Kaspersky Lab's Administration Kit is a free tool for business users who have purchased the company's workstation products.
It provides facilities to control and administer their antivirus scanning software across networked computers. It can configure and install the scanning software remotely, and monitor and report the status of the systems under its control using installed Network Agent software.
All signature file updates can be carried out centrally, so that the amount of internet traffic to the Kaspersky servers is kept to a minimum, while ensuring that all the network installations are kept in step and up to date.
The administration software requires either Microsoft SQL Server 2000 or MSDE 2000 database management systems, with Service Pack 3 applied in both cases. We ran our tests using SQL Server 2000 installed on a Windows 2003 Server system.
The administration software is implemented as a plug-in for the Microsoft Management Console (MMC), instead of as a standalone application. Alert notifications can be sent via email.
There is a very useful report-generation facility that can produce html pages with details of errors and scan results, virus detection and details of workstations' antivirus status.
The various update and control functions provided by the plug-in can produce useful history logs in similar formats to those produced by Windows itself for system and security logs.
Once the system has installed its Network Agents, it is possible to monitor the antivirus status of any workstation or server in a system, with details of any running scanning tasks and results of all completed ones. It is also possible to initiate certain functions, such as system scans, on individual systems directly from the MMC without any need for local action.
The Agent also helps to ensure that the virus signatures and scanning software updates are downloaded from the central administration server.
The system will also detect and report on software that could pose a potential security risk, such as certain Remote Administration programs and programs with known security flaws. These can be excluded from subsequent detection and reporting runs if required.