Kaspersky Embedded Systems Security for Linux
3.3.0
English

Contents

Installing the application

You need to prepare for installation before installing Kaspersky Embedded Systems Security.

This scenario describes how to install and perform post-installation configuration of Kaspersky Embedded Systems Security, how to install and configure Kaspersky Security Center Network Agent and how to install Kaspersky Embedded Systems Security administration plug-ins.

The installation and post-installation configuration of Kaspersky Embedded Systems Security and Kaspersky Security Center proceeds in stages:

  1. Installation and post-installation configuration of the Network Agent

    If you plan to manage Kaspersky Embedded Systems Security using Kaspersky Security Center, install Kaspersky Security Center Network Agent and configure its settings.

  2. Installing Kaspersky Embedded Systems Security administration plug-ins

    If you plan to manage Kaspersky Embedded Systems Security using Kaspersky Security Center, install the following Kaspersky Embedded Systems Security administration plug-ins depending on the administration console you want to use to interact with Kaspersky Security Center:

    • The Kaspersky Embedded Systems Security MMC administration plug-in lets you manage the application using Kaspersky Security Center Administration Console;
    • The Kaspersky Embedded Systems Security administration web plug-in lets you manage the application using Kaspersky Security Center Cloud Console and Kaspersky Security Center Web Console.
  3. Installing application packages and graphical user interface

    Kaspersky Embedded Systems Security and the graphical user interface are distributed in DEB and RPM format packages. Install Kaspersky Embedded Systems Security and, if necessary, the graphical user interface from packages in the appropriate format.

    You can install the application using the command line or using Kaspersky Security Center by means of the Administration Console or Kaspersky Security Center Web Console.

  4. Kaspersky Embedded Systems Security post-installation configuration

    The post-installation configuration must be performed to enable the protection of the client device.

    If you installed Kaspersky Embedded Systems Security using the command line, run the initial configuration script or perform the post-installation configuration in automatic mode.

    If you installed Kaspersky Embedded Systems Security using Kaspersky Security Center, go through the Getting started procedure and activate the application.

In this Help section

Deploying the application using the command line

Installing and configuring Kaspersky Security Center Network Agent

Installing Kaspersky Embedded Systems Security administration plug-ins

Deploying the application using Kaspersky Security Center

Running the application on Astra Linux in closed software environment mode

Configuring permissive rules in the SELinux system
Page top
[Topic 248501]

Deploying the application using the command line

Kaspersky Embedded Systems Security is distributed in the DEB and RPM packages. There are separate packages for the application and for the graphical user interface.

You can perform the following actions when installing the application:

  • Install only the application package, without the graphical user interface.
  • Install the graphical user interface package.

    It is not possible to install the graphical user interface package on a client device that does not have the application package installed.

If the version of the apt package manager is lower than 1.1.X, use the dpkg/rpm package manager (depending on the operating system) for installation.

After the application installation using the command line is completed, perform the post-installation configuration of the application by running the post-installation configuration script or in the automatic mode.

In this section

Installing the application using the command line

Post-installation configuration of the application in interactive mode

Post-installation configuration of the application in automatic mode

Settings in the configuration file for post-installation configuration
Page top
[Topic 198107]

Installing the application using the command line

Installing the application package without a graphical user interface

To install Kaspersky Embedded Systems Security from an RPM package on a 32-bit operating system, execute the following command:

# rpm -i kess-3.3.0-<build number>.i386.rpm

To install Kaspersky Embedded Systems Security from an RPM package on a 64-bit operating system, execute the following command:

# rpm -i kess-3.3.0-<build number>.x86_64.rpm

To install Kaspersky Embedded Systems Security from a DEB package on a 32-bit operating system, execute the following command:

# apt-get install ./kess_3.3.0-<build number>_i386.deb

To install Kaspersky Embedded Systems Security from a DEB package on a 64-bit operating system, execute the following command:

# apt-get install ./kess_3.3.0-<build number>_amd64.deb

Installing the graphical user interface package

To install the graphical user interface from the RPM package to a 32-bit operating system, execute the following command:

# rpm -i kess-gui-3.3.0-<build number>.i386.rpm

To install the graphical user interface from the RPM package to a 64-bit operating system, execute the following command:

# rpm -i kess-gui-3.3.0-<build number>.x86_64.rpm

To install the graphical user interface from the DEB package to a 32-bit operating system, execute the following command:

# apt-get install ./kess-gui_3.3.0-<build number>_i386.deb

To install the graphical user interface from the DEB package to a 64-bit operating system, execute the following command:

# apt-get install ./kess-gui_3.3.0-<build number>_amd64.deb

Page top
[Topic 233694]

Post-installation configuration of the application in interactive mode

After installing Kaspersky Embedded Systems Security using the command line, perform the post-installation configuration of the application by running the post-installation configuration script. The post-installation configuration script is included in the Kaspersky Embedded Systems Security distribution kit.

