Cloud Client with Kaspersky AV, all users are seen as "non-interactive-user"
search cancel

Cloud Client with Kaspersky AV, all users are seen as "non-interactive-user"


Article ID: 165534


Updated On:


CDP Integration Server


There is a known compatibility issue between the Cloud Client and Kaspersky AV documented in the Cloud Release Notes at:


Tested Anti-Virus Vendors on Clients->
Kaspersky Internet Security
Per the Cloud Release Notes, using Kaspersky AV with Cloud Client will make all traffic forward to the cloud as the default (non-interactive) user.  In other words, all users (in Cloud Reporting) will show up as: non-interactive-user (instead of their usernames).
Kaspersky AV, in its default configuration, won't allow the Cloud user-tunnel to come up (which identifies individual users).
There is a workaround, however, by EXCLUDING ports 80 and 443 in Kaspersky's port monitoring.



In order to EXCLUDE A PORT from the list of monitored ports in Kaspersky AV (instructions here verified with Kaspersky AV version 6.0): 
  1. Open the application settings window ("Settings" button).
  2. In the left part of the "Settings" window, select the "Network" section under "Options".
  3. In the "Monitored ports" section on the right, click the "Port settings" button.
  4. In the "Port settings" window, select the "Monitor selected ports only" radio button, and uncheck the box next to port 80 and port 443.
User-added image
NOTE: this will *disable* HTTP (port 80) and HTTPS (port 443) monitoring by Kaspersky AV.  Be advised that this will reduce the security of the Kaspersky AV suite.
But this workaround will allow Cloud Client to exist with the Kaspersky AV suite, while still allowing Cloud users to be individually identified in Reporting.