Connecting to Kaspersky Lab solutions

This section describes the Kaspersky tab of the Computer Management screen in ConnectWise Automate Control Center. This section also explains how to use this tab to configure connection between Kaspersky Security Plug-in for ConnectWise Automate and the Kaspersky Lab solution you use (Kaspersky Security Center or Kaspersky Endpoint Security Cloud) and how to view information about computers and events.

About the Kaspersky tab

Kaspersky Security Plug-in for ConnectWise Automate adds the Kaspersky tab to the Computer Management screen for computers that have the Kaspersky Security Center Administration Server role or Kaspersky Endpoint Security Cloud Bridge role in ConnectWise Automate. On this tab, you can view and edit connection settings for Kaspersky Security Center Administration Servers or Kaspersky Endpoint Security Cloud integrations. The Kaspersky tab also provides information about the computers managed by the selected Administration Server or retrieved from Kaspersky Endpoint Security Cloud workspaces by the selected bridge and about the events that occurred on those computers.

Click the Kaspersky tab to specify connection settings for the Kaspersky Lab solution you use:

• Kaspersky Security Center Administration Server, if you use an on-premises version of a Kaspersky Lab solution.
• Kaspersky Endpoint Security Cloud integration, if you use the Cloud version of a Kaspersky Lab solution.

The channel of data exchange between ConnectWise Automate Agent and ConnectWise Automate Server must be secure, since it is used for transferring data from Kaspersky Security Center. You may use VPN to ensure that you connection is protected.

The Kaspersky tab is displayed only for computers that have the Kaspersky Security Center Administration Server role or the Kaspersky Endpoint Security Cloud Bridge role in ConnectWise Automate.

The Kaspersky tab of the Computer Management screen has three second-level tabs. In the left vertical pane of the Kaspersky tab, you can shift between these three tabs. By default, the Settings tab is displayed.

• Settings—Click this tab to view and configure the connection settings for the Kaspersky Lab solution you use. The appearance of the Settings tab depends on the Kaspersky Lab solution that is being used.
• Computers—Click this tab to view information about computers managed by the selected Administration Server or retrieved from Kaspersky Endpoint Security Cloud workspaces by the selected bridge.
• Events—Click this tab to view information about events registered on the computers managed by the selected Administration Server or retrieved from Kaspersky Endpoint Security Cloud workspaces by the selected bridge.

Page top

Connecting to Kaspersky Security Center Administration Server

After Kaspersky Security Plug-in for ConnectWise Automate is installed, specify the connection settings for all Kaspersky Security Center Administration Servers. Connection settings can be specified in ConnectWise Automate, on the Kaspersky tab of the Computer Management screen for each of the Administration Server computers. Kaspersky Security Plug-in for ConnectWise Automate uses the specified settings to connect to the Administration Servers and receive security information from them. This security information is then displayed on the Kaspersky dashboard.

Use the Settings tab to view and specify the connection settings for Kaspersky Security Center Administration Server.

Connecting to Kaspersky Security Center Administration Server

Specify the following settings to connect to Kaspersky Security Center Administration Server:

• User name—User name to connect to Administration Server. This field cannot be blank.
• Password—Password to connect to Administration Server. This field cannot be blank.

If you changed any of the connection settings, click Save for your changes to take effect. The newly specified connection settings are then checked and saved. Usually, establishing a new connection takes several minutes.

The Administration Server connection settings you provided are stored in the ConnectWise Automate server database. The password is stored in encrypted form by Kaspersky Security Plug-in for ConnectWise Automate.

Connecting to Kaspersky Endpoint Security Cloud

After you assign the "bridge" role to the computer (see section Managing the "bridge" role of a computer for details), open the Computer Management screen of this computer and proceed to the Kaspersky tab. On the Kaspersky tab, specify your credentials to be used by the bridge to connect to Kaspersky Endpoint Security Cloud.

