Kaseya Community

KA 9.3 required improvements

  • I often thing the VSA is developed in a vacuum, and nobody who writes these things actually uses them in the real world, because the usability is pretty poor in many areas.

    I wish for the following improvements:

    When you use a filter, change the filter icon to show a filter is in use. It's far too easy to overlook this and wonder why you're not seeing all the agents, or to miss applying something to an agent because you selected a filter weeks ago.

    Agents running classic KAV should say so - not "Not Installed". Toggling back and forth between classic kav and new kav to see what's got AV and what doesn't is a pain in the ***. 

    Also, if classic KAV can say "KES Installed" why can't new KAV ????

    Why doesn't "antivirus status" column set include the "flags" column??  The flags are critical to picking up problems e.g. profile out of compliance, definitions out of date etc.

    Just a few really basic things that would make the module much more usable.....

  • Good calls I would also like to see this. We have 1000s of endpoints to migrate from KAV classic to KAV and it's going to be a nightmare.

  • I have mentioned this weeks ago to Kaseya but the reaction to this was rather cold. This 'feature' wasn't deemed necessary and my comment about it didn't give me the impression it was on a shortlist....

    Rather crappy if you ask me!

  • Great comment Craig, I would also add the lack of being able to migrate profiles to this list as well!  You have to switch back and forth to get settings from the classic to add back into the new, royal pain!  We're supposed to be leveraging technology and making processes simpler and easier, not more convoluted!

  • Migrating profiles is another thing I agree with.

    Heck, I can't even tell if a machine has a virus or not through either KAV.

    Apparently the thing to do is to go to show - machines - antivirus status column set - check the 'has threats' column - but no, that's not right. "has threats" is triggered for threats successfully quarantined - WTF?? A quarantined threat is no longer a threat!!!

    Now, let's say we do have a real threat shown - so we go to the detections screen to remove the threat. Delete is grayed out. WTF??  What's the point if you can't REMOVE the threat ?!!?!?!?

    In reality, oyu have to go onto the endpoint, open up the Kaspersky UI and deal with the threats (delete the file, clear the quarantine, etc) there. UGH!!

    Seriously, KAV is just unusable as it stands.

    Kaseya, the NUMBER ONE important thing with KAV, is to CLEARLY indicate which machines HAVE VIRUSES and then to allow us to REMOVE THE VIRUSES easily.

    Start by getting that right!!!!

  • I agree 100% - one of the best, and worst, tools in Kaseya is the Kaspersky module. My new challenge: reporting on KAV status for financial customer audits.

  • :-(  at the moment that's the best I can do on KAV, despite all the hard work being done. I know steps are taken to include profile migration and showing status of KAV in KAV Classic and vice versa.

    We've been struggling with KAV for over a year now and still the module is rather bleh. Craig is brutally honest to pinpoint what's wrong in the KAV module. I'm not sure these 'suggested' changes will come soon or even that Kaseya is convinced it needs to be done.

    Care to comment anyone from Kaseya?

  • I wanted to specifically address some of the points you made from my perspective as well:

    When you use a filter, change the filter icon to show a filter is in use. It's far too easy to overlook this and wonder why you're not seeing all the agents, or to miss applying something to an agent because you selected a filter weeks ago.

    This is an awesome suggestion!  My team has over 150 engineers who utilize our system and we get questions/inquiries like this once a week.

    Agents running classic KAV should say so - not "Not Installed". Toggling back and forth between classic kav and new kav to see what's got AV and what doesn't is a pain in the ***.

    Also, if classic KAV can say "KES Installed" why can't new KAV ????

    This is a great suggestion as well and should serve as a good ruler moving forward as Kaseya begins to write new modules to our system while retaining classic modules.

    Why doesn't "antivirus status" column set include the "flags" column??  The flags are critical to picking up problems e.g. profile out of compliance, definitions out of date etc.

    This would be extremely useful as well for our technicians. 

  • I completely agree +1 for this!

  • Tim, valid point, post an update on what or how you accompplish your task sanely!

  • Hi All,

    First of all, thanks for all the feedback.  We are really looking forward to making the the KAV and KAM products better for you!

    To address some of the items in this discussion.

    We are working with the PM and UI team to better show filters being used in the future.

    We are now showing if the agent is installed in classic from KAV/KAM new and in New if in classic.  This was put out in 9.3.0.20 / 9.4 (Beta)

    The Antivirus Status does include the column Flags.  Possibly it is hidden on your system.

    We have developed a tool for our PSE team to migrate profiles from classic to New.

    I will personally dig deeper into showing and handling threats.

    If I have missed anything, please let us know.  We are truly committed on making this the  best product to manage your security.  

    Additionally, Please keep the suggestions coming.

    Thanks,

    Charles



    Grammar corrections
    [edited by: Charles at 11:01 AM (GMT -7) on Oct 24, 2016]
  •  has always been receptive to feedback and personally I am excited to see the potential of this module.

    Two suggestions which are crucial to my buy-in is more on our engineer experience using the module(s):

    - In order to encourage our engineering fleet to use the scans/updates and all available functions through the module, there should be a progress bar/estimated time of completion for all functions.  The reason they rather remote control to the machine, interrupt the user, and run scans manually is due to this current lack of functionality from the module.  Right now the module just states 'Running'.

    - When our engineers do schedule scans during set times, it would be incredibly beneficial to receive the scan information following its completion: Objects scanned - Threats found (if any) - Time of scan.  This is just to mention a few.  From what I have gathered, only the completion time and date is reported on the module.

    - Piggybacking off the point above, having pre and post procedures following scans/updates and any other functions can really open up the possibilities!

    I believe incorporating some of these visible technical aspects of the product will encourage further use and dependency of the module.

  • Charles, the. 20 update has gone a long way towards real usability - I thank you for listening. The. 20 release is a massive step forward and I am very pleased that our feedback is being taken on-board.

    Please continue to work on the threat handling and the other requests, but  for now, I'm really pleased with the recent progress shown.

    I'm glad for one to see that Kaseya is listening.

  • Thanks again for the feedback.

    @oromero,

    I created ticket to look into getting more information back on scan, like percentage complete.  We are reliant on Kaspersky, but I will dig deeper.

    I also created a ticket on Getting information after a scan.  I am think we may be able to leverage the Alerts page, for a feature to add Scans completed.  Would have to be careful not to send too much information, possibly adding the type of scan to alert.

    I will also be looking into adding pre and post agent procedures for scans.

    Thanks,

    Charles

  • @Craig,

    On Threat detection:

    The systems allows for Alerts to be created on Threat Detection.  I just tested and this works for emails, creating alarms and creating notifications.  Plus when I see Kapsersky detects a threat, I see it in the Antivirus > Show > Machines page.  If any of this is not working please let me know.  I am also seeing the opposite, in that if a threat is quarantined, it does not trigger the Active Threats column.  I may be misreading, but on my my system all of this is working.  

    I was also able to go to the detections page and Delete threats.  Again if this is not working for you please submit a ticket with details.  

    Possible environment issue, but I would be happy to get together with you if you are still experiencing these issues, to see it happening and collect logs if it is to address these issues you are seeing.

    - Charles