Advice Request Kaspersky Endpoint Security Custom Install Info needed

[Deleted member 2913]

Check this link about Kaspersky Monitores ports setting, I think is also applicable to KES10.
Taken from KES10 Help:


KES10 has Anti-Phishing settings integrated in its Web Anti-Virus module.

Yes...

Yes...

And yes (using KSN service)...

Couple software in Low Restricted were transferred to Trusted...thats good.

Port 443 is used only for email & not HTTPS websites?

 

[harlan4096]

Yes, I think there is no scanning for encrypted connections in KES10, as in home products (KAV/KIS/KTS), no Kaspersky Root Certificate is used (pinning) in browsers. But I think is users to filter traffic for HTTS in same way, as You can see in KES10 Monitores ports setting:

Spoiler: KES10 - Monitored Ports

 

[Deleted member 2913]

harlan,

I dont know anything about ports & dont understand too technical things.

I see in the screenshot only port 443 is mentioned as HTTPS. So does this means everything HTTPS works through port 443?
Or what all for port 443 is used?

Are you too running KES?

I read in the forum here you are a Gold Beta Tester for Kaspersky.
What does GBT for Kas means i.e benefits of GBT for Kas?
And you beta test KES too?

 

[harlan4096]

I think not only Mail Traffic: Network Traffic Interception

Yes, I have KES10 installed in my laptop (with W10 Pro x86 and managed by KSC10, which is in a Windows Server 2002R2)

Yes, I'm GBT, but mostly for home products, I have not enough big infrastructure (and time) to test corporate products

To be GBT, in general are users that usually tests/check new beta products, sending reports and reporting bugs... it's Kaspersky who selects You as an official GBT. If You usually join many Kaspersky beta testings and are very active in their official forum, They will probably name You as a GBT in the end (that's how I became a GBT).

Benefits? well, actually not many... after every beta testing (depending on the products) They usually reward with free licenses. And in some special beta testings and if You are very active, You even may get some others gifts...

 

[Deleted member 2913]

harlan,

Thanxx for replying all my queries. You have been a great help.

For now I have no queries regards KES.

If any will request you the info here.

Hav fun

 

[Deleted member 2913]

Oh damn, I had it in my mind but forgot to ask.

Notification settings - I am lost in this. There are so many options, dont know what should be enabled & not?

So what you say?

 

[harlan4096]

Well, Notifications options in KES10 are fully rich I would like to have them also in Kaspersky home products (many of them were cut some years ago since 2014 version).

Well, IMHO I would enable all those related to detection/disinfection/quarantine (as there is no Interactive Mode in KES10) and all related to movements of applications to low/high restricted/untrusted groups...

 

[Deleted member 2913]

Is the "System Audit" for remote management or local system?
Coz there are some duplicates i.e same option in system audit & file/web, etc...

 

[harlan4096]

If Your KES10 are not managed by KSC10, them local system.

 

[Deleted member 2913]

If Your KES10 are not managed by KSC10, them local system.

Ok.

The local help files are not in detail in regards to all the notification events.

Any online help files with detail explanation of events?

I tried enabling some events & tried opening couple programs & started getting quite a few popups for single program.

 

[harlan4096]

Well, here You are my Notifications on Screen. I'm in "Paranoid Clan", so I try to emulate "Interactive Mode" of KIS/KTS . Maybe so many notifications, feel free to disable the ones You don't want or annoy You.

Spoiler: KES10 - Notifications

 

[Deleted member 2913]

harlan,

No System Audit screenshot? You haven't enabled any on that? Coz protection components, self defense, etc... options are there.

I see you have not enabled informational events...I too will not enable...critical & important covers need to know events...no need IEs.

I enabled most events & testing with harmless samples & other way to get an idea of the alert type, number of alerts, etc...

Is Firewall in KES & Home products same or KES Firewall is on little stricter side?

 

[harlan4096]

Too many events/notifications logging not so good I think too much information, even maybe affecting the performance of the system...

I just showed my screen notifications, all the others kept by default...

 

[Deleted member 2913]

I have set notification for events. I have altogether set only 9 notifications. Some dont need, some not important & can be checked from reports, some windows security center also takes care, etc...

For now it seems my KES is set.

Thanxx for your time & support harlan.

 

[Deleted member 2913]

In KES, is there a way to set "App Control Rules" to default i.e default apps will be there & all the other apps will be removed?

 

[harlan4096]

Sorry for my late answer, so busy days...

I'm not sure what You mean... You have Default Control Rules/Different Trusted Groups according to KSN/White Listing. You may change those rules... but no rules for delete except if malware is detected (disinfect, delete, etc.).

 

[Deleted member 2913]

Sorry for my late answer, so busy days...

I'm not sure what You mean... You have Default Control Rules/Different Trusted Groups according to KSN/White Listing. You may change those rules... but no rules for delete except if malware is detected (disinfect, delete, etc.).

I meant reset application control to default i.e like it was at the time of install i.e remove all the new added programs under application control.

I got it. Under advanced settings - manage settings - restore gives quite a few options to reset to defaults.

 

[Deleted member 2913]

harlan,

Couple programs are in trusted as well in low restricted?
Like one of my portable programs entry pkeyconfigs.exe is under trusted 1 time & under low restricted 3 times. All 4 seems the same entry.
The entry in trusted & 2 entries in low restricted always show "Today" for "Appeared in KSN" & less than 10 users. And the remaining 1 in low restricted shows 12/20/2012 for 'Appeared in KSN" & more than 10,000 users.

Any info?

 

[harlan4096]

Screen shots?.

 

[Deleted member 2913]

Screen shots?.

Screenshot