- About Kaspersky Security 9.0 for SharePoint Server
- What's new
- Application architecture
- Upgrading from a previous version of the application
- Installing and removing the application
- Preparing to install
- Access rights for managing Kaspersky Security
- How to grant rights to website collections and modify the SharePoint configuration
- Creating an SQL database manually
- Features of the application installation on a SharePoint farm
- Starting the application installation
- Step 1. Viewing the License Agreement
- Step 2. Selecting the type of installation
- Step 3. Selecting components and configuring component installation
- Step 4. Creating a database on an SQL server
- Step 5. Configuring a user account for running Kaspersky Security services
- Step 6. Starting the application installation
- Changes in the system after installing the application
- Getting started
- Restoring the application
- Removing the application
- Administration
- Working with personal data of users
- Role-based access restriction in Kaspersky Security for SharePoint Server
- Modifying the additional settings of the SQL server connection string
- Application licensing
- Starting Management Console
- Adding protected servers to Management Console
- Default protection
- Participating in Kaspersky Security Network
- On-access scan
- Kaspersky Security operation depending upon the SharePoint server settings
- Enabling and disabling on-access anti-virus scanning
- Configuring basic scan settings
- Configuring object processing rules for on-access scanning
- Enabling and disabling on-access content filtering
- Enabling and disabling SharePoint web object scanning
- Creating on-access Anti-Virus scan exclusions
- Configuring additional settings for on-access content filtering
- On-access scan
- General
- Exclusions from anti-virus scan
- File mask
- Content filtering rules
- Phishing scan
- On-demand scan
- Adding an on-demand scan task
- Starting and stopping on-demand scan tasks
- Viewing a report on the results of an on-demand scan
- Saving a report on the results of an on-demand scan
- Deleting an on-demand scan task
- Selecting and excluding from on-demand scanning areas of the SharePoint structure
- Creating on-demand Anti-Virus scan exclusions
- Configuring content filtering
- Task settings – General
- On-demand scan
- Connecting the Management Console to a SharePoint farm when upgrading Kaspersky Security
- Task settings – Scan scope
- Web address
- Task settings – Schedule
- Task settings – Exclusions from anti-virus scan
- Task settings – Content filtering rules
- File mask
- Content filtering
- About the white list
- Creating the white list
- Creating, renaming, and deleting user categories of unwanted words and phrases
- Importing a list of unwanted words and phrases into a user category from a text file
- Adding, changing, and deleting unwanted words and phrases in user categories
- Creating, renaming, and deleting a set of masks for unwanted file names
- File name mask creation rules
- Changing a set of unwanted file name masks
- Content filtering
- Category name
- Keyword settings
- Set name
- File mask
- Preparing the DLP Module
- Backup
- Viewing the list of files in Backup
- Quick file search in Backup
- Extended file search in Backup
- Restoring files from Backup
- Rules for restoring files when version control is enabled in SharePoint
- Saving files from Backup to disk
- Removing files from Backup
- Purging Backup manually
- Configuring automatic Backup purging
- Backup
- Database update
- Configuring automatic database updates
- Configuring the local database update settings on SharePoint servers of the farm
- Viewing the information about updates to the anti-virus database
- Updating databases manually
- Propagating global database update settings to SharePoint farm servers
- Updates
- Updates – General
- Updates – Database update settings
- SharePoint server database update settings
- Notification delivery
- Preparing application reports
- Auditing the application operation
- Kaspersky Security events in Windows Event Log
- About the log of content filtering
- Enabling the extended event logging into the Content Filtering log
- Configuring the path to the logs folder
- Configuring the log storage term
- Configuring the detail level of event logs
- Failsafe support for SQL databases
- Settings
- Diagnostics settings window
- Managing the application using the Kaspersky Security Center
- Installing the Kaspersky Security administration plug-in
- About application activation via Kaspersky Security Center
- Updating application databases via Kaspersky Security Center
- Kaspersky Security events in Kaspersky Security Center
- Viewing SharePoint server protection status details
- Application operation statistics in Kaspersky Security Center
- Monitor the application's operation via System Center - Operations Manager
- To security officer
- About Data Leak Prevention
- Security Officer's Guide
- Assessing the status of data protection
- Using categories. Assigning data to categories
- File formats to scan
- Keywords. Making expressions using operators
- Adding a category of keywords
- Table data. Setting up the match level
- Adding a category of table data
- Quotations from documents
- Adding a category with quotations from documents
- Document templates
- Adding a category for searching for documents using templates
- About Kaspersky Lab data categories
- Changing the contents of a Kaspersky Lab category
- Editing category settings
- About exclusions from a Kaspersky Lab category
- Regular expressions
- Configuring exclusions from a Kaspersky Lab category
- Deleting a category
- Monitoring and preventing data leaks
- New Policy Wizard
- Searching for policies by users
- Adding a file to exclusions by web address
- Deleting a policy
- Categories and policies
- Settings of a category of table data
- Settings of a category of keywords
- Settings of a category with quotations from documents
- Settings of a category with document templates
- Results of adding or modifying categories of quotations from documents and document templates
- Category: <Category name>
- New Policy Wizard. Step 1
- New Policy Wizard. Step 2
- New Policy Wizard. Step 3
- New Policy Wizard. Step 4
- Policy settings – Policy
- Control scope
- Policy settings – Users
- Web address
- Policy settings – Actions
- Exclusions from a Kaspersky Lab category tab
- Searching SharePoint websites for data
- Features of incremental scan
- Enabling the incremental scanning
