Kaspersky Security Center 14 Windows

Kaspersky Security Center licensing options

Expand all | Collapse all

Kaspersky Security Center can work in the following modes:

  • Basic functionality of Administration Console

    Kaspersky Security Center works in this mode before the application is activated or after the commercial license expires. Kaspersky Security Center with support of the basic functionality of Administration Console is delivered as a part of Kaspersky applications for protection of corporate networks. You can also download it from Kaspersky website.

  • Commercial license

    If you need additional functionality which is not included in the basic functionality of Administration Console, you must purchase a commercial license.

    When adding a license key in the Administration Server properties window, ensure that you add a license key that lets you use Kaspersky Security Center. You can find this information at the Kaspersky website. Each solution webpage contains the list of applications included in this solution. Administration Server may accept unsupported license keys, for example a license key for Kaspersky Endpoint Security Cloud, but such license keys provide no new features in addition to the basic functionality of Administration Console.

Feature or property

Kaspersky Security Center operation mode

 

No license

Commercial license

Basic functionality of Administration Console

The following functions are available:

  • Creation of virtual Administration Servers that are used to administer a network of remote offices or client organizations.
  • Creation of a hierarchy of administration groups to manage specific devices as a single entity.
  • Remote installation of applications.
  • Centralized configuration of applications installed on client devices.
  • Control of the anti-virus security status of an organization.
  • Management of user roles.
  • Statistics and reports on the application's operation, as well as notifications about critical events.
  • Centralized operations with files that were moved to Quarantine or Backup and files whose processing was postponed.
  • Encryption and data protection management.
  • Viewing and editing existing licensed applications groups.
  • Viewing and manual editing of the list of hardware components detected by polling the network.
  • Viewing the list of operating system images available for remote installation.

Yes.

Yes.

Vulnerability and patch management: basic functionality

The following tasks do not require a commercial license:

  • The Find vulnerabilities and required updates task

    Through this task, Kaspersky Security Center receives the lists of detected vulnerabilities and required updates for the third-party software installed on the managed devices.

  • The Install Windows Update updates task

    This task can be used to install Windows Update updates only. To use this task, you must manually specify the required updates in the task settings.

  • The Fix vulnerabilities task

    The Fix vulnerabilities task uses recommended fixes for Microsoft software and user fixes for third-party software. To use this task, you must manually specify user fixes for vulnerabilities in the task settings.

Yes.

Yes.

Vulnerability and patch management: advanced functionality

The following functions are available:

  • Remote installation of software updates and fixing of vulnerabilities automatically, according to the rules that you define.
  • Usage of Administration Server as the Windows Server Update Services (WSUS) server to provide updates to Windows Update services on devices in centralized mode and with the set frequency.

No.

Yes.

Mobile Device Management feature in MMC-based Administration Console

The Mobile Device Management feature is used to manage Exchange ActiveSync (EAS) and iOS MDM mobile devices.

The following functions are available for Exchange ActiveSync mobile devices:

  • Adding new devices under management of Kaspersky Security Center.
  • Creation and editing of mobile device management profiles, assignment of profiles to users' mailboxes.
  • Configuration of mobile devices (email synchronization, apps usage, user password, data encryption, connection of removable drives).
  • Installation of certificates on mobile devices.

The following functions are available for iOS MDM devices:

  • Adding new devices under management of Kaspersky Security Center.
  • Creating and editing configuration profiles, and installing configuration profiles on mobile devices.
  • Installing applications on mobile devices through App Store or using manifest files (.plist).
  • Locking mobile devices, resetting the mobile device password, and deleting all data from the mobile device.

The following functions are available for Android devices:

  • Adding new devices under management of Kaspersky Security Center.
  • Managing Kaspersky Endpoint Security for Android through policy.

In addition, Mobile Devices Management allows executing commands provided by relevant protocols.

The management unit for Mobile Devices Management is a mobile device. A mobile device is considered to be managed after it is connected to the Mobile Devices Server.

No.

Yes.

(A license key must be added to the Administration Server properties.)

Mobile device protection in Kaspersky Security Center Web Console

Kaspersky Security Center Web Console provides you with the following features to manage Android and iOS mobile devices:

  • Adding new devices under management of Kaspersky Security Center.
  • Managing Kaspersky Endpoint Security for Android and Kaspersky Security for iOS through policies.
  • Sending commands to the mobile devices through relevant protocols and executing the commands.

No.

Yes.

(A license key must be added on each mobile device.)

Systems management

The following functions are available:

  • Installation of operating systems and applications.

    Kaspersky Security Center allows you to create operating system images and deploy them on client devices on the network, as well as perform remote installation of applications by Kaspersky or other vendors. You can capture operating system images from devices and transfer those images to the Administration Server. Such images of operating systems are stored on the Administration Server in a dedicated folder. The operating system image of a reference device is captured and then created through an installation package creation task. You can use the images received for deployment on new networked devices on which no operating system has been installed yet. A technology named Preboot eXecution Environment (PXE) is used in this case.

  • Licensed applications group management.
  • Remote permission of connection to client devices through a component of Microsoft Windows named Remote Desktop Connection.
  • Remote connection to client devices through Windows Desktop Sharing.
  • Remote connection through Kaspersky Remote Desktop Session Viewer.

No.

Yes.

Integration with cloud environments

Kaspersky Security Center not only works with on-premises devices, but also provides special features for working in a cloud environment, such as Cloud Environment Configuration Wizard. Kaspersky Security Center works with the following virtual machines:

  • Amazon EC2 instances
  • Microsoft Azure virtual machines
  • Google Cloud virtual machines instances
  • Yandex.Cloud virtual machines

No.

Yes.

Exporting events to SIEM systems: using the Syslog protocol

Using the Syslog protocol, you can relay any events that occur on the Kaspersky Security Center Administration Server and in Kaspersky applications that are installed on managed devices. The Syslog protocol is a standard message-logging protocol. You can use it to export events to any SIEM system.

Yes.

Yes.

Exporting events to SIEM systems: QRadar by IBM and ArcSight by Micro Focus

Event export can be used within centralized systems that deal with security issues on an organizational and technical level, provide security monitoring services, and consolidate information from different solutions. These are SIEM systems, which provide real-time analysis of security alerts and events generated by network hardware and applications, or Security Operation Centers (SOCs).

Under a special license, you can use the CEF and LEEF protocols to export to SIEM systems general events, as well as the events transferred by Kaspersky applications to the Administration Server.

LEEF (Log Event Extended Format) is a customized event format for IBM Security QRadar SIEM. QRadar can integrate, identify, and process LEEF events. LEEF events must use UTF-8 character encoding. You can find detailed information on LEEF protocol in IBM Knowledge Center.

CEF (Common Event Format) is an open log management standard that improves the interoperability of security-related information from different security and network devices and applications. CEF enables you to use a common event log format so that data can easily be integrated and aggregated for analysis by an enterprise management system. ArcSight and Splunk SIEM systems use this protocol.

No.

Yes.

See also:

Scenario: Installation and initial setup of Kaspersky Security Center Web Console

Licenses and features of Kaspersky Security Center 14

Page top
[Topic 65277]