To connect to Kaspersky Endpoint Security Cloud:

1. Click the Kaspersky tab of the Computer Management screen.

   

   Connecting to Kaspersky Endpoint Security Cloud

2. On the Settings tab, specify the following connection settings:
   • User name—Email address used for your Kaspersky Endpoint Security Cloud account. This field cannot be blank.
   • Password—Password to connect to Kaspersky Endpoint Security Cloud. This field cannot be blank
3. Click Proceed to connect to Kaspersky Endpoint Security Cloud using the specified settings.

   

   Selecting integration and specifying integration settings

4. In the Provide integration settings section that is displayed, select the previously configured integration in the Select Integration drop-down list.

   You can view the identifier of your integration by clicking the Integration ID link.

5. If you cannot find the required integration in the drop-down list, make sure that the user account provided in step 2 has access to this integration. To change the user specified in step 2 and connect to the integration using other credentials, click Switch user and in the Set up connection to Kaspersky Endpoint Security Cloud section specify the user name and password as instructed in step 2.
6. If you want the Kaspersky Endpoint Security Cloud Bridge computer to establish connection through the proxy server, in the Provide integration settings section select the Use proxy server check box and provide the following proxy server settings:
   • Address—Network address of the proxy server. Provide the address in the following format: host:port.
   • User name—User name to connect to the proxy server
   • Password—Password to connect to the proxy server.
7. Click Save to save the connection settings you provided.

The system validates the settings. If the settings you provided are correct, connection with Kaspersky Endpoint Security Cloud is established.

Viewing computer information

The Computers tab displays a list of computers managed by the selected Administration Server or retrieved from Kaspersky Endpoint Security Cloud workspaces by the selected bridge.

Viewing computer information

Click the Computers tab to view information, provided by the Kaspersky Lab solution, about protection of the computers in your network. You can use the left navigation tree and the set of filters to quickly find required computers, for example, those installed in a specific location or with a specific protection status.

Filters in the top pane allow convenient searching of computers. You can filter the computers by protection states, name, and status. To restrict your computer selection and to view only the computers with selected properties, apply several filters at the same time. Every time you open the Computers tab, the previously used filter settings are restored—there is no need to set up filters again.

Use the navigation tree to display the computers of a specific client or location. Do one of the following:

• Click the Clients node to display all the computers managed by the selected Administration Server or received from Kaspersky Endpoint Security Cloud workspaces by the selected "bridge".
• Click the name of a specific client to view the computers of this client that are managed by the selected Administration Server or retrieved from Kaspersky Endpoint Security Cloud workspaces by the selected bridge.
• Click the name of a specific location to view the computers at this location that are managed by the selected Administration Server or retrieved from Kaspersky Endpoint Security Cloud workspaces by the selected bridge.

Information about the computers is displayed as a table. You can sort information in the table by any of the table columns by clicking the column header. For each computer you can find the following information:

• Computer—Name of the computer. The computer name can be different in ConnectWise Automate and in the Kaspersky Lab solution. The computer name for ConnectWise Automate is displayed above and the name for Kaspersky Security Center / Kaspersky Endpoint Security Cloud is displayed below. When you click the computer name, the Computer Management screen of ConnectWise Automate Control Center is displayed for this computer.

  

  Computer names

• Status—Current protection status of the managed computer. If the computer is not managed by Kaspersky Security Center or Kaspersky Endpoint Security Cloud, this field is blank.
• Status description—Detailed description of the problems detected on the selected computer, if the computer status differs from OK. If the computer is not managed by Kaspersky Security Center or Kaspersky Endpoint Security Cloud, this field is blank.
• Agent installed—Yes, if Kaspersky Security Center Network Agent is installed on the selected computer; otherwise, No.
• Viruses found—Number of viruses found on the selected computer. If the computer is not managed by Kaspersky Security Center or Kaspersky Endpoint Security Cloud, this field is blank.
• Last scan—Date and time when a scan of the selected computer was last performed. If the computer is not managed by Kaspersky Security Center or Kaspersky Endpoint Security Cloud, this field is blank.
• Database issued—Date and time when anti-virus databases on the selected computer were issued. If the computer is not managed by Kaspersky Security Center or Kaspersky Endpoint Security Cloud, this field is blank.
• Last information update—Date and time when information on a computer was last updated in Kaspersky Security Center or Kaspersky Endpoint Security Cloud. If more than five days passed since the date when information on a computer was last updated, this computer is deleted from the ConnectWise Automate database and is no longer displayed in the computer list.