- Adding a search task
- Starting and stopping a data search
- Editing the search task settings
- Viewing the search results
- Saving search results
- Deleting a task
- Deleting the search results
- Search
- Task settings – General
- Task settings – Categories
- Task settings – Search scope
- Web address
- Task settings – Run mode
- Managing incidents
- Updating the list of incidents
- Changing incident details displayed in the table
- Searching for incidents using a filter
- Searching for similar incidents
- Changing the status of an incident
- Viewing incident details
- Copying incident details to the clipboard
- Archiving incidents
- Restoring incidents from the archive
- Deleting archived incidents
- Incidents
- Change status
- Incident details – Review
- Incident details – History
- Incident Archiving Wizard
- Incident Recovery Wizard
- Generating application reports
- Generating a quick report
- Adding a report generation task
- Saving reports
- Starting a report creation task
- Editing report generation task settings
- Configuring settings of the report on policy-related incidents
- Configuring the report on users
- Configuring system KPI report settings
- Configuring settings of the incident status report
- Viewing the report on policy-related incidents
- Viewing the system KPI report
- Viewing the report on users
- Viewing the incident status report
- Deleting a report
- Reports
- Main settings of the detailed report
- Main settings of the report on users
- Additional report settings
- System report settings
- Main settings of the statistical report
- Additional settings of the statistical report
- Main settings of the detailed report
- Main settings of the report on users
- System report settings
- Main settings of the report on policies
- Additional task settings
- Run mode
- Contacting the Technical Support Service
- Sources of information about the application
- Glossary
- Activating the application
- Active key
- Active policy
- Additional key
- Anti-virus databases
- Archived incident
- Archiving
- Backup
- Black list of key files
- Closed incident
- Confidential data
- Control scope
- Corporate security
- Data category
- Data leak
- Data leak prevention
- Data search
- Data subcategory
- Disinfection
- DLP Module (Data Leak Prevention)
- DLP Module status
- Document templates
- False positive incident
- File blocking
- Full scan
- Hash sum
- Incident
- Incident status
- Incremental scanning
- Infected object
- Kaspersky CompanyAccount
- Kaspersky Lab categories
- Kaspersky Lab update servers
- Kaspersky Security Network (KSN).
- Key file
- Keywords
- License certificate
- License term
- Managed device
- Management Console
- Match level
- Object removal
- On-access scan
- Opened incident
- Personal data
- Phishing
- Policy
- Policy violation
- Probably infected object
- Quotations from documents
- Search scope
- Search task
- Security Officer
- SharePoint server structure
- Skipping of an object
- System KPI (Key Performance Indicators)
- Table data
- Unwanted content
- Update
- User category
- Violation context
- Virus
- Working scenario
- Kaspersky Lab AO
- Information about third-party code
- Trademark notice
Incident details – Review
The No field displays the serial number of an incident. The number is assigned to an incident when one is created, and it is unique.
On the Browse tab, you can view detailed information about an incident, change the incident status, and send users notifications of violations of the corporate security requirements.
The Status field shows the current incident status. You can change the incident status by clicking the Change button.
The User field contains the account name of the employee associated with an incident (displayed as a link). Clicking this link opens an email window so that you can send a message to that employee.
After failing to determine the user's Active Directory account, the application displays the user's SharePoint account in this field. If the application failed to determine the user's SharePoint account, the application displays the Error receiving name notification in this field.
The File field displays the name of the file associated with an incident. Clicking the Actions button on the right of the file name opens a section in which you can select the action to be taken on the detected file:
- Save as. The application saves the file to the specified location.
- Open from SharePoint website. The application opens the page of a SharePoint website with the detected file.
- Add to exclusions. The application adds the web address of the file to the list of exclusions.
If the incident has been created due to a policy violation, the web address will be added to the policy's exclusions. The application will not control the uploading of files by users to that web address.
If the incident has been created when running the search task, the web address will be added to the search task's exclusions. The application will not scan files located on that web address.
- Copy data to clipboard. When you click this button, the application copies the incident details and processing history to the clipboard. The order and set of details being copied are the same as those displayed in the Incident details window. To continue handling the incident, you can paste the data from the clipboard to a text editor (such as Notepad or Microsoft Word).
You cannot add the web address to the exclusions of search tasks for incidents that have been created during the operation of Kaspersky Security 9.0.
The Manager field displays the account of the employee's manager that is present in Active Directory.
The Address field displays the web address of the file that has caused the policy violation while being transferred to SharePoint.
The Category field displays the name of the data category detected by the application in the file being transferred.
The Priority field displays the incident severity rate specified in the policy settings.
The Action field displays the action that has been applied by the application to the file.
The Created field displays the date and time of the incident creation. The internal SharePoint server time is used.
The Policy field displays the name of the violated policy.
The Violations field displays the number of text fragments that contain data matching the category.
The Violation context field displays all text fragments that contain data matching the category. Keywords or table data in each fragment are highlighted in red.
|
Use these settings for the following tasks |
See also |