DATA SOURCES FOR INDEPENDENT RESEARCH
You can view the following sources of information about the application: application page at the web site of Kaspersky Lab; application page at the web site of the Technical Support Server (in the Knowledge Base); online help system; documentation. Application page at Kaspersky Lab web site http://www.kaspersky.com/administration_kit On this page you can find general information about the application, its features and peculiarities. Application page at the web site of the Technical Support Server (in the Knowledge Base). http://support.kaspersky.com/remote_adm This page contains articles published by the experts of the Technical Support Service. The articles contain useful information, guidelines and answers to frequent questions pertaining to the purchase, installation and use of the application. The articles are sorted by subject, such as "License management", "Database updates", and "Troubleshooting". The articles may answer questions that are related not only to this particular application, but also to other Kaspersky Lab's products. They also may contain general Technical Support service news. Online help system The application package includes a full help file. Full help contains stepwise description of the features offered by the application. To open full help, select Kaspersky Administration Kit online help system in the Help menu of the console. If you have a question about a specific application window, you can use context help.
In order to open context help, press the Help button or <F1> key in the window you need help on. Documentation The documentation supplied with the application aims to provide all the information you will require. It consists of the following documents: Administrator's Guide describes the purpose, basic concepts, features and general schemes for work with Kaspersky Administration Kit. Deployment Guide contains a description of the installation procedures for the components of Kaspersky Administration Kit as well as remote installation of applications in computer networks using simple configuration. Getting Started guide contains a description of steps, which allow an anti-virus security administrator to start working with Kaspersky Administration Kit quickly and deploy anti-virus protection based on Kaspersky Lab's applications in the managed network. Reference Guide contains the purpose of Kaspersky Administration Kit and stepwise descriptions of the features it offers. Files containing the documents in PDF format are included in the distribution package of Kaspersky Administration Kit (installation CD). You can download the documentation files from the application page at the Kaspersky Lab's web site.

LAUNCHING THE APPLICATION
The Kaspersky Administration Kit can be launched by selecting Kaspersky Administration Kit from the Kaspersky Administration Kit program group in the standard Start Programs menu. This program group is created only on administrator's workstations during the Kaspersky Administration Console installation. To access the functionality of Kaspersky Administration Kit the Administration Server of Kaspersky Administration Kit must be running.

MAIN PROGRAM WINDOW

The main program window (see the figure below) contains a menu, a toolbar, browsing pane and an informational panel, which can display the task pane or results pane. The menu provides controls for the windows and access to the help system. The Action submenu duplicates the context menu commands for the current node or folder of the console tree. The toolbar buttons allow direct access to some items of the main menu. Items available on the toolbar depend on the current node of the console tree. Browsing pane displays the namespace of Kaspersky Administration Kit as a console tree (see section "Console tree" on page 28). Informational area of the main window can display the task pane, results pane, or their combination. For some nodes of the console tree the informational area can offer two viewing modes: extended and standard. Switching between them is performed using the corresponding tabs. The task pane consists of one or several tabs, which display pages containing links for fast access to basic operations available for the node selected in the console tree. For more details about using the task pane please refer to the Task pane section (on page 30).
The results pane displays a list of items within the node selected in console tree or a set of informational panes. It can be a list of computers in groups, list of reports, event or computer selections, etc. For more details about using the task pane please refer to the Task pane section (on page 33).
Figure 3. Main program window of Kaspersky Anti-Virus

CONSOLE TREE

Console tree (see the figure below) displays the hierarchy of Administration Servers existing in corporate network, the structure of their administration groups and other objects of the application, such as repositories, selections, etc.
The namespace of Kaspersky Administration Kit can contain several nodes including the names of servers corresponding to the installed Administration Servers included in the hierarchy.

Figure 4. Console tree

The Administration Server <computer name> node is a container that reflects the structure of folders of the selected Administration Server. The Administration Server <computer name> container includes the following nodes: Managed computers; Reports and notifications; Kaspersky Administration Kit tasks; Tasks for specific computers; Event and computer selections; Unassigned computers; Repositories. The Managed computers folder is intended for storage, display, configuration and modification of the structure of administration groups, group policies and group tasks.

TASK PANE

The task pane is an area within the window containing the set of links for operations with the Administration Server objects and the Administration Server itself. There are two conventional views of task panes: standard and extended.
Extended task pane (see the figure below) is available for most nodes and objects of the console tree. It is an HTML page containing links for various operations, navigation to other Administration Server objects and brief information about the current object or node. A single node can have several task panes, which appear as tabs with their names displayed in the upper part of the informational pane. For convenient browsing between Administration Server nodes and objects, the upper part of the task pane offers a navigation chain: Getting started <node name>. <folder name> <object name>. Groups of links can be combined into blocks for more convenient arrangement in the pane.
Figure 5. Extended view of the task pane. The Managed computers node
For some objects of the console tree the task pane can display summarized information about an object, for example, the results of policy enforcement (see the figure below). In that case the extended pane also functions as the results pane (see section "Results pane" on page 33).
Figure 6. Policy task pane
For some nodes that have no extended task pane, the standard task pane is provided. It is represented by a set of links in the left part of the results pane (see the figure below). Links of the standard task pane, similarly to the extended pane, are used to proceed to performing various operations, viewing or editing object properties. The results pane including the task pane is available on a tab under the name of a corresponding node or folder.
Figure 7. Standard task pane for the Client computers node
In the Kaspersky Administration Kit documentation the term "task pane" means extended task pane. When references to the standard task pane are used, its items are described as part of the results pane.

RESULTS PANE

Results pane is a window area that displays different information: a list of computers, policies or tasks created using the specified templates, etc. There are two views of results panes: standard and extended, which are available on the identically named tabs. For generated reports the results pane contains diagrams as well as summarized and detailed information presented in tables (see the figure below). Results pane can consist of informational panels (see the figure below), each of them being a separate page. Data in the informational panels can be displayed as a table or (pie or bar) chart. Administrators can change the selection of pages and informational panels as well as the data and method of their presentation:

The program retrieves information about the structure of folders from the Administration Server and displays it in the console tree.
Figure 9. Connecting to the Administration Server
Users who have insufficient rights for connection will be denied access to the Administration Server. Access rights are verified using the Windows network user authentication procedure. If there are several Administration Servers installed in a corporate network, you can work with each of them from the same administrator's workstation. To navigate to administration groups of another Server, you can connect to the necessary Server or add to the console tree several Servers and connect to each of them. You can work in parallel mode with several Administration Servers only if you are an operator or administrator of Kaspersky Administration Kit for each Server or if you have the necessary rights on all Servers.

GRANTING RIGHTS

After an Administration Server is installed, the rights to connect to the Server and work with it are granted to users included in (see section "Rights to access the Administration Server and its objects" on page 24) the KLAdmins and KLOperators groups. You can change the access rights for the KLOperators group, grant the rights to work with Server to other user groups and individual users registered on the computer where the Kaspersky Administration Console is installed.

