Scenario: Configuring network protection

This section provides a scenario for configuring the organization's network protection. You have to use the scenario to fine-tune the initial configuration performed in Quick Start Wizard. This configuration includes policies and tasks created with the default settings, which may turn out to be sub-optimal or even disallowed by the organization. Therefore, you must check the properties of objects that have been created and modify them manually, if necessary. You may also have to create policies and/or policy profiles for Kaspersky Lab applications that have not been created in the Quick Start Wizard.

When you complete this scenario, your network will be protected by configuration of Kaspersky Lab applications, tasks, and events received by the Administration Server.

Prerequisites

Before you start, make sure that you have successfully installed Kaspersky Security Center 11 Administration Server and Kaspersky Security Center 11 Web Console and completed the Kaspersky Security Center main deployment scenario, including Quick Start Wizard.

When the Quick Start Wizard is running, the following policies and tasks are created in the Managed devices administration group:

Process

The scenario of configuring network protection consists of the following steps:

  1. Setup and propagation of Kaspersky Lab application policies and policy profiles

    To configure and propagate settings for Kaspersky Lab applications installed on the managed devices, you can use two different security management approaches—device-centric or user-centric. These two approaches can also be combined. To implement device-centric security management, you can use tools provided in Microsoft Management Console-based Administration Console or Kaspersky Security Center 11 Web Console. User-centric security management can be implemented through Kaspersky Security Center 11 Web Console only.

  2. Configuring tasks for remote management of Kaspersky Lab applications

    Check the tasks created with Quick Start Wizard and fine-tune them, if necessary.

    How-to instructions:

    or

    If necessary, create additional tasks to manage the Kaspersky Lab applications installed on the client devices.

  3. Evaluating and limiting the event load on the database

    Information about events during the operation of managed applications is transferred from a client device and registered in the Administration Server database. To reduce the load on the Administration Server, evaluate and limit the maximum number of events that can be stored in the database.

    See also:

    How-to instructions:

    or

Results

When the scenario is complete, the Kaspersky Lab applications are configured according to the policies and policy profiles, the applications are managed through a set of tasks, and the maximum number of events that can be stored in the database is set. When the network protection configuration is complete, you can proceed to configuring regular updates to Kaspersky Lab databases and applications.

Page top