- About Kaspersky Security 9.0 for SharePoint Server
- What's new
- Application architecture
- Upgrading from a previous version of the application
- Installing and removing the application
- Preparing to install
- Access rights for managing Kaspersky Security
- How to grant rights to website collections and modify the SharePoint configuration
- Creating an SQL database manually
- Features of the application installation on a SharePoint farm
- Starting the application installation
- Step 1. Viewing the License Agreement
- Step 2. Selecting the type of installation
- Step 3. Selecting components and configuring component installation
- Step 4. Creating a database on an SQL server
- Step 5. Configuring a user account for running Kaspersky Security services
- Step 6. Starting the application installation
- Changes in the system after installing the application
- Getting started
- Restoring the application
- Removing the application
- Administration
- Working with personal data of users
- Role-based access restriction in Kaspersky Security for SharePoint Server
- Modifying the additional settings of the SQL server connection string
- Application licensing
- Starting Management Console
- Adding protected servers to Management Console
- Default protection
- Participating in Kaspersky Security Network
- On-access scan
- Kaspersky Security operation depending upon the SharePoint server settings
- Enabling and disabling on-access anti-virus scanning
- Configuring basic scan settings
- Configuring object processing rules for on-access scanning
- Enabling and disabling on-access content filtering
- Enabling and disabling SharePoint web object scanning
- Creating on-access Anti-Virus scan exclusions
- Configuring additional settings for on-access content filtering
- On-access scan
- General
- Exclusions from anti-virus scan
- File mask
- Content filtering rules
- Phishing scan
- On-demand scan
- Adding an on-demand scan task
- Starting and stopping on-demand scan tasks
- Viewing a report on the results of an on-demand scan
- Saving a report on the results of an on-demand scan
- Deleting an on-demand scan task
- Selecting and excluding from on-demand scanning areas of the SharePoint structure
- Creating on-demand Anti-Virus scan exclusions
- Configuring content filtering
- Task settings – General
- On-demand scan
- Connecting the Management Console to a SharePoint farm when upgrading Kaspersky Security
- Task settings – Scan scope
- Web address
- Task settings – Schedule
- Task settings – Exclusions from anti-virus scan
- Task settings – Content filtering rules
- File mask
- Content filtering
- About the white list
- Creating the white list
- Creating, renaming, and deleting user categories of unwanted words and phrases
- Importing a list of unwanted words and phrases into a user category from a text file
- Adding, changing, and deleting unwanted words and phrases in user categories
- Creating, renaming, and deleting a set of masks for unwanted file names
- File name mask creation rules
- Changing a set of unwanted file name masks
- Content filtering
- Category name
- Keyword settings
- Set name
- File mask
- Preparing the DLP Module
- Backup
- Viewing the list of files in Backup
- Quick file search in Backup
- Extended file search in Backup
- Restoring files from Backup
- Rules for restoring files when version control is enabled in SharePoint
- Saving files from Backup to disk
- Removing files from Backup
- Purging Backup manually
- Configuring automatic Backup purging
- Backup
- Database update
- Configuring automatic database updates
- Configuring the local database update settings on SharePoint servers of the farm
- Viewing the information about updates to the anti-virus database
- Updating databases manually
- Propagating global database update settings to SharePoint farm servers
- Updates
- Updates – General
- Updates – Database update settings
- SharePoint server database update settings
- Notification delivery
- Preparing application reports
- Auditing the application operation
- Kaspersky Security events in Windows Event Log
- About the log of content filtering
- Enabling the extended event logging into the Content Filtering log
- Configuring the path to the logs folder
- Configuring the log storage term
- Configuring the detail level of event logs
- Failsafe support for SQL databases
- Settings
- Diagnostics settings window
- Managing the application using the Kaspersky Security Center
- Installing the Kaspersky Security administration plug-in
- About application activation via Kaspersky Security Center
- Updating application databases via Kaspersky Security Center
- Kaspersky Security events in Kaspersky Security Center
- Viewing SharePoint server protection status details
- Application operation statistics in Kaspersky Security Center
- Monitor the application's operation via System Center - Operations Manager
- To security officer
- About Data Leak Prevention
- Security Officer's Guide
- Assessing the status of data protection
- Using categories. Assigning data to categories
- File formats to scan
- Keywords. Making expressions using operators
- Adding a category of keywords
- Table data. Setting up the match level
- Adding a category of table data
- Quotations from documents
- Adding a category with quotations from documents
- Document templates
- Adding a category for searching for documents using templates
- About Kaspersky Lab data categories
- Changing the contents of a Kaspersky Lab category
- Editing category settings
- About exclusions from a Kaspersky Lab category
- Regular expressions
- Configuring exclusions from a Kaspersky Lab category
- Deleting a category
- Monitoring and preventing data leaks
- New Policy Wizard
- Searching for policies by users
- Adding a file to exclusions by web address
- Deleting a policy
- Categories and policies
- Settings of a category of table data
- Settings of a category of keywords
- Settings of a category with quotations from documents
- Settings of a category with document templates
- Results of adding or modifying categories of quotations from documents and document templates
- Category: <Category name>
- New Policy Wizard. Step 1
- New Policy Wizard. Step 2
- New Policy Wizard. Step 3
- New Policy Wizard. Step 4
- Policy settings – Policy
- Control scope
- Policy settings – Users
- Web address
- Policy settings – Actions
- Exclusions from a Kaspersky Lab category tab
- Searching SharePoint websites for data
- Features of incremental scan
- Enabling the incremental scanning
- Adding a search task
- Starting and stopping a data search
- Editing the search task settings
- Viewing the search results