MANAGEMENT

OF NETWORK COMPUTERS
The rights to access all objects of an Administration Server are granted in the Administration Server settings window on the Security tab (see the figure below).
Figure 10. Granting rights to access the Administration Server
Access rights can be provided individually to each administration group or granted for other objects of an Administration Server, for example, Administration Server tasks. This configuration is performed in the object properties window, on the Security tab. Administrator can track user operations through Administration Server events registered in event logs. These events have the severity level Info; and event types begin with Audit. They appear in the Events node of the console tree in the Audit events folder.
VIEWING INFORMATION ABOUT THE COMPUTER NETWORK. DOMAINS, IP SUBNETS AND ACTIVE DIRECTORY GROUPS
Information about the computer network structure and the computers it contains is displayed in the Unassigned computers node of the console tree. The Unassigned computers folder contains three subfolders: Domains; Active Directory;
IP subnets. The Domains folder contains the hierarchy of subfolders reflecting the structure of domains and workgroups in the corporate Windows LAN. Each of the folders at the lowest level contains a list of computers of the respective domain or workgroup, which are not included in the structure of administration groups. Once a computer is included in a group, information about it will be immediately deleted from the folder. If the computer is excluded from the structure of the administration group, information about it will again be placed in the corresponding folder of the Unassigned computers / Domains node. The Active Directory folder displays computers reflecting the Active Directory structure. The IP subnets folder displays computers reflecting the structure of IP subnetworks created within the network. The structure of the IP subnets folder can be determined by the administrator by creating new IP subnets and editing the settings of existing ones. By default, IP subnets are used to display only the IP subnets that include an Administration Server. The task pane of the Unassigned computers node contains links for navigation to settings configuration and viewing the contents of nested folders. The content of each Domains, Active Directory or IP subnets folders is displayed in the results pane as a table. Full list of the results pane columns for each object of the Administration Console is available in the Reference Guide. If the structure uses several levels, i.e. there are subfolders, it is displayed in the console tree. Lowest elements of the hierarchy (client computers) are not displayed in the console tree. Creation and updating of the Unassigned computers group is performed by the Administration Server. It regularly polls the corporate network using defined settings to detect newly added and disconnected computers in it. Administration Server can use the following types of network scanning: Windows network polling. There are two polling methods: quick and full. During a quick scan, the server only collects information about the list of NetBIOS names for computers in all network domains and workgroups. During a full scan, additional information is requested about computers: operating system, IP address, DNS name, etc. For viewing and modification of the settings for Windows network polling, use the Configure link in the Network environment scanning section in the task pane of the Unassigned computers node. IP subnets polling. The Administration Server will poll the specified IP ranges using ICMP packets, and collect a complete set of data on hosts within the range. For viewing and modification of the settings for IP subnets polling, use the Configure link in the IP-subnets scanning section in the task pane of the Unassigned computers node. Polling of Active Directory groups. This causes information on the Active Directory unit structure and host DNS names to be entered into the Administration Server database. For viewing and modification of the settings for polling of Active Directory groups, use the Configure link in the Active Directory scanning section in the task pane of the Unassigned computers node. Administration Server uses the collected information and the data on computer network structure to update the contents of the folders in the Unassigned computers node. In that case, computers discovered in the network can be automatically added to certain administration groups. There is an opportunity to disable polling of computers displayed in the folders of the Unassigned computers node. The folders of the Unassigned computers node of the master Administration Server also display hosts belonging to the computer network which includes slave Administration Servers.

when a child group is added, the system creates a folder with precisely the same structure.
Figure 11. Viewing the structure of Administration Server folders
When a folder is selected in the console tree, its content is displayed in the results pane. Full list of the results pane columns for each object of the Administration Console is available in the Reference Guide. Manipulations with the objects in the Managed computers folder are performed using the context menu commands (see section "Context menu" on page 34) and the links of the task pane. For administration groups with the structure identical to the structure of domains and workgroups in the existing Windows network, you can use the Quick Start Wizard (see section "Quick Start Wizard" on page 39). To create a designed structure manually, perform the following actions: 1. 2. 3. 4. Connect to the necessary Administration Server. Build the hierarchy creating the child groups one by one. Add client computers to the groups. Add slave Administration Servers.
The structure of administration groups is displayed in the Managed computers folder. You can view information about each of its objects: slave servers, groups and client computers. The system provides the time of object creation and last modification of its settings (see the figure below). You can also view and edit the settings of object interaction (slave Server, client computer or all client computers in a group) with the Administration Server.
Figure 12. Viewing the group properties
To find information about specific client computers, you can use the computer search feature (see section "Finding computers" on page 77) in the corporate network based on the specified criteria. During search the system can use information about slave Administration Servers. To find, save and display information about computers in a separate folder of the console tree, use the functionality for creation of selections (see section "Computer selections" on page 79). When the configuration of corporate computer network changes, adequate modifications in the structure of administration groups are required. You can: Add to any administration group an arbitrary number of groups of any level (slave Administration Servers and child groups making up the next hierarchy level can be added to a group). You can also determine, which Kaspersky Lab's applications will be installed automatically on all client computers newly added to the group. To automatically install Kaspersky Lab's applications on new computers running the Microsoft Windows 98 / ME operating systems, install the Network Agent on these computers in advance. Add client computers to the groups. Change the hierarchy of administration groups by moving individual client computers and whole groups to other groups.

Remove child groups and client computers from groups. Add slave Administration Servers in order to decrease the load on the master Server, minimize intranet traffic and increase the reliability of remote management system. Move client computers from administration groups of one Server to the groups of another server.

GROUPS

Kaspersky Administration Kit provides an opportunity to create custom groups. To add a new group, use the Create a subgroup link on the results pane. A new folder with specified name will appear in the Managed computers node of the console tree (see the figure below). In the folder the system automatically creates the following subfolders: Policies. Group tasks. Client computers. Administration Servers. The Administration Servers folder will be displayed in the created folder, if the Display slave Administration Servers box is checked in the interface settings. They will be filled during definition of group policies, creation of group tasks and addition of slave Administration Servers.
Figure 13. Viewing the structure of Administration Server folders
You can add to a group client computers and child groups making up the next hierarchy level. You can configure the display of inherited policies and group tasks in child groups. You can also determine, which Kaspersky Lab's applications will be installed automatically on all client computers newly added to the group.
To automatically install Kaspersky Lab's applications on new computers running the Microsoft Windows 98 / ME operating systems, install the Network Agent on these computers in advance. In the future you can change the name of the group, move it to another group or delete it. A group is moved together with all child groups, slave Administration Servers, client computers, group policies and tasks. The system will apply to it all the settings corresponding to its new position in the hierarchy of administration groups. Groups are moved using the standard Cut / Paste commands of the context menu or the corresponding items from the Action menu or with the mouse. While moving groups, the requirement for a unique group name within a single hierarchy level must be observed. To resolve possible name conflicts, you should change the name before relocation. If a group name is not unique, then it will be supplemented with suffix_1, _2, and so on. You cannot rename the Managed computers folder because it is an in-built element of the Administration Console. A group can be deleted from the Administration Server folders if it contains no slave Administration Servers, child groups and client computers and there are no group tasks and policies associated with it. A selected group can be deleted using the Delete command from the context menu or the corresponding item from the Action menu.

