Kaspersky
Solved

Is Polling necessary after KSC is setup?

  • 9 September 2020
  • 3 replies
  • 32 views

Is Windows Domain polling (or any kind of polling) necessary after setting up KSC and deploying the Network Agent and KES software to your clients? We don’t use KSC to deploy software and the network agent on each client is configured to check in once every 15 minutes.

My networking team has noticed that Kaspersky is scanning everything once per hour (as scheduled through the poll) and noticed that the scan seemed to be accessing SMB shares of servers as well, which they thought was strange as Kaspersky does not manage servers in our environment. They asked if the scan was necessary.

We primarily deploy KES and the KNA to our endpoints via another third-party management appliance, so is there any additional value to be found in having this polling enabled?

icon

Best answer by alexcad 10 September 2020, 09:27

Polling is only used to discover unmanaged/unassigned systems. You can turn it off if you don't need it for deploying.

Regards
Alex

View original

3 replies

Userlevel 6
Badge +5

Polling is only used to discover unmanaged/unassigned systems. You can turn it off if you don't need it for deploying.

Regards
Alex

Hey alexcad, thank you for the response!

Occasionally we’ll see in Unassigned Devices online clients that have Kaspersky Network Agent installed but that had gotten removed from our primary group because they had been inactive for longer than the set 90 days. If I disable polling, will these endpoints still show up in Unassigned Devices? I’m assuming the installed Network Agent will try to “phone home” as soon as the machine connects back to the Internet and will end back up/remain on this list, but that Windows endpoints that don’t have a Network Agent installed will not end up on this list if polling is disabled. Is this correct?

Thank you!

Userlevel 6
Badge +5

I’m assuming the installed Network Agent will try to “phone home” as soon as the machine connects back to the Internet and will end back up/remain on this list, but that Windows endpoints that don’t have a Network Agent installed will not end up on this list if polling is disabled. Is this correct?


Exactly.

In addition: You can use rules to assign systems to groups. In this way it is possible to automatically move "lost" systems back into a managed group.

 

Regards
Alex

Reply / Ответить