Kaspersky Security Center 14 Windows
14
English

Contents

[Topic 173420]

Events of the licensing limit exceeded

Kaspersky Security Center allows you to get information about events when some licensing limits are exceeded by Kaspersky applications installed on client devices.

The importance level of such events when a licensing limit is exceeded is defined according to the following rules:

  • If the currently used units covered by a single license constitute 90% to 100% of the total number of units covered by the license, the event is published with the Info importance level.
  • If the currently used units covered by a single license constitute 100% to 110% of the total number of units covered by the license, the event is published with the Warning importance level.
  • If the number of currently used units covered by a single license exceeds 110% of the total number of units covered by the license, the event is published with the Critical event importance level.

See also:

Adjusting the general settings of Administration Server
Page top
[Topic 138255]

About licensing

This section contains information about the licensing of Kaspersky applications managed via Kaspersky Security Center.

In this section

About the license

About the End User License Agreement

About the license certificate

About the license key

About the key file

About the subscription

About the activation code

Revoking consent with an End User License Agreement
Page top
[Topic 213977]

About the license

A license is a time-limited right to use Kaspersky Security Center, granted under the terms of the signed License Contract (End User License Agreement).

The scope of services and validity period depend on the license under which the application is used.

The following license types are provided:

  • Trial

    A free license intended for trying out the application. A trial license usually has a short term.

    When a trial license expires, all Kaspersky Security Center features become disabled. To continue using the application, you need to purchase a commercial license.

    You can use the application under a trial license for only one trial period.

  • Commercial

    A paid license.

    When a commercial license expires, key features of the application become disabled. To continue using Kaspersky Security Center, you must renew your commercial license. After a commercial license expires, you cannot continue using the application and must remove it from your device.

    We recommend renewing your license before it expires, to ensure uninterrupted protection against all security threats.

Page top
[Topic 69240]

About the End User License Agreement

The End User License Agreement (License Agreement or EULA) is a binding agreement between you and AO Kaspersky Lab stipulating the terms under which you may use the application.

Please carefully read the License Agreement before you start using the application.

Kaspersky Security Center and its components, for example, Network Agent, have their own EULA.

You can view the terms of the End User License Agreement for Kaspersky Security Center by using the following methods:

  • During installation of Kaspersky Security Center.
  • By reading the license.txt document included in the Kaspersky Security Center distribution kit.
  • By reading the license.txt document in the Kaspersky Security Center installation folder.
  • By downloading the license.txt file from the Kaspersky website.

You can view the terms of the End User License Agreement for Network Agent for Windows, Network Agent for Mac, Network Agent for Linux using the following methods:

  • During downloading of Network Agent distribution package from the Kaspersky web servers.
  • During installation of Network Agent for Windows, Network Agent for Mac, Network Agent for Linux.

Please note that when you install Network Agent for Linux, the End User License Agreement for Network Agent is displayed in English language. You can check the End User License Agreement for Network Agent in other languages in /opt/kaspersky/klnagent64/share/license folder before accepting the terms of the End User License Agreement during installation.

  • By reading the license.txt document included in the Network Agent for Windows, Network Agent for Mac, Network Agent for Linux distribution package.
  • By reading the license.txt document in the Network Agent for Windows, Network Agent for Mac, Network Agent for Linux installation folder.
  • By downloading the license.txt file from the Kaspersky website.

You accept the terms of the End User License Agreement by confirming that you agree with the End User License Agreement when installing the application. If you do not accept the terms of the License Agreement, cancel the application installation and do not use the application.

Page top
[Topic 179583]

About the license certificate

A license certificate is a document that you receive along with a key file or an activation code.

A license certificate contains the following information about the license provided:

  • License key or order number
  • Information about the user who has been granted the license
  • Information about the application that can be activated under the license provided
  • Limit of the number of licensing units (e.g., devices on which the application can be used under the license provided)
  • License validity start date
  • License expiration date or license term
  • License type
Page top
[Topic 73976]

About the license key

A license key is a sequence of bits that you can apply to activate and then use the application in accordance with the terms of the End User License Agreement. License keys are generated by Kaspersky specialists.