DOWNLOADING OF UPDATES TO THE ADMINISTRATION SERVER REPOSITORY
The Administration Server updates download task is a global task; only one such task can exist. The task is created and started for one host only - the computer running the Administration Server component. If you have used the Quick Start Wizard, the Download updates to repository task is already created and located in the Kaspersky Administration Kit tasks node in the console tree.
To create an updates download task for Administration Server, start the task creation wizard for the Kaspersky Administration Kit tasks node and select Download updates to repository as the task type (see the figure below).
Figure 25. Creating the task of downloading of updates to the repository
If a hierarchy of Administration Servers is created (or planned) in a computer network, then the option to Force update of slave Servers must be enabled in the settings of the master Server task for automatic distribution of updates to slave Servers (see the figure below). In that case immediately following an update of the master Server, update tasks of slave Servers will be started (if they are created).

UPDATING

THE DATABASE AND PROGRAM MODULES
Enabling of the option to Force update of slave Servers does not create updates download tasks on slave Administration Servers automatically. They should be created manually individually for each slave Server.
Figure 26. Configuring other update task settings
When an Administration Server performs the Download updates to repository task, updates to databases and program modules of applications are downloaded from the updates source and stored in the shared folder. The updates from the shared folder are distributed to the client computers (see section "Distribution of updates to client computers" on page 62) and slave Administration Servers (see section "Updating of slave Servers and their client computers" on page 63). The following resources can be used as a source of updates for the Administration Server: Kaspersky Lab's update servers; master Administration Server; FTP / HTTP server or network folder containing updates. Source selection depends on task settings. In case of update from an FTP / HTTP server or network folder, correct Server update requires that the source must provide a copy of proper folders structure containing the updates and identical to the structure generated when updates are copied by Kaspersky Lab's software.
You can view information about the received updates in the console tree within the Updates folder of the Repositories node. The updates are listed in the results pane (see the figure below).
Figure 27. Viewing downloaded updates

in the settings of the updates download task for slave Servers select Master Administration Server as the source of updates (see the figure below);
Figure 29. Updating from master Administration Server
in the settings of the updates download task on primary Administration Server enable automatic distribution of updates to slave Servers enabling the option to Force update of slave Servers (see the figure below);
Figure 30. Configuring other update task settings
if necessary, select the Update Agents (see section "Distribution of updates via Update Agents" on page 64) within administration groups.
DISTRIBUTION OF UPDATES VIA UPDATE AGENTS
To distribute updates to client computers, you can use Update Agents, i.e. computers acting as intermediate centers for distribution of updates and installation packages within an administration group. They receive updates from the Administration Server and store them in the destination folder defined during application installation. The destination
folder can be changed in the Update Agent properties. In this case only the updates necessary within the group are copied. Client computers then contact the agents for updates. Creation of the list of Update Agents and their configuration are performed in the group properties window on the Update Agents tab (see the figure below). Besides updates, the agents distribute the settings of group policies and tasks to client computers.
Figure 31. Creating the list of Update Agents

MAINTENANCE

Some regular procedures are recommended as part of maintenance practice for administration groups: Regularly generate and view reports on the operation of applications on client computers (see section "Reports" on page 74). Read notifications sent from client computers and Administration Server. Complete list of notifications created by the applications included in Kaspersky Lab's products can be found in their corresponding documentation. If a situation has occurred on one of the client computers, and the administrator thinks it proper to interfere, he or she can do this from the administrator's workstation, i.e. disinfect the infected files on this computer. Timely update (see section "Updating the database and program modules" on page 59) the databases and program modules of applications installed on the client computers. Regularly check the size of the database for the information on operation of applications submitted from client computers and free disk space required for its storage on the Administration Server. Add new computers in the corporate network to administration groups in a timely manner and install necessary anti-virus applications on those hosts. Regularly perform the backup copying of the administration system data (see section "Backup copying and restoration of Administration Server data" on page 85). Regularly check the status of licenses for the applications installed in the network, and renew them as necessary (see section "Renewing your license" on page 67). View information about the events from Administration Server and applications that it controls (see section "Event logs. Event selections" on page 70). Monitor the status of Quarantine (see section "Quarantine and Backup" on page 68) and information about unprocessed files (see section "Unprocessed files" on page 85). Kaspersky Administration Kit has some features making network maintenance a lot easier: searching for computers, administration groups and slave Servers according to specified parameters (see section "Finding computers" on page 77); maintaining a registry of applications (see section "Applications registry" on page 81); control of virus outbreaks (on page 82).

Renewing your license..... 67 Quarantine and Backup..... 68 Event logs. Event selections..... 70 Reports...... 74 Detecting computers..... 77 Computer selections..... 79 Application registry...... 81 Control of virus outbreaks.... 82 Unprocessed files..... 85 Backup copying and restoration of Administration Server data.... 85

RENEWING YOUR LICENSE

The right to use Kaspersky Lab's software is granted in accordance with the License Agreement made at its purchase. During the license validity period, you are entitled to: use the anti-virus functionality of the application; update application databases; upgrade the application; consult the Technical Support Service in matters pertaining to the installation, configuration and operation of the application using telephone or request form at the Kaspersky Lab's web site; send detected infected and suspicious objects to Kaspersky Lab for analysis. Kaspersky Administration Kit does not require a license to function! While contacting the Technical Support Service, please use the information about the license for any of Kaspersky Lab's applications you have purchased that is managed using Kaspersky Administration Kit. Kaspersky Administration Kit checks the presence of the license, which is an essential part of any Kaspersky Lab's product and identifies its validity period. An application can have only one current license. It contains restrictions for software use that can be verified by special algorithms. When the license expires, the benefits listed above are restricted. License renewal means purchase and installation of a new license. Kaspersky Administration Kit features opportunities for centralized monitoring of the status of licenses installed on client computers and their renewal. When a license is installed using the Kaspersky Administration Kit services, all information about it is stored on the appropriate Administration Server. The information is used for generation of reports on the status of installed licenses and for notifications about license expiry or about exceeded threshold for the maximum number of applications using a license. Parameters for notifications about the status of licenses are configured in the Administration Server settings.
To generate a report on the status of licenses installed on client computers, you can use the internal Licensing Report template or create a new template of the same type. The report created using the Licensing Report template contains complete information about all licenses installed on all client computers (both current and reserve licenses), indicating which computers are using which keys, and the license restrictions. A complete list of the licenses installed on client computers can be found in the Repositories node, in the Licenses folder (see the figure below). The application displays complete information for each license in the results pane. Full list of the results pane columns for the Licenses folder is available in the Reference Guide.

