Kaspersky Labs Systems Management

technologies
Todays corporate IT infrastructure is a complex mechanism that requires constant maintenance and control. Special
attention needs to be devoted to the software component of that infrastructure: the operating systems, applications,
email services, etc. System administrators must ensure that the entire network is stable, and that software programs
are updated in a timely manner a process which reinforces the companys security. A single error in OS or
application code can be used by cybercriminals to infect the companys entire infrastructure, and to gain
unauthorized access to confidential information. Such actions are often elements of a planned attack against a
company designed to damage the companys infrastructure, stop employees working, steal corporate data, and
generally cause as much harm as possible. According to a study conducted by B2B International in July 2012,
targeted attacks were ranked third in the list of the most frequent cyber-threats. Furthermore, 33% of IT
professionals believe their organization has been specifically targeted by cyber-attacks since 2011.
As the number of threats grows, the protection of corporate IT infrastructures is becoming an increasingly pressing
issue. In order to tackle this problem effectively, Kaspersky Lab has included Kaspersky Systems Management as
an element of flagship corporate platform, Kaspersky Endpoint Security for Business. This management toolkit,
included at Advanced and Total tiers of Kaspersky Endpoint Security for Business, makes it easy for a companys IT
department to automate and generally simplify the process of accomplishing common tasks such as remotely
monitoring and patching software vulnerabilities, taking an inventory of devices and software programs, managing
access rights within a local network.

Kaspersky Systems Management capabilities

Kaspersky Systems Management is a component of Kaspersky Security Center, which provides centralized
management of corporate security systems. When running Kaspersky Lab products, such as Kaspersky Security
Center and Kaspersky System Management, connections between different nodes on the corporate network are
supported by a special software agent installed on each workstation. IT department staff can remotely connect to
that agent via a centralized administration console, and manage security settings on any computer or group of
computers.
Kaspersky Systems Managements features divide into several groups according to the functions they perform:

Detecting vulnerabilities and installing updates

Kaspersky Systems Management scans workstations for vulnerabilities in the operating system and
software applications, and uses the results for a follow-up analysis with Kaspersky Labs own database and
Microsoft Windows Update data services. Data about any errors detected is then sent to the systems
administrator, who can remotely set up the installation of necessary updates on vulnerable systems.

Taking an inventory of hardware and software

Kaspersky Systems Management uses data from the Windows registry to collect information about a
computers hardware and the software installed on it. This data helps administrators to track the status of
company devices and to control and analyze employee software usage. This module can also help manage
existing software licenses, ensuring they are all up to date and in active use.

OS image operations
Systems administrators can create an image of the OS installed on any workstation within the local network
and use it to install the operating system on other endpoints. This approach helps keep all computers up to
date just by updating in the master image. It also facilitates easy migration to a different OS, such as
Windows 8.

Software installation
Kaspersky Systems Management also allows systems administrators to remotely install applications on
computers within the corporate network. Background installation is supported to minimize interference with
user performance. In addition to the standard MSI packets, this component work with *.exe, *.bat, *.cmd,
and similar file types. Administrators can also initiate installation with additional special parameters.

Network Access Control (NAC)

The NAC component in Kaspersky Systems Management provides the tools to set up policies for guest
device connection to the corporate network. The administrator can also choose to limit guest device access
to specific nodes or to completely block connection, boosting the overall infrastructure security level.

Benefits
The technologies included in Kaspersky Systems Management are designed to:

Facilitate easy integration with existing IT infrastructure and the worry-free connection of new users and
devices in the future;

Provide additional protection for the companys infrastructure by controlling software and hardware,
including guest devices, and through the timely detection and patching of vulnerabilities on workstations;

Help system administrators carry out routine tasks, and provide both broad capabilities for automating
processes and a convenient means of centralized security management;

Contribute to company savings through increased administrative resource efficiency, reduced impact on
user activity, no requirement for further training, and potential cost savings through identifying superfluous
software licenses.

1997-2013
Kaspersky Lab ZAO. All Rights Reserved.

The effective security technologies available in Kaspersky Endpoint Security for Business combined with Kaspersky
Systems Managements broad spectrum of capabilities provide reliable, flexible and simple security management for
corporate IT infrastructures.

1997-2013
Kaspersky Lab ZAO. All Rights Reserved.