Performing the post-installation configuration after installing the application using the command line is required to enable the protection of the client device.

To run the Kaspersky Embedded Systems Security post-installation configuration script, execute the following command:

# /opt/kaspersky/kess/bin/kess-setup.pl

The post-installation configuration must be run with root privileges after the installation of Kaspersky Embedded Systems Security package is finished. The script requests the values of Kaspersky Embedded Systems Security settings step-by-step. The script finishing and the console being released indicate that the post-installation configuration is completed.

To check the return code, execute the following command:

echo $?

If the command returns code 0, the initial application setup is finished successfully.

Kaspersky Embedded Systems Security can protect the device only after the application databases are updated.

In this section

Selecting the locale

Viewing the End User License Agreement and the Privacy Policy

Accepting the End User License Agreement

Accepting the Privacy Policy

Using Kaspersky Security Network

Assigning the Administrator role to a user

Determining the file operation interceptor type

Enabling automatic configuration of SELinux

Configuring the update source

Configuring proxy server settings

Downloading application databases

Enabling automatic application database update

Application activation
Page top
[Topic 197897]

Selecting the locale

At this step, the application displays the list of supported locale identifiers in RFC 3066 format.

Specify the locale in the format as identified in this list. This locale will be used for application events sent to Kaspersky Security Center, as well as for the texts of the License Agreement, Privacy Policy, and Kaspersky Security Network Statement.

The locale of the graphical interface and the application command line depends on the value of the LANG environment variable. If the locale that is not supported by Kaspersky Embedded Systems Security is specified as the value of the LANG environment variable, the graphical interface and the command line are displayed in English.

Page top
[Topic 197898]

Viewing the End User License Agreement and the Privacy Policy

At this step, read the End User License Agreement concluded between you and Kaspersky, and the Privacy Policy describing the handling and transmission of data.

Page top

[Topic 199016]

Accepting the End User License Agreement

At this step, you must either accept or decline the terms of the End User License Agreement.

After exiting viewing mode, enter one of the following values:

  • yes (or y), if you accept the terms of the End User License Agreement.
  • no (or n), if you do not accept the terms of the End User License Agreement.

If you do not accept the terms of the End User License Agreement, the application terminates Kaspersky Embedded Systems Security setup process.

Page top

[Topic 197899]

Accepting the Privacy Policy

At this step, you must either accept or decline the terms of the Privacy Policy.

After exiting viewing mode, enter one of the following values:

  • yes (or y), if you accept the terms of the Privacy Policy.
  • no (or n), if you do not accept the terms of the Privacy Policy.

If you do not accept the terms of the Privacy Policy, the application terminates Kaspersky Embedded Systems Security setup process.

Page top
[Topic 197900]

Using Kaspersky Security Network

At this step, you must either accept or decline the terms of use of the Kaspersky Security Network Statement. The file ksn_license.<language ID> containing the text of the Kaspersky Security Network Statement is located in the directory /opt/kaspersky/kess/doc/.

Enter one of the following values:

Refusing to use Kaspersky Security Network will not halt the Kaspersky Embedded Systems Security installation process. You can enable, disable, or change the Kaspersky Security Network mode at any time.

Page top

[Topic 197901]

Assigning the Administrator role to a user

At this step, you can grant the administrator (admin) role to the user.

Enter the name of the user to whom you want to grant the administrator role.

You can grant the administrator role to the user later at any time.

Page top

[Topic 206406]

Determining the file operation interceptor type

At this step, the file operation interceptor type for the utilized operating system is determined. For operating systems that do not support fanotify technology, kernel module compilation will begin.

If the necessary packages are not detected during the kernel module compilation process, Kaspersky Embedded Systems Security will prompt you to install them. If the package download fails, an error message will be displayed.

If all the required packages are available, the kernel module will be automatically compiled when the File Threat Protection task starts.

You can compile the kernel module later after completing the Kaspersky Embedded Systems Security post-installation configuration.

