Antivirus Resources for IT Staff at NC State

Recommendations for University-owned Computers

NOTE: With the move away from Kaspersky for most end-point computers, this page will continue to be updated. While Kaspersky is no longer licensed for most end-user computers, it is still being used on many campus servers.

IMPORTANT: Do NOT install any campus version of Kaspersky or MS Endpoint Security on a personally-owned device.

For Macs

  • OIT currently recommends MS Endpoint Security for Macintosh.
  • For more information on this product, see Macintosh Devices.
  • An investigation of alternative solutions will take place at a later time.

For Windows

  • Microsoft recommends upgrading older versions of the Windows operating system to version 10.
  • Windows devices (versions 7 through 10) that are joined to WolfTech Active Directory (AD) should use MS Endpoint Protection available via SCCM.
  • For Windows devices not joined to the WolfTech AD, OIT recommends using the standalone MS Endpoint Protection client.
    • The MS Endpoint Protection Agent will need to be manually installed and will receive updates and definitions via Windows Update.
    • The installers are available for download via the software.ncsu.edu website.

 

Some campus servers will continue to run Kaspersky Antivirus products. As a result, the information below is being retained as the transition evolves.

Three versions are available for a campus Windows server, depending on

  • the operating system
  • whether it is physical or virtual
  • if virtual, whether it is on the OIT VMWare infrastructure or another VM provider’s infrastructure
  • whether it is used for Web browsing/email.

This set of choices is complex. Please see the table below for guidance in selecting the best version for your computers or servers.

  • Kaspersky Endpoint Security (KES 10)
    Recommended for any physical server, or VM that is:

    • not provided by OIT or
    • used for Web browsing or email. 
  • Kaspersky Antivirus 8 (KAV 8)
    • Recommended for both of these:
      • any physical or virtual server that is not provided by OIT
      • OIT-provided Windows Server 2012r2 VMs that are not used for Web browsing or email.
    • Provides antivirus protection only.
    • Managed through a console that is available through OIT’s Citrix service, rather than on the server console directly.
    • For access to the Citrix KAV 8 console, send email to oit_antivirus@help.ncsu.edu.
  • Kaspersky Security for Virtualization (KSV 3)
    • Recommended for OIT-provided Windows VMs.
    • Being installed on the OIT VMWare infrastructure (on the hypervisor).
    • Consumes significantly fewer resources than KAV 8 or KES 10.
    • Requires the vShield component of VMware Tools to be installed.
Operating
System
Physical
Computer
or Server
OIT-provided
VMWare
Other VM
Windows 7/8 KES 10

  • if NOT provided by OIT
    or
  • if used for Web 
    browsing or email.
KES 10

  • if NOT provided by OIT
    or
  • if used for Web 
    browsing or email. 
KES 10

  • if NOT provided by OIT
    or
  • if used for Web 
    browsing or email. 

Windows
Server

  • 2003
  • 2008
  • 2008r2
  • 2012
Option 1: KAV 8 

  • If NOT used for Web
    browsing or email

 
Option 2: KES 10

  • If used for Web
    browsing or email
Option 1: KSV 3

  • Not yet available.
  • Will be required when it
    becomes available.

Option 2: KAV 8

  • If server console is NOT used
    for Web browsing or email

Option 3: KES 10

  • If server console is used for
    Web browsing or email
Option 1: KAV 8

  • If NOT used for Web
    browsing or email 

Option 2: KES 10

  • If used for Web
    browsing or email
Windows
Server
2012r2
Option 1: KAV 8 

  • If NOT used for Web
    browsing or email

 
Option 2: KES 10

  • If used for Web
    browsing or email
Option 1: KSV 3

  • Available for Windows VMs
  • Not for web browsing or email

Option 2: KAV 8

  • If server console is NOT used
    for Web browsing or email

Option 3: KES 10

  • If server console is used for
    Web browsing or email
Option 1: KAV 8 

  • If NOT used for Web
    browsing or email

 
Option 2: KES 10

  • If used for Web
    browsing or email

For WolfTech Active Directory

 

KES 10

  • For both of these:
    • Windows 7/8
    • servers used for Web browsing or email that are not on OIT VMWare infrastructure
  • add device to either of these security groups:
    • {OU}-EX-Kaspersky-Endpoint Security-10.2.1.23
    • {OU}-SW-Kaspersky-Endpoint Security-10.2.1.23-SS
  • Running KES 10 will do both of these:
    • Uninstall Trend Micro OfficeScan
    • Install KES10
  • A reboot is needed to complete the process.

KAV 8

  • For both of these:
    • Windows Server 2012r2 VMs that are on the OIT VMWare infrastructure
    • physical servers and VMs that are not on OIT VMWare infrastructure
  • add device to this security group:
    • {OU}-EX-Kaspersky-AV for Windows Server Enterprise-8.0-SS
  • Running the application will do both of these:
    • Uninstall Trend Micro OfficeScan
    • Install Kaspersky Antivirus 8.0 (KAV 8)
  • A reboot is needed to complete the process.
  • Send inquiries about KAV 8 to: oit_antivirus@help.ncsu.edu

KSV 3

  • For Windows VMs on OIT VMWare infrastructure.
  • The vShield component of VMware Tools must be installed on the client system to allow for protection by KSV.

For systems not joined to WolfTech AD (NOTE: Information needs updating)

 

KES 10

  1. Go to the Kaspersky Antivirus Web page in the software site.
  2. Authenticate via this link:
    Unity Login (WRAP)
    on the left, under the nav bar.
  3. From the Available Packages list, select:
    Kaspersky Antivirus (Campus Version)
  4. Follow the installation instructions provided, with particular attention to the steps for uninstalling existing antivirus products.

KAV 8

  • For servers that are NOT used for Web browsing/email at the server console.
  • Contact oit_antivirus@help.ncsu.edu for more information.

KSV 3

  • For Windows VMs on OIT VMWare infrastructure.
  • The vShield component of VMware Tools must be installed on the client system to allow for protection by KSV.
  • Contact oit_antivirus@help.ncsu.edu for more information.

Uninstalling KAV8

The following can be used on standard or server core Windows server systems, from an adminstrative command prompt:

  • Uninstall KAV8:  msiexec.exe /x {25CBEAC9-B987-4FD0-ABB5-BDB0A838E937} /qb-
  • Uninstall Kaspersky network agent: msiexec.exe /x {BCF4CF24-88AB-45E1-A6E6-40C8278A70C5} /qb-

Older client versions

OIT does not offer any of these and can provide only limited support for them.

Your suggestions

Please contact us if you have suggestions for additional resources to list here.