Search will be performed using the data collected by the Administration Server and slave Servers (if the Include data from slave Servers (down to level) box is checked in the search settings) while polling the computer network. The search will list computers included in the Unassigned computers node selected for the search, and in the Unassigned computers node on all slave Servers (if the Include data from slave Servers (down to level) box is checked in the search settings). Administration Server <server name> full search for computers. Search will be performed based on information about the structure of administration groups and the data collected by the Administration Server and slave Servers (if the Include data from slave Servers (down to level) box is checked in the search settings) while polling the computer network. The search will return: client computers included in the administration groups of the selected Administration Server and all its slave Servers (if the Include data from slave Servers (down to level) box is checked in the search settings); computers included in the Unassigned computers group of the selected Administration Server and the Unassigned computers groups of all its slave Servers (if the Include data from slave Servers (down to level) box is checked in the search settings). To find, save and display information about computers in an individual folder of the console tree, use the feature for creation of computer selections.

COMPUTER SELECTIONS

For more flexible control over the status of client computers, information about them based on various criteria is displayed in a separate node of the console tree Event and computer selections in the Computer selections folder (see the figure below).
Figure 41. Computer selections
Status diagnostics of client computers is performed based on the data describing the anti-virus protection status on a host and information about its network activity. Diagnostics settings can be configured individually for every administration group on the Computer status tab (see the figure below).
Figure 42. Configuring the client computer's status diagnostics
Information about new computers is based on the results of network polling by the Administration Server.
There is an opportunity to create more selections, change the set of displayed columns and save event selection to a txtfile. To add computers to the selection, configure the selection settings (see the figure below). Selection can be used for search and subsequent relocation of found computers into administration groups. Relocation can be performed using the mouse.
Figure 43. Configuring a computer selection. The General tab

APPLICATION REGISTRY

This section is disabled by default. To enable the Applications registry, check the corresponding box in the interface settings of the Administration Server. To view the registry of applications installed on network computers, open the Applications registry folder of the Repositories node. Information about applications is provided from the system registry of client computer in LAN; it is summarized in a table containing the following fields: Name application name; Version application version; Manufacturer vendor name; Number of computers the number of network hosts where the application is installed; Comments brief application description; Technical Support Service web site address of the Technical Support Service;

GLOSSARY

ADMINISTRATION CONSOLE
Kaspersky Administration Kit component that provides user interface for the management services of the Administration Server and Network Agent.

ADMINISTRATION SERVER

Kaspersky Administration Kit component that centralizes the storage of information about Kaspersky Lab applications installed in the corporate network and about the management of those applications.
The certificate used for the Administration Server authentication during connection of Administration Consoles to it and data exchange with client computers. The Administration Server certificate is created during server installation; it is stored in the Cert subfolder of the program folder.
ADMINISTRATION SERVER CLIENT (CLIENT COMPUTER)
A computer, server or workstation running the Network Agent and managed Kaspersky Lab's applications.
ADMINISTRATION SERVER DATA BACKUP
Copying of the Administration Server data for backup and subsequent restoration performed using the backup utility. The utility allows restoring of: information database of the Administration Sever (policies, tasks, application settings, events saved on the Administration Server); configuration information about the structure of the logical network and client computers; repository of the installation files for deployment of applications (content of the Packages, Uninstall, Updates folders); Administration Server certificate.

ADMINISTRATION GROUP

A set of computers grouped together in accordance with the performed functions and the Kaspersky Lab's applications installed on those machines. Computers are grouped for their convenient management as one single entity. A group can include subgroups. A group can contain group policies for each application installed in it and appropriate group tasks.
Computer with the installed component that provides an application management interface. For anti-virus products it is the Anti-Virus Console, and for Kaspersky Administration Kit - the Administration Console. The administrator's workstation is used to configure and manage the server portion of the application; in Kaspersky Administration Kit - to build the system of centralized anti-virus protection for corporate LAN based on Kaspersky Lab's applications.
A specialized component that provides the interface for application management via the Administration Console. Each application that can be managed via Kaspersky Administration Kit has its own plug-in It is included in all Kaspersky Lab's applications that can be controlled using Kaspersky Administration Kit.

APPLICATION SETTINGS

Application settings general for all types of its tasks and regulating its operation in general, for example, application performance, logging, and Backup settings.

AVAILABLE UPDATE

A package of updates for the modules of a Kaspersky Lab's application including a set of urgent patches released during a certain time interval, and modifications to the application architecture.

BACKUP

Special repository for backup copies of objects created prior to their first disinfection or removal.
CENTRALIZED APPLICATION MANAGEMENT
Remote application management using the administration services provided in Kaspersky Administration Kit.

CURRENT LICENSE

The license installed and used at the moment to enable the functionality of a Kaspersky Lab's application. The license determines the duration of full product functionality and the applicable license policy. An application can have only one current license.

DATA BACKUP

Creation of a backup file copy prior to its disinfection or removal and placement of that copy in Backup with an opportunity for future restoration, for example, for file rescanning using updated databases.

DATABASES

Database maintained by the experts at Kaspersky Lab and containing detailed descriptions of all existing threats to computer security, methods of their detection and neutralization. The database is constantly updated at Kaspersky Lab as new threats emerge. To improve the quality of threat detection we recommend regular downloading of database updates from the Kaspersky Lab's update servers.
DIRECT APPLICATION MANAGEMENT
Application management via local interface.

EVENT SEVERITY

A property of an event encountered during the operation of a Kaspersky Lab's application. There exist four severity levels: Critical event. Error. Warning. Info. Events of the same type may have different severity levels depending on the situation in which the event occurred.

GROUP TASK

A task defined for an administration group and performed on all client computers within this group.

INCOMPATIBLE APPLICATION

Anti-virus application of another vendor or a Kaspersky Lab's application that does not support management via Kaspersky Administration Kit.

INSTALLATION PACKAGE

A set of files created for remote installation of a Kaspersky Lab's application using the Kaspersky Administration Kit remote administration system. An installation package is created based on special files with the.kpd and.kud extensions that are included in the application distribution package; it contains a set of parameters required for application setup and its configuration for normal functioning immediately after installation. Parameter values correspond to application defaults.