Page top

[Topic 197903]

Enabling automatic configuration of SELinux

This step is displayed only if SELinux is installed on your operating system.

At this step, you can enable automatic configuration of SELinux for working with Kaspersky Embedded Systems Security.

Enter yes to enable automatic configuration of SELinux. If SELinux cannot be configured automatically, the application displays an error message and prompts the user to configure SELinux manually.

Enter no if you do not want the application to automatically configure SELinux.

By default, the application suggests yes.

If necessary, you can manually configure SELinux to work with the application later, after the initial setup of Kaspersky Embedded Systems Security is complete.

Page top
[Topic 237159]

Configuring the update source

At this step, specify the update sources for databases and application modules.

Enter one of the following values:

  • KLServers: the application receives updates from one of the Kaspersky update servers.
  • SCServer: the application downloads updates to the protected device from Kaspersky Security Center Administration Server installed in your organization. You can select this update source if you use Kaspersky Security Center for centralized administration of device protection in your organization.
  • <URL>: the application downloads updates from a custom source. You can specify the address of the custom source of updates in the local area network or on the Internet.
  • <path> – the application receives updates from the specified directory.

Page top

[Topic 197904]

Configuring proxy server settings

At this step, you must specify the proxy server settings if you are using a proxy server to access the Internet. Internet connection is required to download the application databases from the update servers.

To configure proxy server settings, perform one of the following actions:

  • If you use a proxy server to connect to the Internet, specify the address of the proxy server using one of the following formats:
    • <IP address of the proxy server>:<port number>, if the proxy server connection does not require authentication;
    • <user name>:<password>@<IP address of the proxy server>:<port number>, if the proxy server connection requires authentication.

      When connecting via an HTTP proxy, we recommend to use a separate account that is not used to sign in to other systems. An HTTP proxy uses an insecure connection, and the account may be compromised.

  • If you do not use a proxy server to connect to the Internet, enter no as your answer.

By default, the application suggests no.

You can configure the proxy server settings later, without using the post-installation configuration script.

Page top
[Topic 197905]

Downloading application databases

At this step, you can download the application databases to the client device. The application databases contain descriptions of the threat signatures and methods of countering them. The application uses these records when searching and neutralizing threats. Kaspersky virus analysts regularly add new records about threats.

To download the application databases to the device, enter yes.

If you do not want to immediately download the application databases, enter no.

By default, the application suggests yes.

Kaspersky Embedded Systems Security protects the device only after the application databases are downloaded.

You can start the Update task without using the post-installation configuration script.

Page top
[Topic 197906]

Enabling automatic application database update

At this step, you can enable automatic update of the application databases.

Enter yes to enable automatic application database update. By default, the application checks for available database updates every 60 minutes. If updates are available, the application downloads the updated databases.

Enter no if you do not want the application to automatically update the databases.

You can enable automatic database update later without using the post-installation configuration by configuring the update task schedule.

Page top
[Topic 197907]

Application activation

At this step, you can activate the application using an activation code or a key file.

To activate the application using an activation code, enter the activation code.

To activate the application using a key file, specify the full path to the key file.

If no activation code or key file is specified, the application is activated using a trial key for one month.

You can activate the application without using the post-installation configuration script.

Page top
[Topic 197908]

Post-installation configuration of the application in automatic mode

You can perform post-installation configuration of the application in automatic mode.

To start the post-installation configuration of the application in automatic mode, run the following command:

# /opt/kaspersky/kess/bin/kess-setup.pl --autoinstall=<post-installation configuration file>

where <post-installation configuration file> is a path to the configuration file that contains post-installation configuration settings. You can create this file or copy the necessary structure from the autoinstall.ini configuration file used for remote installation of the application using Kaspersky Security Center.

When the post-installation configuration script is finished and releases the console, the post-installation configuration of the application is complete.

To check the return code, execute the following command:

echo $?

If the command returns code 0, the initial application setup is finished successfully.

Kaspersky Embedded Systems Security protects the device only after the application databases are updated.

To correctly update application modules after the script has finished, you may need to restart the application. Check the status of updates for the application using the kess-control --app-info command.

Page top
[Topic 197909]

Settings in the configuration file for post-installation configuration

The configuration file for the post-installation configuration must contain the settings listed in the table below.

Settings in the configuration file for post-installation configuration

Setting

Description

Values

EULA_AGREED

Required setting.