- Saving search results
- Deleting a task
- Deleting the search results
- Search
- Task settings – General
- Task settings – Categories
- Task settings – Search scope
- Web address
- Task settings – Run mode
- Managing incidents
- Updating the list of incidents
- Changing incident details displayed in the table
- Searching for incidents using a filter
- Searching for similar incidents
- Changing the status of an incident
- Viewing incident details
- Copying incident details to the clipboard
- Archiving incidents
- Restoring incidents from the archive
- Deleting archived incidents
- Incidents
- Change status
- Incident details – Review
- Incident details – History
- Incident Archiving Wizard
- Incident Recovery Wizard
- Generating application reports
- Generating a quick report
- Adding a report generation task
- Saving reports
- Starting a report creation task
- Editing report generation task settings
- Configuring settings of the report on policy-related incidents
- Configuring the report on users
- Configuring system KPI report settings
- Configuring settings of the incident status report
- Viewing the report on policy-related incidents
- Viewing the system KPI report
- Viewing the report on users
- Viewing the incident status report
- Deleting a report
- Reports
- Main settings of the detailed report
- Main settings of the report on users
- Additional report settings
- System report settings
- Main settings of the statistical report
- Additional settings of the statistical report
- Main settings of the detailed report
- Main settings of the report on users
- System report settings
- Main settings of the report on policies
- Additional task settings
- Run mode
- Contacting the Technical Support Service
- Sources of information about the application
- Glossary
- Activating the application
- Active key
- Active policy
- Additional key
- Anti-virus databases
- Archived incident
- Archiving
- Backup
- Black list of key files
- Closed incident
- Confidential data
- Control scope
- Corporate security
- Data category
- Data leak
- Data leak prevention
- Data search
- Data subcategory
- Disinfection
- DLP Module (Data Leak Prevention)
- DLP Module status
- Document templates
- False positive incident
- File blocking
- Full scan
- Hash sum
- Incident
- Incident status
- Incremental scanning
- Infected object
- Kaspersky CompanyAccount
- Kaspersky Lab categories
- Kaspersky Lab update servers
- Kaspersky Security Network (KSN).
- Key file
- Keywords
- License certificate
- License term
- Managed device
- Management Console
- Match level
- Object removal
- On-access scan
- Opened incident
- Personal data
- Phishing
- Policy
- Policy violation
- Probably infected object
- Quotations from documents
- Search scope
- Search task
- Security Officer
- SharePoint server structure
- Skipping of an object
- System KPI (Key Performance Indicators)
- Table data
- Unwanted content
- Update
- User category
- Violation context
- Virus
- Working scenario
- Kaspersky Lab AO
- Information about third-party code
- Trademark notice
Incidents
This node lets you view and process incidents.
The Incidents filter section lets you find incidents that need processing.
The section displays the incident filtering conditions. Each condition has two parameters: a criterion and a value. The drop-down list on the left lets you select an incident filtering criterion. Incident details are used as filtering criteria. In the drop-down list next to it you can specify the value of the selected criterion according to which filtering is performed. The appearance of the drop-down list depends on the filtering criterion selected.
By default, the incident filter contains one filtering condition. You can add several conditions to configure incident filtering flexibly. The application performs filtering according to all conditions added to the incident filter.
Clicking this button displays an additional condition for which you can configure filtering settings.
Clicking this button causes the list to display incidents that match the search conditions.
You can remove an incident filtering condition by clicking the 
button located on the right of the condition parameters.
The List of incidents section contains a table with a list of incidents. This list lets you view the details of each incident, change incident status, perform incident archiving and recover incidents from the archive.
The list of incidents appears one page at a time. The first page of the incident list displays 24 of the latest incidents. Use the buttons in the 
bottom right corner of the table to navigate the pages. The number of the page you are viewing is displayed in the field between buttons.
Clicking this button opens the Incident details window. In this window, you can view the incident details and history, as well as change the incident's status.
Button with a list in which you can select the method of changing the status of incidents. You can change the status of all incidents in the list or the status of selected incidents only.
Selecting the status change option opens the Changing status window. This window lets you assign a new status to an incident and specify the reason for the status change.
Clicking the button causes the application to update the list of incidents. New incidents created since the time when the list was last refreshed are added to the list.
The list of incidents is not refreshed automatically.
Clicking this button expands the Select columns to display section. This section lets you select the incident details to be displayed in the incident table by means of check boxes. Incident details next to which the icon 
appears are always displayed in the table.
You can right-click to open the context menu of the incident. The context menu allows you to change the incident's status, view the incident details, and find similar incidents (e.g., those associated with the same user or file).
Clicking this button causes the application to start the Incident Archiving Wizard. The Wizard lets you archive incidents that have been processed.
Archived incidents are removed from the list of incidents. If necessary, you can recover incidents from the archive.
Clicking this button causes the application to start the Incident Recovery Wizard that lets you recover incidents from the archive.
Clicking this button causes the application to remove all incidents with Archived status from the list of incidents.
Incidents can be recovered from the archive.
|
Use these settings for the following tasks |
See also Updating the list of incidents Searching for incidents using a filter Changing incident details displayed in the table |