Virus Encyclopedia:

http://www.viruslist.com

Anti-virus laboratory:

newvirus@kaspersky.com (only for sending archives of suspicious objects) http://support.kaspersky.ru/helpdesk.html?LANG=en (for queries to virus analysts)
Administration groups..... 14 Administration Server..... 14 Administration Server certificate..... 23 Applications registry..... 81

Backup..... 68

Client computers..... 15, 43 Computer selections..... 79 Console tree..... 28 Context menu..... 34
Data backup..... 85 Database...... 9 Deployment...... 20 Detecting computers..... 77
Event log..... 70 Event selections...... 70
Hardware requirements..... 9
Launching application..... 27 License current...... 67 renewal..... 67
Management connection to the Administration Server.... 35 granting rights..... 36 initial configuration..... 39 local settings...... 52 network information..... 37 Managing application..... 52

Policies..... 17

Quarantine and Backup..... 68
Reports..... 74 Results pane...... 33
Slave Administration Servers.... 45 Software requirements..... 9

Tasks...... 17

Updates distribution..... 62, 64 download...... 59

create individual patterns for the application's operation by creating and running tasks for a set of computers from different administration groups.
Automatically update the anti-virus database and application modules on computers. This feature allows centralized updating of the anti-virus database for all installed Kaspersky Lab's applications without accessing the Kaspersky Lab's internet updates server for each individual update. The updating can be performed automatically according to the schedule set up by the administrator. The administrator can monitor the installation of the updates on the client computers. Receive reports using a dedicated system. This feature allows centralized collection of statistical information about the operation of all installed Kaspersky Lab's applications, monitoring the correctness of the operation of these applications and creating reports based on the information obtained. The administrator can create a cumulative network report about the operation of an application or reports about the operation of application installed on each computer. Use events notification system. Mail notification sending system. This feature allows the administrator to create a list of events in the operation of the applications about which he or she will receive notifications. The list of such event may, for example, include detection of a new virus or an error that occurred when attempting to update the anti-virus database on a computer, detection of a new computer in the network. Perform license management. This capability supports centralized installation of license keys for all installed enterprise applications, tracking of compliance with the license agreement (number of licenses should correspond to number of running applications) and license agreement expiration date. Cooperate with Cisco Network Admission Control (NAC). This functionality provides a mapping between host antivirus protection conditions and Cisco NAC statuses.
Kaspersky Administration Kit application consists of three main components: Administration server performs the function of centralized storage of information about Kaspersky Lab's applications installed in the corporate network and about managing such applications. Network Agent coordinates the interaction between the Administration Server and Kaspersky Lab's applications installed on a specific network node (a workstation or a server). This component supports all Windowsapplications included in the Kaspersky Lab Business Optimal and

1.6. Conventions

Various formatting features and icons are used throughout this document depending on the purpose and the meaning of the text. The table below lists the conventions used in the text. Convention Bold font Meaning Menu titles, commands, window titles, dialog elements, etc. Additional information, notes. Information you should pay special attention to. Description of the successive user's steps and possible actions

Note Attention

To perform an action: 1. 2. Step 1.
[modifier] modifier name.
Information messages and command line text
Command line modifier Text of configuration files, information messages and command line
CHAPTER 2. TYPICAL SCHEMES OF DEPLOYMENT OF ANTI-VIRUS PROTECTION
2.1. Schemes of deployment of antivirus protection on the computers within the logical network
There are two common scenarios that show how you can deploy reliable antivirus protection using Kaspersky Administration Kit: You can remotely install applications on client computers across the logical network from a single workstation. The installation and connection to the remote management system proceed automatically, requiring no interaction from the administrator and allowing to install the anti-virus software on any number of client computers. You can locally install applications on every networked computer. In this case, all required components and the administrator workstation are manually installed. Connection settings are set during the installation of the Network Agent. This deployment scenario is used only if centralized deployment is impossible.
Remote installation can be used for installation of any applications selected by the user. However, bear in mind that Kaspersky Administration Kit supports administration of only Kaspersky Lab's application the distribution package of which includes a specialized component - the application administration plugin.
2.2. Building a centralized anti-virus protection administration system
The first step to building a system of centralized management over an enterprise network through Kaspersky Administration Kit is to design a logical network. At this stage, you should make the following decisions: 1. Select isolated sections within the network and determine the number of Administration servers that must be installed. The use of hierarchy of administration servers will allow to considerably decrease the load on the communication channels and increase the system reliability. Which computers in the corporate network structure will function as the main Administration server, the slave servers administrator servers, administrator's workstations, and client computers. Note that all computers on which Kaspersky Lab applications are installed will act as client computers. Which criteria will be used to organize client computers in groups? What will be the group hierarchy? Which deployment scenario will be used: remote or local installation?

3.4. Updating the application version
In order to update Kaspersky Administration Kit versions 4.x and 5.0 (Planned Update 1 and Planned Update 2) to later versions you have to uninstall the previous version and install a new one as described in this Guide When updating versions 5.0 (Planned Update 3) and 6.0 to a newer version, data may be recovered out of a backup generated by an earlier version of the application. To accomplish this, we recommend that you follow a procedure described below: Data restoration during the upgrade to a later application version is supported starting with Kaspersky Administration Kit version 5.0 Maintenance Pack 3. 1. Using the klbackup.exe utility create a backup copy of the installed Administration Server's data. This utility is included into the Kaspersky Administration Kit distribution package and after the installation of the Administration Server it is located in the root installation folder. Note that in order to be able to fully restore the Administration Server data you have to save the Servers certificate. This is a mandatory setting for the klbackup.exe utility. 2. Run installation of the upgraded version of Kaspersky Administration Kit 6.0 on the computer on which the previous version of the Administration Server and/or Console is installed. Upgrade the component. During the upgrade all data and settings of the previous version of the Administration Server and/or Console will be saved and made available in the new version. Backward compatibility between the new and the old versions of
the Administration Server is supported. The new version of Administration Server is backward compatible with the previous version. 3. In order to upgrade the Network Agent installed on the network computers, create a group or a global task for installation of a newer version of the component. Run the task manually or according to the schedule. After this task is successfully completed, the newer version of the Network Agent will be upgraded. If you encounter any problems during the installation, you can restore the previous version of Kaspersky Administration Kit using the backup copy of the Administration Server's data created before the upgrading. If even a single Administration Server is installed, additional servers may be updated using the remote installation task and the Administration Server install package.
CHAPTER 4. INSTALLATION AND REMOVAL OF SOFTWARE ON THE COMPUTERS
Before you start the installation, you must make sure that the software and hardware of the computers meet the corresponding requirements (see section 1.3 on page 9) Kaspersky Administration Kit allows installation and removal of Kaspersky Lab's applications using the following methods: remotely in a centralized way, via the Administration Console; locally, individually on each computer.
Connection of the Administration Server with the client computers is ensured by the Network Agent component. Therefore this component must be installed on each computer that will be connected to the remote centralized administration system before the installation of the anti-virus applications. If you use the centralized method to install the applications via the Administration Console, the Network Agent can be installed together with one of the applications. On the computer on which the Administration Server is installed, only server version of the Network Agent can be used. It is included into the Administration Server structure and is installed and removed together with the Administration Server (see section 3.2 on page 17). You do not have to install the Network Agent on this computer. The Network Agent is installed the same way as the applications - that is either remotely or locally. The Network Agents can differ depending on the Kaspersky Lab's applications for which they are installed. In some cases only local installation of the Network Agent is possible (details see Guides to the corresponding applications). The Network Agent is installed on the client computer only once. Kaspersky Administration Kit application administration interface is implemented by the corresponding administration plugins. Therefore, in order to access the application administration interface, the corresponding plugin must be installed on the administrator's workstation. In case of the remote installation method, it is installed automatically when the first installation package for the corresponding application is created. In case of a local installed on the client computer, the administration plugin must be installed manually by the administrator.