Acceptance of the terms of the End User License Agreement.

yes: accept the terms of the End User License Agreement to continue the application installation.

no: do not accept the End User License Agreement. The application installation will be terminated.

PRIVACY_POLICY_AGREED

Required setting.

Acceptance of the Privacy Policy.

yes: accept the Privacy Policy to continue the application installation.

no: do not accept the Privacy Policy. The application installation will be terminated.

USE_KSN

Required setting.

Acceptance of Kaspersky Security Network Statement.

yes – accept Kaspersky Security Network Statement.

no – do not accept Kaspersky Security Network Statement.

LOCALE

Optional setting.

The locale used for the application events sent to Kaspersky Security Center.

Locale in the format specified by RFC 3066.

If the Locale setting is not specified, the operating system locale is used. If the application fails to determine the operating system localization language or the operating system localization is not supported, the default value will be used – en_US.utf8.

The locale of the graphical interface and the application command line depends on the value of the LANG environment variable. If the locale that is not supported by Kaspersky Embedded Systems Security is specified as the value of the LANG environment variable, the graphical interface and the command line are displayed in English.

INSTALL_LICENSE

Activation code or key file.

 

UPDATER_SOURCE

Update source.

SCServer – use the Kaspersky Security Center Administration Server as the update source.

KLServers – use Kaspersky servers as the update source.

Update source address

PROXY_SERVER

Address of the proxy server used to connect to the Internet.

Proxy server address

UPDATE_EXECUTE

Start application database update task during setup.

yes – start update task.

no – do not start update task.

KERNEL_SRCS_INSTALL

Automatic start of kernel module compilation.

yes – compile kernel module.

no – do not compile kernel module.

ADMIN_USER

A user to whom you can grant the administrator role (admin).

 

CONFIGURE_SELINUX

Automatic configuration of SELinux for working with Kaspersky Embedded Systems Security.

yes – configure SELinux to work with Kaspersky Embedded Systems Security.

no – do not configure SELinux to work with Kaspersky Embedded Systems Security.

If you want to change the settings in the configuration file for initial setup of the application, specify the values of settings in the following format: <setting name>=<setting value> (the application does not process spaces between the name of a setting and its value).

Page top

[Topic 236947]

Installing and configuring Kaspersky Security Center Network Agent

Network Agent must be installed in order to manage Kaspersky Embedded Systems Security via Kaspersky Security Center.

Network Agent facilitates the client device's connection with the Kaspersky Security Center Administration Server. It must be installed on every client device that will be connected to Kaspersky Security Center, the centralized remote management system.

You can perform installation and post-installation configuration of Network Agent using the command line. Network Agent can also be installed and configured remotely using Kaspersky Security Center (for details, refer to Kaspersky Security Center documentation).

In this section

Installing Network Agent using the command line

Post-installation configuration of the Network Agent using the command line
Page top
[Topic 198105]

Installing Network Agent using the command line

The Network Agent installation process must be started with root privileges.

To install Network Agent from an RPM package to a 32-bit operating system, execute the following command:

# rpm -i klnagent-<build number>.i386.rpm

To install Network Agent from an RPM package to a 64-bit operating system, execute the following command:

# rpm -i klnagent64-<build number>.x86_64.rpm

To install Network Agent from a DEB package to a 32-bit operating system, execute the following command:

# apt-get install ./klnagent_<build number>_i386.deb

To install Network Agent from a DEB package to a 64-bit operating system, execute the following command:

# apt-get install ./klnagent64_<build number>_amd64.deb

After installing the package, perform post-installation configuration of the Network Agent.

Page top
[Topic 237152]

Post-installation configuration of the Network Agent using the command line

To configure Network Agent settings:

  1. Execute the command:
    • for a 32-bit operating system:

      # /opt/kaspersky/klnagent/lib/bin/setup/postinstall.pl

    • for a 64-bit operating system:

      # /opt/kaspersky/klnagent64/lib/bin/setup/postinstall.pl

  2. Accept the End User License Agreement.
  3. Specify the DNS name or IP address of the Administration Server.
  4. Specify the port number of the Administration Server.

    Port 14000 is used by default.

  5. If you want to use an SSL connection, specify the SSL port number of the Administration Server.

    Port 13000 is used by default.

  6. Do one of the following:
    • Enter yes if you want to use an SSL connection.
    • Enter no if you do not want to use an SSL connection.

    By default, SSL connection is enabled.