You can add a license key to the application using one of the following methods: by applying a key file or by entering an activation code. The license key is displayed in the application interface as a unique alphanumeric sequence after you add it to the application.

The license key may be blocked by Kaspersky in case the terms of the License Agreement have been violated. If the license key has been blocked, you need to add another one if you want to use the application.

A license key may be active or additional (or reserve).

An active license key is a license key that is currently used by the application. An active license key can be added for a trial or commercial license. The application cannot have more than one active license key.

An additional (or reserve) license key is a license key that entitles the user to use the application, but is not currently in use. The additional license key automatically becomes active when the license associated with the current active license key expires. An additional license key can be added only if an active license key has already been added.

A license key for a trial license can be added as an active license key. A license key for a trial license cannot be added as an additional license key.

Page top
[Topic 69295]

About the key file

A key file is a file with the .key extension provided to you by Kaspersky. Key files are designed to activate the application by adding a license key.

You receive a key file at the email address that you provided when you bought Kaspersky Security Center or ordered the trial version of Kaspersky Security Center.

You do not need to connect to Kaspersky activation servers in order to activate the application with a key file.

You can restore a key file if it has been accidentally deleted. You may need a key file to register a Kaspersky CompanyAccount, for example.

To restore your key file, perform any of the following actions:

Page top
[Topic 69431]

About the subscription

Subscription to Kaspersky Security Center is an order for use of the application under the selected settings (subscription expiration date, number of protected devices). You can register your subscription to Kaspersky Security Center with your service provider (for example, your internet provider). A subscription can be renewed manually or in automatic mode; also, you can cancel it.

A subscription can be limited (for example, one-year) or unlimited (with no expiration date). To continue using Kaspersky Security Center after a limited subscription expires, you must renew it. An unlimited subscription is renewed automatically if it has been prepaid to the service provider in due dates.

When a limited subscription expires, you may be provided a grace period for renewal during which the application continues to function. The availability and duration of the grace period is defined by the service provider.

To use Kaspersky Security Center under subscription, you must apply the activation code received from the service provider.

You can apply a different activation code for Kaspersky Security Center only after your subscription expires or when you cancel it.

Depending on the service provider, the set of possible actions for subscription management may vary. The service provider might not provide a grace period for subscription renewal and so the application loses its functionality.

Activation codes purchased under subscription cannot be used for activating earlier versions of Kaspersky Security Center.

When the application is used under subscription, Kaspersky Security Center automatically attempts to access the activation server at specified time intervals until the subscription expires. This ensures that the information about the subscription is synchronized with the activation server. You can renew your subscription on the service provider's website.

You can update the information about the subscription manually, without waiting for Kaspersky Security Center to access the activation server. For example, this might be useful when you change the subscription settings.

To update the information about the subscription manually:

  1. In the console tree, select the Kaspersky Licenses folder.
  2. Click Additional actions, and from the drop-down list select Synchronize subscription settings with Licensing server.

The information about the subscription is updated on the activation server.

Page top
[Topic 91039]

About the activation code

Activation code is a unique sequence of 20 alphanumeric characters. You enter an activation code to add a license key that activates Kaspersky Security Center. You receive the activation code through the email address that you specified after purchasing Kaspersky Security Center or after ordering the trial version of Kaspersky Security Center.

To activate the application by using the activation code, you need internet access to establish connection with Kaspersky activation servers.

If the application was activated with an activation code, the application in some cases sends regular requests to Kaspersky activation servers in order to check the current status of the license key. You must provide the application internet access to make it possible to send requests.

If you have lost your activation code after installing the application, contact the Kaspersky partner from whom you purchased the license.

You cannot use key files for activating managed applications; only activation codes are accepted.

See also:

Main installation scenario
Page top
[Topic 111091]

Revoking consent with an End User License Agreement

If you decide to stop protection of your client devices, you can uninstall managed Kaspersky applications and revoke your End User License Agreement (EULA) for these applications.

To revoke a EULA for managed Kaspersky applications:

  1. In the console tree, select Administration ServerAdvancedAccepted EULAs.

    A list of EULAs—accepted upon creation of installation packages, at the seamless installation of updates, or upon deployment of Kaspersky Security for Mobile—is displayed.

