to the user or users.

  A security issue for which all of the required actions have been taken is called processed. The presence of unprocessed security issues can be chosen as the condition for a change of the device status to Critical or Warning.

  This section contains a list of security issues that have been created for the device. Security issues are classified by severity level and type. The type of a security issue is defined by the Kaspersky application, which creates the security issue. You can highlight processed security issues in the list by selecting the check box in the Processed column.

• Tags

  In the Tags tab, you can manage the list of keywords that are used for finding client devices: view the list of existing tags, assign tags from the list, configure auto-tagging rules, add new tags and rename old tags, and remove tags.

• Advanced

  This tab comprises the following sections:

  • Applications registry. In this section, you can view the registry of applications installed on the client device and their updates; you can also set up the display of the applications registry.

    Information about installed applications is provided if Network Agent installed on the client device sends required information to the Administration Server. You can configure sending of information to the Administration Server in the properties window of Network Agent or its policy, in the Repositories section.

    Clicking an application name opens a window that contains the application details and a list of the update packages installed for the application.

  • Executable files. This section displays executable files found on the client device.
  • Distribution points. This section provides a list of distribution points with which the device interacts.
    • Export to file

      Click the Export to file button to save to a file a list of distribution points with which the device interacts. By default, the application exports the list of devices to a CSV file.

    • Properties

      Click the Properties button to view and configure the distribution point with which the device interacts.

  • Hardware registry. In this section, you can view information about hardware installed on the client device.
  • Available updates. This section displays a list of software updates found on this device but not installed yet.
  • Software vulnerabilities. This section provides information about vulnerabilities in third-party applications installed on client devices.

    To save the vulnerabilities to a file, select the check boxes next to the vulnerabilities that you want to save, and then click the Export to CSV button or Export to TXT button.

    The section contains the following settings:

    • Show only vulnerabilities that can be fixed

      If this option is enabled, the section displays vulnerabilities that can be fixed by using a patch.

      If this option is disabled, the section displays both vulnerabilities that can be fixed by using a patch, and vulnerabilities for which no patch has been released.

      By default, this option is enabled.

    • Vulnerability properties

      Click a software vulnerability name in the list to view the properties of the selected software vulnerability in a separate window. In the window, you can do the following:

      • Ignore software vulnerability on this managed device (in Administration Console or in Kaspersky Security Center Cloud Console).
      • View the list of recommended fixes for the vulnerability.
      • Manually specify the software updates to fix the vulnerability (in Administration Console or in Kaspersky Security Center Cloud Console).
      • View vulnerability instances.
      • View the list of existing tasks to fix vulnerability and create new tasks to fix vulnerability.

  • Remote diagnostics. In this section, you can perform remote diagnostics of client devices.