When you select a computer or a group of computers in the table, its properties are displayed in the Statistics and commands pane on the right side of the screen. You can run a virus scan and anti-virus database update task in the Statistics and commands pane for the selected computer or group.

In addition to the properties in the table, the following computer properties and actions are displayed in the Statistics and commands pane:

• Commands—Click one of the links in this group to scan the computer for viruses or update the anti-virus databases on the computer.
• Client—Name of the ConnectWise Automate client that the computer belongs to.
• Location—Name of the ConnectWise Automate location that the computer belongs to.

You can view which problems on the computers require your attention. For this purpose, select the computers you are interested in. The problems detected on these computers are displayed in the Detected problems field in the Statistics and commands pane, accompanied by the total number of computers selected.

Page top

Viewing event information

On the Events tab, a list of events is displayed that occurred on the computers managed by the selected Administration Server or received from Kaspersky Endpoint Security Cloud workspaces by the selected bridge.

Viewing event information

Click the Events tab to view additional information, obtained from the Kaspersky Lab solution, about the security issues detected on a particular computer or group of computers.

In the top pane, you can configure filters to view only the events with selected properties. You can filter events by severity level, client, computer, or time of occurrence. To restrict your event selection and view only those events with selected properties, apply several filters at the same time. Every time you open the Events tab, the previously used filter settings are restored—there is no need to set up filters again.

Information on the events is displayed as a table. You can sort information in the table by any of the table columns by clicking the column header. For each event, you can view the following information:

• Client—Name of a ConnectWise Automate client company. The computer on which the event occurred belongs to this client. This field is applicable if you use Kaspersky Security Center; it is blank if you use Kaspersky Endpoint Security Cloud.
• Severity—Severity level of the event according to Kaspersky Security Center or Kaspersky Endpoint Security Cloud.
• Time occurred—Time when the event occurred.
• Computer—Name of the computer on which the event occurred. The computer name can be different in ConnectWise Automate and in the Kaspersky Lab solution. The computer name for ConnectWise Automate is displayed on the first line of the entry and the name for Kaspersky Security Center / Kaspersky Endpoint Security Cloud on the second line. When you click the computer name, the Computer Management screen of ConnectWise Automate Control Center is displayed for this computer.
• Event—Name and description of the event.

When you select an event in the table, its properties are displayed in the pane on the right side of the screen. In addition to those in the table, the following event properties are displayed:

• Location—Name of the ConnectWise Automate location. The computer on which the event occurred belongs to this location. This field is displayed if you use Kaspersky Security Center; it is not displayed if you use Kaspersky Endpoint Security Cloud.
• Virtual Server—Name of the Kaspersky Security Center virtual server. The computer on which the event occurred is located on this server. This field is displayed if you use Kaspersky Security Center; it is not displayed if you use Kaspersky Endpoint Security Cloud.
• Kaspersky Security Center group—Name of a Kaspersky Security Center group. The computer on which the event occurred belongs to this group. This field is displayed if you use Kaspersky Security Center; it is not displayed if you use Kaspersky Endpoint Security Cloud.
• Application—Name of the application that the event is related to.
• Version—Version the application that the event is related to.
• Task—Name of the task that the event is related to. This field is displayed if you use Kaspersky Security Center; it is not displayed if you use Kaspersky Endpoint Security Cloud.