Figure 18. Creating and installation package to install application specified by user.
4. In the next wizard window (see Figure 19), you can specify the license key that will be included into the installation package. In order to do it, press the Browse button and select the required file of the license key (file has extension.key) If you do not wish to include the license key into the installation package, simply press the Next> button.
A license key is not required as the installation package for Administration Server and Agent is being generated.
Figure 19. Creating an installation package. Selecting the license key
5. After this the required set of files for the installation of the specified application onto the client computers will be downloaded to shared folder on the Administration Server and a check whether the administration plugin for the selected application is installed on the administrator's workstation will be performed. If such plugin is not installed or its version is older than the version included into the distribution package, the new plugin will be installed and the old plugin will be replaced. Upon the completion of the wizard, the installation package created will be added to the Remote installation node and displayed in the results pane.
4.1.2. Reviewing and configuring the installation package settings
To review the properties of the installation package, change its name and settings:
in the console tree, expand the Remote Installation node, select the required installation package in the results pane and use the Properties command from the shortcut menu or the analogous command from the Action menu. This will open window Properties <Installation package name> see Figure 20) that consists of tabs General, Settings, Licenses and OS reboot. The General tab (see Figure 20) includes general information about the package: package name; name and version of the application for which installation the package has been created; package size; creation date.
The Settings tab (see Figure 21) contains the installation package settings for the application for which installation the package is created. These settings are created by default at the stage of the package creation and if required, you can modify them.

After the installation of the Network Agent you can change the values of the settings used to connect to the Administration Server using the policy and the application's settings. If you remotely reinstall the Network Agent on the client computer the values of the settings used to connect to the Server and the Administration server certificate will be replaced with new ones. The Administration Group tab (cf. Figure 25) is used to define a subgroup of the Network group into which computers will be added after the Network Agent has been installed on them. You can select of the following options: add computers to folders Corresponding to the computer position in the Windows network: domain or a work group (this option is selected by default); add all computers In group specified in the entry field. If you select this option, enter the name of the folder in the field below. If the Network group does not contain such folder, it will be created (you can also indicate the name of any existing folder in the Network group). This folder will be used to store all computers newly detected in the network; even if a computer had previously been detected by the Administration Server and put into the folder corresponding to its position within the network before the installation of the Network Agent. Computers detected in the network prior to the installation of the Network Agent will remain in their old positions in the Network group. After the installation of the Network Agent you can not change the folder to store the computers in the Network group as this setting is not included into the policy and the application settings.
Figure 24. Administration Agent Installation Package Properties Windows. Administration Group Tab
The Network Agent is installed on the computer as a service with the following set of attributes: service name KLNagent; displayed name Kaspersky Network Agent; automatic start at the operating system startup; with the Local system account.
You can review properties of the Kaspersky Network Agent service, start it, stop it and monitor its operation using the standard Windows administration tools - Computer Management Services.
4.1.4. Creating and Configuring Administration Server Installation Package

When creating an Administration Server installation package as a file with description, select file ak6.kpd, located in the root directory of the Kaspersky Administration Kit distribution. The properties of the Administration Server installation package are shown on two tabs: General (cf. Figure Figure 20) and Reboot OS (cf. Figure Figure 23). The other properties are the same as Administration Server default settings.
4.1.5. Creating a task for distribution of the installation package on the slave Administration Servers
In order to create the task for distribution of the installation package on the slave Administration Servers: 1. Connect to the Administration Server you need. 2. Select the Global tasks node in the console tree, open the shortcut menu and select the New Task command or use the analogous item in the Action menu. This will start the wizard. Follow its instructions. 3. For the Kaspersky Administration Kit application select the Packages retranslation task task type. 4. In the next wizard window (see Figure 25) select which installation packages must be distributed. Select one of the following options: All installation packages. Selected installation packages. In this case check boxes next to the names of the required installation packages in the table below.
Figure 25. Creating a set of installation packages
Specify the required value in the The maximum number of simultaneous downloads:. 5. In the next wizard window (see Figure 26) check boxes next to the names of the slave Administration Servers to which the installation packages must be distributed.
Figure 26. Selecting slave Administration Servers
6. In the next wizard window specify the task launch schedule (details see section 0 on page 53). 7. To exit the wizard when it is completed, press the Finish button.
4.1.6. Distribution of the installation packages within a group using network agents
In order to distribute installation packages within a group, you can use updating agents. The updating agents receive installation packages and updates from the Administration Server and save them in the Kaspersky Lab's application installation folder. The location of the folder that contains the updates and the installation packages cannot be changed; its size cannot be restricted. Later the installation packages will be distributed to the client computers using the multi-address delivery. Delivery of the new installation packages within a group is only performed once. If at the moment of the delivery a client computer was disconnected from the corporate logical network, then when the installation task is run the Network Agent will automatically download the required installation package from the updating agent.
In order to create the list of the updating agents and configure them to distribute installation packages to computers within a group, 1. Connect to the required Administration Server. 2. Select the required group in the console tree, open the shortcut menu and select the Properties command or use the analogous item in the Actions menu. 3. In the group properties window that will open, on the Updating Agents tab (see Figure 27) create the list of computers that will act as the updating agents within the group, using the Add and the Remove buttons.

Figure 45. Selecting an installation package
4. In the next wizard window, if required, specify the Network Agent installation package to be jointly installed (details see section 0 on page 53). 5. In the wizard window (see Figure 46) determine on which computers the application will be installed. In order to do it, select one of the options:
Install the application onto selected computers, if you select this option, then after the wizard is complete a global application deployment task will be created. Install application onto computers in the administration group - as the result of the wizard's work, a group task will be created.
Figure 46. Selecting a task type
6. Then if you are creating a group task, specify a group on whose computers the application will be remotely installed (see Figure 47), or select computers for the installation. If the application must be installed on all client computers within the logical network, select the Groups group.
Figure 47. Selecting a group
7. Then determine under which account the deployment task will be run on the computers (details see section 0 on page 53).
Figure 48. Selecting a user's account
8. After this a window will open that will display the process of distribution and execution of the deployment task on the computers of the selected group (see Figure 49). You can switch to the final window of the wizard without waiting for the process to be completed. In order to do it, press the Next button. You can view detailed information about the results of the task execution on each computer using the History button.
Figure 49. Deployment task execution
4.3. Local software installation
The local software installation is performed individually on each computer. In order to perform local installation you must have the administrator's right for the local computer. Some applications that support administration using Kaspersky Administration Kit can be installed on computers only locally. Details see Guides to the corresponding applications. General procedure for the software installation during local deployment of the anti-virus protection system can be as follows: install the Network Agent and configure the connection between the client computer and the Administration Server (see section 4.3.1 on page 76);
install the required applications on the computer that will be included into the anti-virus protection system according to the description in the corresponding Guides; install the administration plugin for each of the installed Kaspersky Lab's applications into the administrator's workstation (see section 4.3.2 on page 81).