  2. In the list, select the EULA that you want to revoke.

    You can view the following properties of the EULA:

    • Date when the EULA was accepted.
    • The name of the user who accepted the EULA.
    • Link to the terms of the EULA.
    • List of the objects that are connected to the EULA: names of installation packages, names of seamless updates, names of mobile apps.
  3. Click the Revoke EULA button.

    In the window that opens, you are informed that you must uninstall Kaspersky application corresponding to the EULA.

  4. Click the button to confirm revocation.

    Kaspersky Security Center checks whether the installation packages (corresponding to the managed Kaspersky application whose EULA you want to revoke) are deleted.

    You can revoke only the EULA for a managed Kaspersky application, whose installation packages are deleted.

The EULA is revoked. It is not displayed in the list of EULAs in the Administration ServerAdvancedAccepted EULAs section. You cannot protect client devices using a Kaspersky application whose EULA you have revoked.

See also

Scenario: Configuring network protection
Page top
[Topic 192967]

About data provision

Data transferred to third parties

When using the Mobile Device Management functionality of the Software, for the purpose of timely delivery of commands to devices running the Android operating system through the push notification mechanism the Google Firebase Cloud Messaging service is used. If the User has configured the usage of the Google Firebase Cloud Messaging service, the User accepts to provide the following information to the Google Firebase Cloud Messaging service in automatic mode: installation IDs of the Kaspersky Endpoint Security for Android applications to which push notifications must be sent.

To block exchange of information with the Google Firebase Cloud Messaging service, the User must roll back the usage settings of the Google Firebase Cloud Messaging service to their factory values.

When using the Mobile Device Management functionality of the Software, for the purpose of timely delivery of commands to devices running the iOS operating system through the push notification mechanism the Apple Push Notification Service (APNs) is used. If the User has installed an APNs certificate on an iOS MDM Server, created an iOS MDM profile with a collection of settings for connection of iOS mobile devices to the Software, and installed this profile on mobile devices, the User agrees to provide the following information to APNs in automatic mode:

  • Token—Push token of the device. The server uses this token when sending push notifications to the device.
  • PushMagic—String that must be included in the push notification. The string value is generated by the device.

Data processed locally

Kaspersky Security Center is designed for centralized execution of basic administration and maintenance tasks on an organization's network. Kaspersky Security Center provides the administrator with access to detailed information about the organization's network security level; Kaspersky Security Center lets the administrator configure all the components of protection based on Kaspersky applications. Kaspersky Security Center performs the following main functions:

  • Detecting devices and their users on the organization's network
  • Creating a hierarchy of administration groups for device management
  • Installing Kaspersky applications on devices
  • Managing the settings and tasks of installed applications
  • Managing the updates for Kaspersky and third-party applications, and finding and fixing vulnerabilities
  • Activating Kaspersky applications on devices
  • Managing user accounts
  • Viewing information about the operation of Kaspersky applications on devices
  • Viewing reports

To perform its main functions Kaspersky Security Center can receive, store, and process the following information:

