1 / 54

Kaspersky Endpoint Security 8.0 for Windows

Kaspersky Endpoint Security 8.0 for Windows. Deployment guide. Introduction. Typical Corporate Network. Network servers. Workstations. Gateway. Internet. Mail servers. Portable media. Malware Penetration Routes. Viruses Network worms Trojans Riskware / adware Advertisements

lenore
Download Presentation

Kaspersky Endpoint Security 8.0 for Windows

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Kaspersky Endpoint Security 8.0forWindows Deployment guide

  2. Introduction

  3. Typical Corporate Network Network servers Workstations Gateway Internet Mail servers Portable media

  4. Malware Penetration Routes • Viruses • Network worms • Trojans • Riskware / adware • Advertisements • Hacker attacks • Network worms • Trojans • Hacker attacks • Viruses • Network worms • Trojans • Riskware / adware Network Servers Workstations Gateway Internet • Viruses • Network worms • Trojans • Spam • Phishing • Advertisements Portable devices • Viruses • Trojans • Riskware / adware Mail Servers

  5. Levels of Malware Protection

  6. Gateway protection (KL 1004) • Kaspersky Gateway Security • Kaspersky Anti-Virus 8.0 forMS ISA / TMG Server • Kaspersky Anti-Virus 5.6 forMS ISAServer • Kaspersky Anti-Virus 5.5 forProxyServer • Kaspersky Anti-Virus 5.5 for CheckPointFireWall

  7. Mail Systems Protection (KL 1003) Kaspersky Securityfor Mail Servers • Kaspersky Security 8.0 for MSExchangeServer • Kaspersky Security 5.5 for MSExchangeServer 2003 • Kaspersky Ant-Virusfor Mail Servers • Kaspersky Anti-Virus 5.5 for MSExchangе 2000/2003 • Kaspersky Security 6.0 for MSExchangeServer 2007 • Kaspersky Anti-Virus 8.0 forLotusNotes/Domino • Kaspersky Anti-Virus 5.6 forLinuxMailServer • Kaspersky MailGateway 5.6 • Kaspersky Anti-Spam 3.0

  8. Workstations and Servers protection (KL 1102) Kaspersky Enpoint Security Kaspersky Endpoint Security 8.0 for Windows Kaspersky Endpoint Security 8.0 for Linux Kaspersky Endpoint Security 8.0 for Mac Kaspersky Endpoint Security 8.0 for Smartphone Kaspersky Anti-Virus8.0 forWindows Servers Enterprise Edition Kaspersky Anti-Virus8.0 for Linux File Servers Kaspersky Anti-Virus5.7forNovellNetWare Management Server Kaspersky Security Center 9.0

  9. Product Line Renewal

  10. Product Line Renewal Windows Workstations and Servers protection Kaspersky Endpoint Security 8.0 for Windows Management Server Kaspersky Security Center 9.0

  11. Management Server. What’s new?

  12. Management Server. What’s new?

  13. Anti-virus protection. What’s new?

  14. Anti-Virus protection implementation

  15. Prerequisites

  16. Microsoft Network Security Enhancements (KL 1001) UseActive Directory Central management Group policy mechanism(GPO) Update system Easy to deploy anti-virus complex Disable autorun(autorun) for all drives Limit external devices (data storages, modems, smart phones,.. ) Enforce password policy (length, complexity, lifetime, uniqueness) Limited accounts for users Limited shared folders (quantity, privileges)

  17. Corporate Update System (KL 1001) Corporate Update System Microsoft Products (Windows, Exchange, Office, ISA, MS SQL) WSUS (Microsoft Windows Server Update Services) Software of other Vendors Built-in Update tools Using GPO facilities (semi-automatically) Implement corporate legalized software list Watch the patch news Download timely update packages Deploy via GPO (Software install) Using Kaspersky Security Center 9.0 Regular vulnerability scan by Kaspersky Endpoint Security Download update packages Deploy remotely via Security Center

  18. Kaspersky AV-Complex Deployment

  19. Kaspersky AV-Complex Scheme Network Agent Kaspersky Endpoint Security Web Server Web console SQL Server Management Console Management Server

  20. Action plan Network examination Administration server installation Kaspersky Security Center 9.0 Logical network creation Client applications deployment Network Agent 9.0 Kaspersky Endpoint Security 8.0 forWindows Administration Server configuring

  21. Network examination What information to collect Hardware platforms Operating systems Security policies Access rights Network topology Workgroup Active Directory Firewall Local Network Deployment tools (Microsoft System Center, Tivoli, ...)