4.3.2. Local installation of the application administration plugin
In order to install the application administration plugin, on the computer on which the Administration Console is installed, run executable file klcfginst.exe, located on the application's distribution CD. This file is included into all applications that can be administered via Kaspersky Administration Kit. The installation is facilitated by a wizard and does not require any configuration. It will offer you to configure the installation settings and start it.
The file of the administration plugin for the Network Agent klcfginst.exe is located in the NetAgent folder of the distribution package of Kaspersky Administration Kit
4.3.3. Installing applications in noninteractive mode
In order to install an application in non-interactive mode: 1. Create the required installation package (see section4.1.1xx) if the installation package for the application you would like to install has not been created. Installation packages will be saved in some shared folder under the Administration Server Packages system directory when the Administration Server is being installed. A subfolder will correspond to each installation package. 2. Configure installation package settings as required. 3. Install application using one of the methods below: Copy the entire folder corresponding to the desired installation package from the Administration Server to the client. Open the copied folder on the client and start the executable (file with the.exe extension) using the /s switch. Access the shared folder for the desired installation package on the Administration Server from the client. Then start the executable with the /s switch. 4. Run executable file setup.exe with modifier /s included into the distribution package of the application being installed, on the computer onto which you plan to install the application using noninteractive mode. Installation packages are stored on the Administration Server in the shared folder specified during the Administration Server installation stage, in service folder Packages. When installing Kaspersky Administration Kit non-interactively, an answer file may be used. This file contains all the application install parameters and enables the application to be installed more than once with the same parameters.
To generate a Kaspersky Administration Kit answer file: 1. Use the command line to go to the folder containing a Kaspersky Administration Kit distribution and run the executable with switches /r and /f1"<file path>\setup.iss"2 (for example, setup.exe /r /f1"C:\setup.iss"). 2. This will start the application installation wizard on the host computer. Follow the prompts offered by the wizard to configure application installation settings. For example, Administration Server or Console only may be selected for installation.
Once the installation is complete, the selected version of Kaspersky Administration Kit will have been installed on the host computer, and an answer file will have been generated and placed in the specified directory. The resulting answer file should be copied into the relevant installation package folder on the Administration Server. This will cause Kaspersky Administration Kit to install noninteractively using one of the methods above with the configuration specified in the answer file. An answer file may be used to update Kaspersky Administration Kit noninteractively. However, it can only be used to update the application version that had been utilized to generate the file.

the first action after detection of a suspicious object, the program creates a backup of this file. If some data are lost during disinfection, you can use the backup to recover this object. Deleting an object A method of handling an object. To delete an object is to remove it physically from a computer. This method is recommended for treating infected objects. If deleting is the first action applied to an object, it is necessary to create a backup of this object before deleting it. You can use the backup to restore the original object. E Exclusions User-defined settings that exclude certain objects from scans. You can customize the exclusion rules for real-time protection and ondemand scans. Thus, you can disable scanning of archives during a full scan or exclude files from scans by their masks. E-mail databases Databases that contain e-mail messages stored on your computer. Every incoming/outgoing message is saved in the database after you receive/send it. Such databases are scanned in the on-demand scanning mode. F Forced installation a method of remote installation of Kaspersky Lab's applications that allows to perform remote installation on specific client computers of the logical network. In order to ensure successful execution of a forced installation task the account used to run the task must have the right for remote launch of the applications on the client computers of the logical network. This method is recommended for installation of applications onto computers running Microsoft Windows NT/2000/2003/XP that support such feature or onto computers running Microsoft Windows 98/Me on which the Network Agent is installed. G Global task A task defined for and running on a number of clients from different administration groups. Group Task A task defined for and running on all clients in a group. Group policy A set of application settings in an administration group managed through Kaspersky Administration Kit. Group policies can be different for each group. Group policies are specific to individual applications. The policy involves configuration of all parameters of applications. I IChecker technology A technology that excludes the objects from future scans that remained unmodified since the last scan. The IChecker technology was implemented by using the object checksum database.

Events of the same kind can be of different severity levels, depending on a specific situation.
Startup objects A set of programs that are necessary for launching and smooth operation of the operating system and other software installed on your computer. Your operating system launches these objects during each startup. Some viruses attempt to infect the startup objects and can cause a startup failure. Suspicious object An object that contains either a modified code of a well-known virus or a code reminiscent of a virus yet unknown to Kaspersky Lab specialists. Scan files by format In this scanning mode, the program analyzes the contents of a file, namely, the format identifier in the file header. Scan files by extension In the scanning mode, the program takes into account the scanned file extension. T Task An action that has a name performed by a Kaspersky Lab application. Third party application An anti-virus application by a third-party vendor or a Kaspersky Lab's application not supporting administration via Kaspersky Administration Kit. U Unknown virus A new virus that is not recorded in the anti-virus database. As a rule, Kaspersky Anti-Virus detects unknown viruses using an heuristic code analyzer and objects containing these viruses are identified as suspicious. Updating A function of Kaspersky Anti-Virus that updates/adds new files (anti-virus database or program modules) retrieved from Kaspersky Lab update servers. Updating agents - computers that act as intermediate centers for distributing updates and installation packages within the administration groups. V Virtual drives (RAM drives) A part of RAM emulating a normal physical disk of a personal computer. Virus activity threshold number of viruses detected for a specified time interval. When this number is exceeded, the situation is regarded as a Virus outbreak (virus attack). This parameter is important for defining virus epidemics because the administration can respond in a timely fashion to new threats and take preventive measures to protect his/her network.
APPENDIX B. KASPERSKY LAB
Founded in 1997, Kaspersky Lab has become a recognized leader in information security technologies. It produces a wide range of data security software and delivers high-performance, comprehensive solutions to protect computers and networks against all types of malicious programs, unsolicited and unwanted email messages, and hacker attacks. Kaspersky Lab is an international company. Headquartered in the Russian Federation, the company has representative offices in the United Kingdom, France, Germany, Japan, USA (CA), the Benelux countries, China, Poland, and Romania. A new company department, the European Anti-Virus Research Centre, has recently been established in France. Kaspersky Lab's partner network incorporates more than 500 companies worldwide. Today, Kaspersky Lab employs more than 450 specialists, each of whom is proficient in anti-virus technologies, with 10 of them holding M.B.A. degrees, 16 holding Ph.Ds, and senior experts holding membership in the Computer AntiVirus Researchers Organization (CARO). Kaspersky Lab offers best-of-breed security solutions, based on its unique experience and knowledge, gained in over 14 years of fighting computer viruses. A thorough analysis of computer virus activities enables the company to deliver comprehensive protection from current and future threats. Resistance to future attacks is the basic policy implemented in all Kaspersky Lab's products. At all times, the companys products remain at least one step ahead of many other vendors in delivering extensive anti-virus coverage for home users and corporate customers alike. Years of hard work have made the company one of the top security software manufacturers. Kaspersky Lab was one of the first businesses of its kind to develop the highest standards for anti-virus defense. The companys flagship product, Kaspersky Anti-Virus, provides full-scale protection for all tiers of a network, including workstations, file servers, mail systems, firewalls, Internet gateways, and hand-held computers. Its convenient and easy-to-use management tools ensure advanced automation for rapid virus protection across an enterprise. Many well-known manufacturers use the Kaspersky Anti-Virus kernel, including Nokia ICG (USA), F-Secure (Finland), Aladdin (Israel), Sybari (USA), G Data (Germany), Deerfield (USA), Alt-N (USA), Microworld (India) and BorderWare (Canada). Kaspersky Lab's customers benefit from a wide range of additional services that ensure both stable operation of the company's products, and compliance with specific business requirements. Kaspersky Lab's anti-virus database is updated every hour. The company provides its customers with a 24-hour technical support service, which is available in several languages to accommodate its international clientele.