  • Information about the devices on the organization's network received as a result of device discovery on the Active Directory network or Windows network, or through scanning of IP intervals. Administration Server gets data independently or receives data from Network Agent.
  • Information about the Active Directory organizational units, domains, users, and groups received as a result of device discovery on the Active Directory network. Administration Server gets data independently or receives data from Network Agent.
  • Details of managed devices. Network Agent transfers the data listed below from the device to Administration Server. The User enters the display name and description of the device in the Administration Console interface or Kaspersky Security Center Web Console interface:
    • Technical specifications of the managed device and its components required for device identification: device display name and description, Windows domain name and type, device name in Windows environment, DNS domain and DNS name, IPv4 address, IPv6 address, network location, MAC address, operating system type, whether the device is a virtual machine together with hypervisor type, and whether the device is a dynamic virtual machine as part of VDI.
    • Other specifications of managed devices and their components required for audit of managed devices and for making decisions about whether specific patches and updates are applicable: Windows Update Agent (WUA) status, operating system architecture, operating system vendor, operating system build number, operating system release ID, operating system location folder, if the device is a virtual machine—the virtual machine type; the name of the virtual Administration Server that manages the device; cloud device data (cloud region, VPC, cloud availability zone, cloud subnet, cloud placement zone).
    • Details of actions on managed devices: date and time of the last update, time the device was last visible on the network, restart waiting status, and time the device was turned on.
    • Details of device user accounts and their work sessions.
  • Distribution point operation statistics if the device is a distribution point. Network Agent transfers data from the device to Administration Server.
  • Distribution point settings entered by the User in the Administration Console or Kaspersky Security Center Web Console.
  • Data necessary for the connection of mobile devices to the Administration Server: certificate, mobile connection port, Administration Server connection address. The User enters the data in the Administration Console or in Kaspersky Security Center Web Console.
  • Details of mobile devices transferred by using the Exchange ActiveSync protocol. The data listed below are transferred from the mobile device to Administration Server:
    • Technical specifications of the mobile device and its components required for device identification: device name, model, operating system name, IMEI number, and phone number.
    • Specifications of the mobile device and its components: device management status, support of SMS, permission to send SMS messages, support of FCM, support of user commands, operating system storage folder, and device name.
    • Details of actions on mobile devices: device location (through the Locate command), time of last synchronization, time of last connection to the Administration Server, and synchronization support details.
  • Details of mobile devices transferred by using the iOS MDM protocol. The data listed below are transferred from the mobile device to Administration Server:
    • Technical specifications of the mobile device and its components required for device identification: device name, model, operating system name and build number, device model number, IMEI number, UDID, MEID, serial number, amount of memory, modem firmware version, Bluetooth MAC address, Wi-Fi MAC address, and SIM card details (ICCID as part of the SIM card ID).
    • Details of the mobile network used by the managed device: mobile network type, name of the currently used mobile network, name of the home mobile network, version of the mobile network operator settings, voice roaming and data roaming status, country code of the home network, residence country code, country code of the currently used network, and encryption level.
    • Security settings of the mobile device: use of a password and its compliance with the policy settings, list of configuration profiles and provisioning profiles used for installation of third-party applications.
    • Date of last synchronization with Administration Server and device management status.
  • Details of Kaspersky applications installed on the device. The managed application transfers data from the device to Administration Server through Network Agent:
    • Settings of Kaspersky applications installed on the managed device: Kaspersky application name and version, status, real-time protection status, last device scan date and time, number of threats detected, number of objects that failed to be disinfected, availability and status of the application components, details of Kaspersky application settings and tasks, information about the active and reserve license keys, application installation date and ID.
    • Application operation statistics: events related to the changes in the status of Kaspersky application components on the managed device and to the performance of tasks initiated by the application components.
    • Device status defined by the Kaspersky application.
    • Tags assigned by the Kaspersky application.
    • Set of installed and applicable updates for the Kaspersky application.
  • Data contained in events from Kaspersky Security Center components and Kaspersky managed applications. Network Agent transfers data from the device to Administration Server.
  • Data necessary for the integration of Kaspersky Security Center with a SIEM system for event export. The User enters the data in the Administration Console or in Kaspersky Security Center Web Console.
  • Settings of Kaspersky Security Center components and Kaspersky managed applications presented in policies and policy profiles. The User enters data in the Administration Console or Kaspersky Security Center Web Console interface.
  • Task settings of Kaspersky Security Center components and Kaspersky managed applications. The User enters data in the Administration Console or Kaspersky Security Center Web Console interface.
  • Data processed by the Vulnerability and Patch Management feature. Network Agent transfers the data listed below from the device to Administration Server:
    • Details of applications and patches installed on managed devices (Applications registry).
    • Information about the hardware detected on managed devices (Hardware registry).
    • Details of vulnerabilities in third-party software detected on managed devices.
    • Details of updates available for third-party applications installed on managed devices.
    • Details of Microsoft updates found by the WSUS feature.
    • List of Microsoft updates found by the WSUS feature that must be installed on the device.
