cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Integration of Kaspersky security solution with Extreme Networks through the Distributed IPS Connect module

Integration of Kaspersky security solution with Extreme Networks through the Distributed IPS Connect module

Antonio_Opromol
Contributor II
I've made a quick lab on the integration between the Kaspersky security solution and the Extreme Networks solution using the Distributed IPS connect module present on the EMC server.

I share with you my lab results and settings.

For my lab environment I've used:
Extreme Management Center (EMC) version 8.0.3.53
ExtremeControl version 8.0.3.53
Kaspersky Security Center (KSC) version 10.4.343
Kaspersky Endpoint Security (KES) 10 SP2 for Windows version 10.3.0.6294

First of all we need to configure our Kaspersky Security Center in manner to export via syslog the relevant security events to EMC server.
To do this, in the Events section of KSC we need to configure the export events section, as the following


(Thanks to Leo Lam of Extreme Networks for his help on the regular expressions)




we can manage in the proper way these events too



In similar manner is possible to manage every type of events of other software of the Kaspersky Security solution, and react with EMC to these.

Antonio

6 REPLIES 6

Drew_C
Valued Contributor III
This is great! Thanks for posting!

Kurt_Semba
Extreme Employee
great work Antonio and thanks for sharing!
GTM-P2G8KFN