Welcome to ISAserver.org

isa server 2004 standard edition configuration for kaspersky antivirus

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA 2006 Firewall] >> Access Policies >> isa server 2004 standard edition configuration for kaspersky antivirus

Page: [1]

Message

<< Older Topic Newer Topic >>

isa server 2004 standard edition configuration for kasp... - 16.Sep.2008 8:37:28 AM

moh

Posts: 1
Joined: 16.Sep.2008
Status: offline

I have problems updating my Kaspersky antivirus.

Actually, I have 2 servers. One is my domain server with Kaspersky administration kit and Kaspersky antivirus 6.0 for windows servers installed. On the second server, I have isa server 2004 standard edition installed. Both servers runs on windows 2003 server platform. I have added some protocols on the isa server, which I got from Kaspersky website, in order to get the necessary updates of Kaspersky antivirus which is listed below (highlighted in blue). As per the example, I should have isa server and Kaspersky administration kit on the same server, which is not the case in my situation.

I have isa server client installed on my domain server and end user computers. I can update Kaspersky on the domain server but not on the end user computers.

Can you help me to sort out this problem? That would be very grateful.
To provide data transfer from the Administration Server the following connections are established with the Server:
Outgoing TCP:13000 (from Administration Agent); Outgoing TCP:14000 (from Administration Agent); Send UDP:13000 (from Administration Agent); Outgoing TCP:18000 (from the authentication server Cisco NAC). In its turn Administration Server establishes the following connections with the Administration Agent:
Send UDP:15000 (to manually synchronize the Server with the Agent and to get real statistics about a client computer); Outgoing TCP:13001 (if Update Agents are deployed in the network); Send UDP:13001 (if Update Agents are deployed in the network); Send UDP: 60000 (to realize the Wake-On-LAN function). To allow the traffic, configure the following settings:
1. On ISA Server create the following protocol definitions ( Firewall Policy -> Toolbox -> New -> Protocol):
АК: Agent to Server Protocol: Primary connections: Port range: 13000 � 13000;Protocol type: TCP; Direction: Outbound; Port range: 14000 � 14000; Protocol type: TCP; Direction: Outbound; Port range: 18000 � 18000; Protocol type: TCP; Direction: Outbound; Port range: 13000 � 13000; Protocol type: UDP; Direction: Send. Secondary connections: are missing. АК: Server to Agent Protocol: Primary connections: Port range: 13001 � 13001; Protocol type: TCP; Direction: Outbound; Port range: 13001 � 13001; Protocol type: UDP; Direction: Send; Port range: 15000 � 15000; Protocol type: UDP; Direction: Send; Port range: 60000 � 60000; Protocol type: UDP; Direction: Send. Secondary connections: are missing. 2. Create the necessary allowing rule depending on which Kaspersky Administration Kit component is installed on the computer with ISA Server:
Administration Agent is installed together with Isa Server In this case allowing rules on the ISA Server should be created with the following parameters:
To connect to Administration Server: From: LocalHost; To: <any object of ISA Server policies which comprises a computer/ several computers with administration server installed> (for example, Internal network); Protocols: АК: Agent to Server Protocol. To connect Server to Administration Agent: From: <any object of ISA Server policies which comprises a computer/ several computers with administration server installed> (for example, Internal network); To: LocalHost; Protocols: АК: Server to Agent Protocol. Administration Server is installed together with ISA Server In this case allowing rules on the ISA Server should be created with the following parameters:
To connect to Administration Server: From: <any object of ISA Server policies which comprises a computer/ several computers with administration server installed> (for example, Internal network); To: LocalHost; Protocols: АК: Agent to Server Protocol. To connect Server to Administration Agent: From: LocalHost; To: <any object of ISA Server policies which comprises a computer/ several computers with administration server installed> (for example, Internal network); Protocols: АК: Server to Agent Protocol.