  • Data required to download updates on isolated Administration Server to fix third-party software vulnerabilities on managed devices. The User enters and transmits data by using the Administration Server klscflag utility.
  • Data necessary for work of Kaspersky Security Center with the cloud environments (Amazon Web Services, Microsoft Azure, Google Cloud, Yandex Cloud). The User enters the data in the Administration Console or in Kaspersky Security Center Web Console.
  • User categories of applications. The User enters data in the Administration Console or Kaspersky Security Center Web Console interface.
  • Details of executable files detected on managed devices by the Application Control feature. The User enters data in the Administration Console or Kaspersky Security Center Web Console interface. A complete list of data is provided in the Help files of the corresponding application.
  • Details of files placed in Backup. The managed application transfers data from the device to Administration Server through Network Agent. A complete list of data is provided in the Help files of the corresponding application.
  • Details of files placed in Quarantine. The managed application transfers data from the device to Administration Server through Network Agent. A complete list of data is provided in the Help files of the corresponding application.
  • Details of files requested by Kaspersky specialists for detailed analysis. The managed application transfers data from the device to Administration Server through Network Agent. A complete list of data is provided in the Help files of the corresponding application.
  • Details of the status and triggering of Adaptive Anomaly Control rules. The managed application transfers data from the device to Administration Server through Network Agent. A complete list of data is provided in the Help files of the corresponding application.
  • Details of external devices (memory units, information transfer tools, information hardcopy tools, and connection buses) installed or connected to the managed device and detected by the Device Control feature. The managed application transfers data from the device to Administration Server through Network Agent. A complete list of data is provided in the Help files of the corresponding application.
  • Information about encrypted devices and the encryption status. The managed application transfers data from the device to Administration Server through Network Agent.
  • Details of data encryption errors on devices performed using the Data encryption feature of Kaspersky applications. The managed application transfers data from the device to Administration Server through Network Agent. A complete list of data is provided in the Help files of the corresponding application.
  • List of managed programmable logic controllers (PLCs). The managed application transfers data from the device to Administration Server through Network Agent. A complete list of data is provided in the Help files of the corresponding application.
  • Data required for creation of a threat development chain. The managed application transfers data from the device to Administration Server through Network Agent. A complete list of data is provided in the Help files of the corresponding application.
  • Data required for Kaspersky Security Center integration with the Kaspersky Managed Detection and Response service (the dedicated plug-in must be installed for Kaspersky Security Center Web Console): integration initiation token, integration token, and user session token. The User enters the integration initiation token in the Kaspersky Security Center Web Console interface. The Kaspersky MDR service transfers the integration token and the user session token through the dedicated plug-in.
  • Details of the entered activation codes or specified key files. The User enters data in the Administration Console or Kaspersky Security Center Web Console interface.
  • User accounts: name, description, full name, email address, main phone number, password, secret key generated by Administration Server, and one-time password for two-step verification. The User enters data in the Administration Console or Kaspersky Security Center Web Console interface.
  • Data that Identity and Access Manager needs for centralized authentication and for providing Single Sign-on (SSO) between Kaspersky applications integrated with Kaspersky Security Center: installation and configuration settings of Identity and Access Manager, Identity and Access Manager user session, Identity and Access Manager tokens, client application statuses and resource server statuses. The User enters data in the Administration Console or Kaspersky Security Center Web Console interface.
  • Revision history of management objects. The User enters data in the Administration Console or Kaspersky Security Center Web Console interface.
  • Registry of deleted management objects. The User enters data in the Administration Console or Kaspersky Security Center Web Console interface.
  • Installation packages created from the file, as well as installation settings. The User enters data in the Administration Console or Kaspersky Security Center Web Console interface.
  • Data required for the display of announcements from Kaspersky in Kaspersky Security Center Web Console. The User enters data in the Administration Console or Kaspersky Security Center Web Console interface.
  • Data required for the functioning of plug-ins of managed applications in Kaspersky Security Center Web Console and saved by the plug-ins in the Administration Server database during their routine operation. The description and ways of providing the data are provided in the Help files of the corresponding application.
  • Kaspersky Security Center Web Console user settings: localization language and theme of the interface, Monitoring panel display settings, information about the status of notifications (Already read / Not yet read), status of columns in spreadsheets (Show / Hide), Training mode progress. The User enters data in the Kaspersky Security Center Web Console interface.
  • Kaspersky Event Log for Kaspersky Security Center components and Kaspersky managed applications. Kaspersky Event Log is stored on each device and is never transferred to Administration Server.
  • Certificate for secure connection of managed devices to the Kaspersky Security Center components. The User enters data in the Administration Console or Kaspersky Security Center Web Console interface.
  • Data required for the Kaspersky Security Center operation in cloud environments, such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and Yandex.Cloud. Administration Server receives the data from the virtual machine on which it runs.
  • Information about the User's acceptance of the terms and conditions of legal agreements with Kaspersky.
  • The Administration Server data that the User enters in the following components:
    • Administration Console
    • Kaspersky Security Center Web Console
    • Command-line terminal when using the klscflag utility
    • Components interacting with the Administration Server via klakaut automation objects and Kaspersky Security Center OpenAPI
  • Any data that the User enters in the Administration Console or Kaspersky Security Center Web Console interface.

