This scenario describes how to install Kaspersky Security Center 11 Administration Server and Kaspersky Security Center 11 Web Console, perform initial setup of the Administration Server by using the Quick Start Wizard, and install Kaspersky Lab applications on managed devices by using the Protection Deployment Wizard.
Installation and initial setup of Kaspersky Security Center 11 Web Console proceeds in stages:
Install the DBMS that will be used by Kaspersky Security Center or use an existing one.
Administration Console and the server version of Network Agent are installed together with Administration Server.
During the installation of Kaspersky Security Center 11 Administration Server, specify whether you want to install Kaspersky Security Center 11 Web Console on the same device. If you choose to install both components on the same device, you do not have to install Kaspersky Security Center 11 Web Console separately, because it is installed automatically. If you want to install Kaspersky Security Center 11 Web Console on a different device, then, after installing Kaspersky Security Center 11 Administration Server, proceed to installing Kaspersky Security Center 11 Web Console.
If you did not choose to install Kaspersky Security Center 11 Web Console together with the Kaspersky Security Center Administration Server, install Kaspersky Security Center 11 Web Console on a different device.
When Administration Server installation is complete, the first connection to the Administration Server the Quick Start Wizard starts automatically. Perform initial configuration of Administration Server according to the existing requirements. During the initial configuration stage, the Wizard uses the default settings to create the policies and tasks that are required for protection deployment. However, the default settings may be less than optimal for the needs of your organization. If necessary, you can edit the settings of policies and tasks.
Kaspersky Security Center with support of Administration Console basic functionality does not require a license. You need a commercial license if you want to use one or several of the additional features, including Vulnerability and Patch Management, Mobile Device Management, and Integration with the SIEM systems. You can add a license key or activation code for these features at the corresponding step of the Quick Start Wizard or manually.
Kaspersky Security Center 11 Web Console does not support Mobile Device Management, Integration with the SIEM systems, and work in a cloud environment. You can use Kaspersky Security Center 11 Web Console to add a license key or activation code for these features, but subsequently the corresponding functionality will only be available in Microsoft Management Console-based Administration Console.
This stage is handled by the Quick Start Wizard. You can also discover the devices manually. Kaspersky Security Center receives the addresses and names of all devices detected in the network. You can then use Kaspersky Security Center to install Kaspersky Lab applications and software from other vendors on the detected devices. Kaspersky Security Center regularly starts device discovery, which means that if any new instances appear in the network, they will be detected automatically.
This stage is handled by the Quick Start Wizard, but you can also move the detected devices into groups manually.
Deployment of protection on an enterprise network entails installation of Network Agent and security applications (for example, Kaspersky Endpoint Security for Windows) on devices that have been detected by Administration Server during the device discovery.
To install the applications remotely, run the Protection Deployment Wizard.
Security applications protect devices against viruses and other programs that pose a threat. Network Agent ensures communication between the device and Administration Server. Network Agent settings are configured automatically by default.
Before you start installing Network Agent and the security applications on networked devices, make sure that these devices are accessible (turned on).
Deploy license keys to client devices to activate managed security applications on those devices.
To apply different application settings to different devices you can use device-centric security management and/or user-centric security management. Device-centric security management can be implemented by using policies and tasks. You can apply tasks only to those devices that meet specific conditions. To set the conditions for filtering devices, use device selections and tags.
You can monitor your network by using widgets on the dashboard, generate reports from Kaspersky Lab applications, configure and view selections of events received from the applications on the managed devices, and view notification lists.