Header Only - DO NOT REMOVE - Extreme Networks

Integration of Kaspersky security solution with Extreme Networks through the Distributed IPS Connect module

  • 8 November 2017
  • 6 replies

Userlevel 3
I've made a quick lab on the integration between the Kaspersky security solution and the Extreme Networks solution using the Distributed IPS connect module present on the EMC server.

I share with you my lab results and settings.

For my lab environment I've used:
Extreme Management Center (EMC) version
ExtremeControl version
Kaspersky Security Center (KSC) version 10.4.343
Kaspersky Endpoint Security (KES) 10 SP2 for Windows version

First of all we need to configure our Kaspersky Security Center in manner to export via syslog the relevant security events to EMC server.
To do this, in the Events section of KSC we need to configure the export events section, as the following

(Thanks to Leo Lam of Extreme Networks for his help on the regular expressions)

we can manage in the proper way these events too

In similar manner is possible to manage every type of events of other software of the Kaspersky Security solution, and react with EMC to these.


6 replies

Userlevel 3
great work Antonio and thanks for sharing!
Userlevel 7
This is great! Thanks for posting!
Userlevel 7
wow. cool thanks for sharing!
Did anyone save Antonios Screenshots?
Userlevel 3
Hi Steffi,

here you are some of the screenshot above that I've found in a my old email.
I hope helps you for customize this integration.

Thank you Antonio!