The data listed above can be present in Kaspersky Security Center if one of the following methods is applied:

  • The User enters data in the interface of the following components:
    • Administration Console
    • Kaspersky Security Center Web Console
    • Command-line terminal when using the klscflag utility
    • Components interacting with the Administration Server via klakaut automation objects and Kaspersky Security Center OpenAPI
  • Network Agent automatically receives data from the device and transfers it to Administration Server.
  • Network Agent receives data retrieved by the Kaspersky managed application and transfers it to Administration Server. The lists of data processed by Kaspersky managed applications are provided in the Help files for the corresponding applications.
  • Administration server gets information about networked devices independently or receives information from a Network Agent acting as a distribution point.
  • Data is transferred from the mobile device to Administration Server by using the Exchange ActiveSync or iOS MDM protocol.

The listed data is stored in the Administration Server database. User names and passwords are stored in encrypted form.

All data listed above can be transferred to Kaspersky only through dump files, trace files, or log files of Kaspersky Security Center components, including log files created by installers and utilities.

Dump files, trace files, and log files of Kaspersky Security Center components contain random data of Administration Server, Network Agent, Administration Console, iOS MDM Server, Exchange Mobile Device Server, and Kaspersky Security Center Web Console. These files can contain personal and sensitive data. Dump files, trace files, and log files are stored on the device in non-encrypted form. Dump files, trace files, and log files are not transferred to Kaspersky automatically; however, the administrator can transfer data to Kaspersky manually upon request by Technical Support to resolve issues in the Kaspersky Security Center operation.

Following the links in the Administration Console or Kaspersky Security Center Web Console, the User agrees to the automatic transfer of the following data:

  • Kaspersky Security Center code
  • Kaspersky Security Center version
  • Kaspersky Security Center localization
  • License ID
  • License type
  • Whether the license was purchased through a partner

The list of data provided via each link depends on the purpose and location of the link.

Kaspersky uses the received data in anonymized form and for general statistics only. Summary statistics are generated automatically from the originally received information and do not contain any personal or confidential data. As soon as new data is accumulated, the previous data is wiped (once a year). Summary statistics are stored indefinitely.

Kaspersky protects any information received in accordance with law and applicable Kaspersky rules. Data is transmitted over a secure channel.

Page top
[Topic 175956]

Kaspersky Security Center licensing options

Expand all | Collapse all

Kaspersky Security Center can work in the following modes:

  • Basic functionality of Administration Console

    Kaspersky Security Center works in this mode before the application is activated or after the commercial license expires. Kaspersky Security Center with support of the basic functionality of Administration Console is delivered as a part of Kaspersky applications for protection of corporate networks. You can also download it from Kaspersky website.

  • Commercial license

    If you need additional functionality which is not included in the basic functionality of Administration Console, you must purchase a commercial license.

    When adding a license key in the Administration Server properties window, ensure that you add a license key that lets you use Kaspersky Security Center. You can find this information at the Kaspersky website. Each solution webpage contains the list of applications included in this solution. Administration Server may accept unsupported license keys, for example a license key for Kaspersky Endpoint Security Cloud, but such license keys provide no new features in addition to the basic functionality of Administration Console.

