Settings of a managed device
To view the settings of a managed device:
- In the console tree, select the Managed devices folder.
- In the workspace of the folder, select a device.
- In the context menu of the device, select Properties.
The properties window of the selected device opens, with the General section selected.
General
The General section displays general information about the client device. Information is provided on the basis of data received during the last synchronization of the client device with the Administration Server:
- Name
- Description
- Windows domain
- NetBIOS name
- DNS name
- IP address
- Group
- Last updated
- Last visible
- Connected to Administration Server
- Do not disconnect from the Administration Server
Protection
The Protection section provides information about the current status of anti-virus protection on the client device:
- Device status
- All problems
- Real-time protection
- Last on-demand scan
- Total number of threats detected
- Active threats
- Disk encryption status
Applications
The Applications section lists all Kaspersky applications installed on the client device. This section contains the start button () and stop button () that allow you to start and stop the selected Kaspersky application (excluding Network Agent). These buttons are enabled if port 15000 UDP is available on the managed device for receipt push-notifications from Administration Server. If the managed device is unavailable for push-notifications, but the mode of continuous connection to Administration Server is enabled (the Do not disconnect from the Administration Server option in the General section is enabled), the start and stop buttons are available too. Also the Applications section contains the following buttons:
Tasks
In the Tasks tab, you can manage client device tasks: view the list of existing tasks, create new ones, remove, start, and stop tasks, modify their settings, and view execution results. The list of tasks is provided based on data received during the last session of client synchronization with the Administration Server. The Administration Server requests the task status details from the client device.
The start (), stop (), and remove () buttons are enabled if port 15000 UDP is available on the managed device for receipt push-notifications from Administration Server. If the managed device is unavailable for push-notifications, but the mode of continuous connection to Administration Server is enabled (the Do not disconnect from the Administration Server option in the General section is enabled), the start, stop, and remove buttons are available too.
If connection is not established, the task status is not displayed and buttons are disabled.
Events
The Events tab displays events logged on the Administration Server for the selected client device.
Tags
In the Tags tab, you can manage the list of keywords that are used for finding client devices: view the list of existing tags, assign tags from the list, configure auto-tagging rules, add new tags and rename old tags, and remove tags.
System Info
The General system info section provides information about the application installed on the client device.
Applications registry
In the Applications registry section, you can view the registry of applications installed on the client device and their updates; you can also set up the display of the applications registry.
Information about installed applications is provided if Network Agent installed on the client device sends required information to the Administration Server. You can configure sending of information to the Administration Server in the properties window of Network Agent or its policy, in the Repositories section.
Executable files
The Executable files section displays executable files found on the client device.
Hardware registry
In the Hardware registry section, you can view information about hardware installed on the client device. You can view this information for Windows devices and Linux devices.
Ensure that the lshw utility is installed on Linux devices from which you want to fetch hardware details. Hardware details fetched from virtual machines may be incomplete depending on the hypervisor used.
Sessions
The Sessions section displays only for the Windows devices and contains information about the client device owner, as well as accounts of users who have worked on the selected client device.
Information about domain users is generated based on Active Directory data. The details of local users are provided by Windows Security Account Manager installed on the client device.
The list displays accounts of users that work on the client device.
Incidents
In the Incidents tab, you can view, edit, and create incidents for the client device. Incidents can be created either automatically, through managed Kaspersky applications installed on the client device, or manually by the administrator. For example, if some users regularly move malware from their removable drives to devices, the administrator can create an incident. The administrator can provide a brief description of the case and recommended actions (such as disciplinary actions to be taken against a user) in the text of the incident, and can add a link to the user or users.
An incident for which all of the required actions have been taken is called processed. The presence of unprocessed incidents can be chosen as the condition for a change of the device status to Critical or Warning.
This section contains a list of incidents that have been created for the device. Incidents are classified by severity level and type. The type of an incident is defined by the Kaspersky application, which creates the incident. You can highlight processed incidents in the list by selecting the check box in the Processed column.
Software vulnerabilities
The Software vulnerabilities section provides information about vulnerabilities in third-party applications installed on client devices. You can use the search field above the list to look for vulnerabilities by name.
Available updates
This section displays a list of software updates found on this device but not installed yet.
Active policies
This section displays a list of Kaspersky application policies currently assigned to this device.
Active policy profiles
Distribution points
This section provides a list of distribution points with which the device interacts.