We use the K1000 to patch our environment and thus far it has done a really good job after making a few tweaks here and there.

Recently, we started testing out Kaspersky Endpoint Security and it has wreaked absolute havoc on many of the computers we've pushed it to. Boot and login times went from 1.5-2 minutes with AVG to 2-6 minutes with Kaspersky. Additionally, computers often hang during login for upwards of 5-10 minutes, etc.. I suspect these massive increases in boot times may be on account of kinventory taking off after the computer starts. We had no such issues with AVG, which we used previously.

Worse of all, Kace patching seems to drive Kaspersky absolutely berserk. On many of the systems, even the simple act of kinventory running can send the CPU spiking to 80-100%. We normally run our Kace patch schedules in the evenings after business hours, but if a user takes their computer home with them or accidentally shuts it off before leaving, patching picks up the following morning when the computer is turned on or reconnected, sending Kaspersky over the top, and our users sitting there idle for 30 minutes until Kace finishes and Kaspersky settles back down.

I've added every folder Kace uses (C:\Dell, C:\program files\Dell, C:\programdata\dell) to Kaspersky's trusted zone and every Kace executable in "C:\program files\dell\kace" to Kaspersky's list of trusted applications, and patching still causes massive issues with Kaspersky.

With all of that said, I have two questions:

1. Has anybody with Kaspersky Endpoint Security been able to use Kace without these sorts of problems occurring?

2. If you use your K1000 to patch, which anti-virus product do you use? Do you have chronic problems such as the ones I mentioned above?

Thank you!

Answer Summary:
Cancel
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Answers

1

We use Symantec Enterprise 12 and do not have any of the problems you are seeing

Answered 01/08/2013 by: SMal.tmcc
Red Belt

  • I've used SEP before (at a previous job) and had very few problems with it. I may have a hard time convincing the higher-ups, though, since Symantec has had something of a bad reputation for being resource-intensive (as Kaspersky is proving to be). Has Symantec made improvements in reducing their footprint as of late?
Please log in to comment
1

We use Symantec Endpoint Protection and have no problems.

Answered 01/08/2013 by: X019
White Belt

Please log in to comment
0

I used Sophos Anti-Virus when I was a KACE customer and never had any problems.

Answered 01/08/2013 by: mpace
Red Belt

Please log in to comment
0

We are currently using Trend Micro's Officescan 10.6 and KACE. I've not seen this issue.

Answered 01/08/2013 by: lostlegend
White Belt

Please log in to comment
0

We use ESET NOD32 here and after some exceptions have not had any issues.  If it might help with your Kaspersky setup, here are the exclusions I'm using:

XP

C:\Documents and Settings\All Users\Dell\KACE\*.*

C:\Program Files\Dell\KACE\*.*

Win7

C:\Program Files (x86)\Dell\KACE\*.*

C:\ProgramData\Dell\KACE\*.*

I also excluded the IP address of my KBOX in the AV's Web access protection section.

John

Answered 01/08/2013 by: jverbosk
Red Belt

  • Thanks for the suggestion. I've actually already added exceptions for all of these folders in the Kaspersky policy, but unfortunately it doesn't seem to actually work.
    We're currently working with Kaspersky to try to figure out what the problem is, but if they don't come up with a fix soon, we may just end up going with another product.
  • Have you tried adding the "Windows" executables that actually run during the detect/deploy processes (i.e. wuauclt.exe, mcescan.exe, wmiprvse.exe)? I know mcescan.exe is in the agent program folder, but am assuming the others are in their default locations (C:\Windows\System32, C:\Windows\System32\wbem).

    John
  • Something else to try - stop & completely disable the Automatic Updates service and try a detect/deploy run against that machine. I had some machines acting up until I did that (and it doesn't need to be enabled for KACE patching to work).

    John
  • I'd already added mcescan.exe as a trusted application (along with every other executable in the Kace folder), but haven't added wuauclt.exe or wmiprvse.exe. I'll give those a shot to see if it helps any.

    Is there a list somewhere of all of the non-Kace executables that the detect/deploy process launches?
  • I'm sure the KACE engineers would know, but I don't. I just watch the processes in Task Manager. ^_^

    John
  • Did you ever get an answer for this? We've been looking at Kaspersky and this could be a deal breaker.
    • Unfortunately no.

      After working with Kaspersky support for over a month trying to fix the numerous problems that it caused (doubling startup/login times, random freezes for no reason, freezing while patching, etc), we gave up.

      We were able to get our money back and after testing a handful of other products (BitDefender, Sophos, GFI, Trend Micro), went with Trend Micro OfficeScan. We've had zero issues with OfficeScan and it's been running like a champ for a few months now. The management console isn't as pretty as Kaspersky, but I'll take that over the numerous issues Kaspersky caused any day.

      Unless you prefer to spend the first few hours of your days assisting users get logged in because their systems keep freezing, I'd recommend avoiding Kaspersky Endpoint Security like the plague. I'd imagine that not everybody experiences these issues with Kaspersky, but I'll never touch another one of their products.
Please log in to comment
Answer this question or Comment on this question for clarity

Share