Feature or property

Kaspersky Security Center operation mode

 

No license

Commercial license

Basic functionality of Administration Console

The following functions are available:

  • Creation of virtual Administration Servers that are used to administer a network of remote offices or client organizations.
  • Creation of a hierarchy of administration groups to manage specific devices as a single entity.
  • Remote installation of applications.
  • Centralized configuration of applications installed on client devices.
  • Control of the anti-virus security status of an organization.
  • Management of user roles.
  • Statistics and reports on the application's operation, as well as notifications about critical events.
  • Centralized operations with files that were moved to Quarantine or Backup and files whose processing was postponed.
  • Encryption and data protection management.
  • Viewing and editing existing licensed applications groups.
  • Viewing and manual editing of the list of hardware components detected by polling the network.
  • Viewing the list of operating system images available for remote installation.

Yes.

Yes.

Vulnerability and patch management: basic functionality

The following tasks do not require a commercial license:

  • The Find vulnerabilities and required updates task

    Through this task, Kaspersky Security Center receives the lists of detected vulnerabilities and required updates for the third-party software installed on the managed devices.

  • The Install Windows Update updates task

    This task can be used to install Windows Update updates only. To use this task, you must manually specify the required updates in the task settings.

  • The Fix vulnerabilities task

    The Fix vulnerabilities task uses recommended fixes for Microsoft software and user fixes for third-party software. To use this task, you must manually specify user fixes for vulnerabilities in the task settings.

Yes.

Yes.

Vulnerability and patch management: advanced functionality

The following functions are available:

  • Remote installation of software updates and fixing of vulnerabilities automatically, according to the rules that you define.
  • Usage of Administration Server as the Windows Server Update Services (WSUS) server to provide updates to Windows Update services on devices in centralized mode and with the set frequency.

No.

Yes.

Mobile Device Management feature in MMC-based Administration Console

The Mobile Device Management feature is used to manage Exchange ActiveSync (EAS) and iOS MDM mobile devices.

The following functions are available for Exchange ActiveSync mobile devices:

  • Adding new devices under management of Kaspersky Security Center.
  • Creation and editing of mobile device management profiles, assignment of profiles to users' mailboxes.
  • Configuration of mobile devices (email synchronization, apps usage, user password, data encryption, connection of removable drives).
  • Installation of certificates on mobile devices.

The following functions are available for iOS MDM devices:

  • Adding new devices under management of Kaspersky Security Center.
  • Creating and editing configuration profiles, and installing configuration profiles on mobile devices.
  • Installing applications on mobile devices through App Store or using manifest files (.plist).
  • Locking mobile devices, resetting the mobile device password, and deleting all data from the mobile device.

The following functions are available for Android devices:

  • Adding new devices under management of Kaspersky Security Center.
  • Managing Kaspersky Endpoint Security for Android through policy.

In addition, Mobile Devices Management allows executing commands provided by relevant protocols.

The management unit for Mobile Devices Management is a mobile device. A mobile device is considered to be managed after it is connected to the Mobile Devices Server.

No.

Yes.

(A license key must be added to the Administration Server properties.)

Mobile device protection in Kaspersky Security Center Web Console

Kaspersky Security Center Web Console provides you with the following features to manage Android and iOS mobile devices:

  • Adding new devices under management of Kaspersky Security Center.
  • Managing Kaspersky Endpoint Security for Android and Kaspersky Security for iOS through policies.
  • Sending commands to the mobile devices through relevant protocols and executing the commands.

No.

Yes.

(A license key must be added on each mobile device.)

Systems management

The following functions are available:

  • Installation of operating systems and applications.

    Kaspersky Security Center allows you to create operating system images and deploy them on client devices on the network, as well as perform remote installation of applications by Kaspersky or other vendors. You can capture operating system images from devices and transfer those images to the Administration Server. Such images of operating systems are stored on the Administration Server in a dedicated folder. The operating system image of a reference device is captured and then created through an installation package creation task. You can use the images received for deployment on new networked devices on which no operating system has been installed yet. A technology named Preboot eXecution Environment (PXE) is used in this case.

  • Licensed applications group management.
  • Remote permission of connection to client devices through a component of Microsoft Windows named Remote Desktop Connection.
  • Remote connection to client devices through Windows Desktop Sharing.
  • Remote connection through Kaspersky Remote Desktop Session Viewer.

No.

Yes.

Integration with cloud environments

Kaspersky Security Center not only works with on-premises devices, but also provides special features for working in a cloud environment, such as Cloud Environment Configuration Wizard. Kaspersky Security Center works with the following virtual machines:

  • Amazon EC2 instances
  • Microsoft Azure virtual machines
  • Google Cloud virtual machines instances
  • Yandex.Cloud virtual machines

No.