You are free to choose from any of these anti-virus applications, according to the operating systems and applications you use.
Kaspersky Corporate Suite
This package provides corporate networks of any size and complexity with comprehensive, scalable anti-virus protection. The package components have been developed to protect every tier of a corporate network, even in mixed computer environments. Kaspersky Corporate Suite supports the majority of operating systems and applications installed across an enterprise. All package components are managed from one console and have a unified user interface. Kaspersky Corporate Suite delivers a reliable, high-performance protection system that is fully compatible with the specific needs of your network configuration.
Kaspersky Corporate Suite provides comprehensive anti-virus protection for:
Workstations running Microsoft Windows 98/ME, Microsoft Windows NT/2000/XP Workstation and Linux; File servers running Microsoft Windows NT 4.0 Server, Microsoft Windows 2000, 2003 Server/Advanced Server, Novell Netware, FreeBSD, Linux; Samba file storage
Depending on the type of distribution kit.
E-mail systems, including Microsoft Exchange Server 2000/2003, Lotus Notes/Domino, sendmail, postfix , exim, and qmail mail systems Internet gateways: CheckPoint Firewall 1; Microsoft ISA Server 2000 Enterprise Edition, Microsoft ISA Server 2004 Enterprise Edition Hand-held computers (PDAs), running Symbian OS, Microsoft Windows CE and Palm OS, and also smartphones running Microsoft Windows Mobile 2003 for Smartphone and Microsoft Smartphone 2002.
Corporate Suite distribution kit includes Kaspersky The Kaspersky Administration Kit, a unique tool for automated deployment and administration.
You are free to choose from any of these anti-virus applications, according to the operating systems and applications you use. Kaspersky Anti-Spam Kaspersky Anti-Spam is a cutting-edge software suite that is designed to help organizations with small- and medium-sized networks wage war against the onslaught of unsolicited e-mail messages (spam). The product combines the revolutionary technology of linguistic analysis with modern methods of e-mail filtration, including DNS Black Lists and formal letter features. Its unique combination of services allows users to identify and wipe out up to 95% of unwanted traffic. Installed at the entrance to a network, where it monitors incoming e-mail traffic streams for spam, Kaspersky Anti-Spam acts as a barrier to unsolicited e-mail. The product is compatible with any mail system and can be installed on either an existing mail server or a dedicated one. Kaspersky Anti-Spams high performance is ensured by daily updates to the content filtration database adding samples provided by the Companys linguistic laboratory specialists. Databases are updated every 20 minutes. Kaspersky Security for Microsoft Exchange 2003 Kaspersky Security for Microsoft Exchange performs anti-virus processing of incoming and outgoing mail messages as well as messages stored at the server, including letters in public folders and filters out unsolicited correspondence using "smart" spam recognition techniques in combination with Microsoft technologies. The application scans all messages arriving at an Exchange Server via SMTP protocol checking them for the presence of viruses using Kaspersky Lab's antivirus technologies and for the presence of SPAM attributes. It filters out spam based on formal attributes (mail address, IP address, letter size, heading) and analyzes the content of messages and of their attachments using "smart' technologies, including unique graphic signatures for identifying graphic SPAM. The application scans both the message body and the attached files.

(i) Kaspersky Lab will provide you with the support services (Support Services) as defined below for a period of one year following: (a) payment of its then current support charge, and;
(b) successful completion of the Support Services Subscription Form as provided to you with this Agreement or as available on the Kaspersky Lab
website, which will require you to produce the Key Identification File which will have been provided to you by Kaspersky Lab with this Agreement. It shall be at the absolute discretion of Kaspersky Lab whether or not you have satisfied this condition for the provision of Support Services. (ii) Support Services will terminate unless renewed annually by payment of the then-current annual support charge and by successful completion of the Support Services Subscription Form again. (iii) By completion of the Support Services Subscription Form you consent to the terms of the Kaspersky Lab Privacy Policy which is attached to this Agreement, and you explicitly consent to the transfer of data to other countries outside your own as set out in the Privacy Policy. (iv) (a) (b) Support Services means Daily updates of anti-virus database; Free software updates, including version upgrades;
(c) Extended technical support via E-mail and phone hotline provided by Vendor and/or Reseller; (d) Virus detection and curing updates in 24-hours period.
4. Ownership Rights. The Software is protected by copyright laws. Kaspersky Lab and its suppliers own and retain all rights, titles and interest in and to the Software, including all copyrights, patents, trademarks and other intellectual property rights therein. Your possession, installation, or use of the Software does not transfer any title to the intellectual property in the Software to you, and you will not acquire any rights to the Software except as expressly set forth in this Agreement. 5. Confidentiality. You agree that the Software and the Documentation, including the specific design and structure of individual programs and the Key Identification File constitute confidential proprietary information of Kaspersky Lab. You shall not disclose, provide or otherwise make available such confidential information in any form to any third party without the prior written consent of Kaspersky Lab. You shall implement reasonable security measures to protect such confidential information, but without limitation to the foregoing shall use best endeavors to maintain the security of the Key Identification File. 6. Limited Warranty
(i) Kaspersky Lab warrants that for [90] days from first download or installation the Software will perform substantially in accordance with the functionality described in the Documentation when operated properly and in the manner specified in the Documentation.