  22. Kaspersky Security Center Installation

  23. Security Center Installation Steps Administration server Management console Web-management console

  24. Security Center Installation Requirements SQL-Server installed Compliance with system requirements Appropriate account privileges Local administrator (workgroup) Domain administrator (active directory) No Kaspersky Network Agents installed

  25. Supported Types of SQL Server Microsoft SQL Server 2005 Standard/Enterprise/Express(freeware ) Edition Microsoft SQL Server 2008 (x32/x64) Standard/Enterprise/Express(freeware) Edition Microsoft SQL Server 2008 R2 (x32/x64) Standard/Enterprise/Express(freeware) Edition MySQL Enterprise Server 5.0.32, 5.0.70

  26. SQL Server. Enterprise or Freeware? MS SQL 2005/2008 Express Edition Maximum database size: 4GB Hardware limitations : 1CPU, 1 GBRAM MS SQL 2008 R2Express Edition Maximum database size: 10GB Hardware limitations : 1CPU, 1 GBRAM Due to above limitations it is not recommended to use freeware SQL servers for more than 1000 clients

  27. Security Center: software requirements Operating systems MS Windows XP Professional (SP2+) * MS Windows Server 2003 (SP 1+) * Microsoft Windows Vista (SP1+)* Microsoft Windows Server 2008 (SP1+)* / R2 (Core) Microsoft Windows 7 * * 32/64 bit editions Additional software Microsoft.NET Framework 2.0 SP1* Microsoft Data Access Components (MDAC) 2.8* or higher Windows DAC 6.0* Microsoft Internet Explorer 8.0 or higher Windows Installer 4.5 for Windows Server 2008/ Windows Vista *Software is installed automatically

  28. OS Type: Server or Client? Windows XP / Vista / 7 Connections limitation : Win XP: 10 Win 7: 20 Client OS: designed for usability and appearance not best performance Windows Server 2003 /2008/ R2 Designed for Server operations (high performance and reliability) Number of redundant processes and modules is minimal

  29. Security Center: Hardware Requirements Minimum Intel Pentium 1.4 GHz processor 512 MB of extra RAM 1 GB of free hard drive space Sufficient for 1000 client computers Intel Pentium 2.8 GHz processor 1 GB of extra RAM *See deployment guide for detailed information

  30. Security Center Installation Steps Administration server Management console Web-management console

  31. Management console: software requirements Operating systems MS Windows XP Professional (SP2+) * MS Windows Server 2003 (SP 1+) * Microsoft Windows Vista (SP1+)* Microsoft Windows Server 2008 (SP1+)* / R2 (Core) Microsoft Windows 7 * * 32/64 bit editions Additional software Microsoft.NET Framework 2.0 SP1* Microsoft Data Access Components (MDAC) 2.8* or higher Windows DAC 6.0* Microsoft Internet Explorer 8.0 or higher Windows Installer 4.5 for Windows Server 2008/ Windows Vista *Software is installed automatically

  32. Management console: Hardware Requirements Minimum Intel Pentium 1.4 GHz processor 512MB of extra RAM 100 MB of free hard drive space

  33. Security Center Installation Steps Administration server Management console Web-management console

  34. Webconsole: software requirements Server side Web server Apache 2.2 Client side Operating system Any with supported type of web browser Web browser Microsoft Internet Explorer 7 or higher Mozilla Firefox 3.6 or higher Google Chrome 12 or higher Apple Safari 4or higher Opera 11 or higher

  35. Demo: Security Center Installation

  36. Quick Start Wizard

  37. Quick Start Wizard License add KSN agreement Network scan Notification settings Initial Kaspersky Endpoint Security configuration Group policies Group tasks Kaspersky Security Center tasks

  38. Demo: Quick Start Wizard

  39. Kaspersky Security Center Logical Network Implementation

  40. Logical Network Implementation Administration groups creation Group structure wizard Manual Computer assignment Automatic Manual

  41. Demo: Logical Network Implementation

  42. Anti-Virus Applications Remote Installation

  43. Supported Operating Systems

  44. KES 8.0: Hardware Requirements Windows 7/ Vista / 2003/ 2008/ 2008R2 Processor Intel Pentium 2.0 GHz or equivalent 1024 MB of available memory 1GB of available disk space Windows XP / Embedded Processor Intel Pentium 2.0 GHz or equivalent 512 MB of available memory 1GB of available disk space Windows Embedded Processor Intel Pentium 1.0 GHz or equivalent 256 MB of available memory 1GB of available disk space

  45. Applications Deployment Steps Installation packages creation Network Agents remote installation Compatibility check Incompatible applications report Detected applications uninstall Remote from Administration Kit (recommended) Automatic by installation package Kaspersky Anti-Virus remote installation License distribution

  46. Remote Installation Methods Push installation methods Using Windows tools ( RPC -based) Using Network Agents Additional (delayed) installation methods Active-directory-based methods Installation using Active Directory policies Installation using login scripts Employing users’ help Using 1-click installation packages

  47. Installation Using Windows (RPC) tools Installation files are copied to the Admin$ (\\target\admin$) share Installation is launched via RPC Installation success depends on a number of factors This method is fully automated in Kaspersky Security Center

  48. RPC Installation Requirements Windows NT-like operating system (exceptfor Home Editions) Network availability Physical Check LAN Logical Firewall (Windows) Turn off Allowfile sharing (TCP 139, 445, UDP 137, 138) Access to the Admin$ folder File sharing service (server) is enabled Local administrator privileges Guest access disabled (Workgroups’ problem) “Simple file sharing” disabled Local security policies (secpol.msc) Network access: Sharing and security model for local accounts (Classic) Blank passwords Accounts: Limit local account use of blank passwords to console logon only (Disabled) Windows Vista, 7, 2008/R2 User account control (UAC) disabled or built-in Administrator account is used (workgroups) Enable file and printer sharing for current network profile (work\home, public, domain) Administrative privileges to perform installation

  49. Typical Errors

  50. Demo: Anti-Virus Applications Remote Installation

More Related