Yes.

Exporting events to SIEM systems: using the Syslog protocol

Using the Syslog protocol, you can relay any events that occur on the Kaspersky Security Center Administration Server and in Kaspersky applications that are installed on managed devices. The Syslog protocol is a standard message-logging protocol. You can use it to export events to any SIEM system.

Yes.

Yes.

Exporting events to SIEM systems: QRadar by IBM and ArcSight by Micro Focus

Event export can be used within centralized systems that deal with security issues on an organizational and technical level, provide security monitoring services, and consolidate information from different solutions. These are SIEM systems, which provide real-time analysis of security alerts and events generated by network hardware and applications, or Security Operation Centers (SOCs).

Under a special license, you can use the CEF and LEEF protocols to export to SIEM systems general events, as well as the events transferred by Kaspersky applications to the Administration Server.

LEEF (Log Event Extended Format) is a customized event format for IBM Security QRadar SIEM. QRadar can integrate, identify, and process LEEF events. LEEF events must use UTF-8 character encoding. You can find detailed information on LEEF protocol in IBM Knowledge Center.

CEF (Common Event Format) is an open log management standard that improves the interoperability of security-related information from different security and network devices and applications. CEF enables you to use a common event log format so that data can easily be integrated and aggregated for analysis by an enterprise management system. ArcSight and Splunk SIEM systems use this protocol.

No.

Yes.

See also:

Scenario: Installation and initial setup of Kaspersky Security Center Web Console

Licenses and features of Kaspersky Security Center 14
Page top
[Topic 65277]

Licensing features of Kaspersky Security Center and managed applications

Licensing of Administration Server and managed applications involves the following:

  • You can add license key or valid activation code to an Administration Server to activate Vulnerability and Patch Management, Mobile Device Management, or Integration with the SIEM systems. Some features of Kaspersky Security Center are only accessible depending on active key files or valid activation codes added to the Administration Server.
  • You can add multiple activation codes and key files for managed applications to the Administration Server repository.

About Kaspersky Security Center licensing

If you activated one of the licensed features (for example, Mobile Device Management) using a key file, but you also want to use another licensed feature (for example, Vulnerability and Patch Management), you must purchase from your service provider a key file that activates both these features and you must activate Administration Server by using this key file.

Licensing features of managed applications

For licensing of managed applications, an activation code or key file can be deployed automatically or in any other convenient way. The following methods can be applied to deploy an activation code or key file:

  • Automatic deployment

    If you use different managed applications and you have to deploy a specific key file or activation code to devices, opt for other ways of deploying that activation code or key file.

    Kaspersky Security Center allows you to automatically deploy available license keys to devices. For example, three license keys are stored in the Administration Server repository. You have selected the Automatically distribute license key to managed devices check box for all three license keys. A Kaspersky security application—for example, Kaspersky Endpoint Security for Windows—is installed on the organization's devices. A new device is discovered to which a license key must be deployed. The application determines, for instance, that two of the license keys from the repository can be applied to the device: license key named Key_1 and license key named Key_2. One of these license keys is deployed to the device. In this case, it cannot be predicted which of the two license keys will be deployed to the device because automatic deployment of license keys does not provide for any administrator activity.

    When a license key is deployed, the devices are recounted for that license key. You must make sure that the number of devices to which the license key was deployed does not exceed the license limit. If the number of devices exceeds the license limit, all devices that were not covered by the license will be assigned Critical status.

  • Adding a key file or activation code to the installation package of a managed application

    If you install a managed application using an installation package, you can specify an activation code or key file in this installation package or in the policy of the application. The license key will be deployed to managed devices at the next synchronization of the device with the Administration Server.

  • Deployment through the add license key task for a managed application

    If you opt for using the add license key task for a managed application, you can select the license key that must be deployed to devices and select the devices in any convenient way—for example, by selecting an administration group or a device selection.

  • Adding an activation code or a key file manually to the devices

See also:

Licenses and features of Kaspersky Security Center 14

Main installation scenario
Page top
[Topic 173097]