  7. If necessary, specify the connection gateway usage mode:
    • 1—Do not configure a connection gateway.
    • 2—Do not use a connection gateway.
    • 3—Connect to the Administration Server using a connection gateway.
    • 4—Use the Network Agent as a connection gateway.

    The default value is the first option.

For more detailed information about configuring Network Agent, please refer to the Kaspersky Security Center documentation.

Page top

[Topic 197913]

Installing Kaspersky Embedded Systems Security administration plug-ins

The following Kaspersky Embedded Systems Security administration plug-ins are used to manage Kaspersky Embedded Systems Security using Kaspersky Security Center:

  • The Kaspersky Embedded Systems Security MMC administration plug-in lets you manage the application using the Kaspersky Security Center Administration Console.
  • The Kaspersky Embedded Systems Security administration web plug-in lets you manage the application using the Kaspersky Security Center Cloud Console and the Kaspersky Security Center Web Console.

In this section

About Kaspersky Embedded Systems Security MMC administration plug-in

About Kaspersky Embedded Systems Security administration web plug-in
Page top
[Topic 233554]

About Kaspersky Embedded Systems Security MMC administration plug-in

The Kaspersky Embedded Systems Security MMC administration plug-in (hereinafter also referred to as the MMC plug-in) facilitates interaction between Kaspersky Embedded Systems Security and Kaspersky Security Center using the Administration Console. The MMC plug-in lets you manage Kaspersky Embedded Systems Security using policies and tasks.

The MMC plug-in must be installed on the same client device where Kaspersky Security Center Administration Console is installed.

Before installing Kaspersky Embedded Systems Security MMC administration plug-in, make sure that Kaspersky Security Center and Redist C++ 2015 (Microsoft Visual C++ 2015 Redistributable) are installed.

For more details about administration plug-ins, refer to Kaspersky Security Center documentation.

Page top
[Topic 198108]

About Kaspersky Embedded Systems Security administration web plug-in

Kaspersky Embedded Systems Security management web plug-in (hereinafter also referred to as web plug-in) facilitates interaction between Kaspersky Embedded Systems Security and Kaspersky Security Center using Kaspersky Security Center Web Console and Kaspersky Security Center Cloud Console. The web plug-in allows you to manage Kaspersky Embedded Systems Security using policies and tasks.

The web plug-in must be installed on the client device that has Kaspersky Security Center Web Console installed. The functionality of the web plug-in is available to all administrators who have access to Kaspersky Security Center Web Console in a browser.

You can view the list of installed web plug-ins in Kaspersky Security Center Web Console interface: Console settingsWeb plug-ins. For more information about compatibility of the web plug-in and Kaspersky Security Center Web Console versions, refer to Kaspersky Security Center documentation.

If you select a language that is not included in Kaspersky Embedded Systems Security distribution package in the properties of Kaspersky Security Center Administration Server, the License Agreement and the entire Kaspersky Security Center Web Console interface will be displayed in English.

Installing the web plug-in

You can install the web plug-in as follows:

  • Using the Quick Start Wizard for Kaspersky Security Center Web Console.

    Kaspersky Security Center Web Console automatically prompts you to run the Initial Setup Wizard when connecting Web Console to the Administration Server for the first time. You can also run the Initial Setup Wizard in the Web Console interface (Device discovery and deploymentDeployment and assignmentInitial Setup Wizard). The Initial Configuration Wizard can also check if the installed web plug-ins are up to date and download the necessary updates. For more information on the Initial Setup Wizard for Kaspersky Security Center Web Console, please refer to Kaspersky Security Center documentation.

  • From the list of available distribution kits in Kaspersky Security Center Web Console.

    To install the web plug-in, select the web plug-in distribution kit in the Web Console interface: Console settingsWeb plug-ins. The list of available distribution packages is updated automatically after new versions of Kaspersky applications are released.

  • Download the distribution kit to Kaspersky Security Center Web Console from an external source.

    To install the web plug-in, add the ZIP-archive of the web plug-in distribution kit in the Web Console interface: Console settingsWeb plug-ins. The distribution kit of the web plug-in can be downloaded on the Kaspersky website, for example. For a local version of the application, additionally upload a text file that contains a signature.

Updating the web plug-in

If a new version of the web plug-in becomes available, Kaspersky Security Center Web Console displays the Updates are available for utilized plug-ins notification. You can proceed to update the web plug-in version from this Web Console notification. You can also manually check for new web plug-in updates in the Web Console interface (Console settingsWeb plug-ins). The previous version of the web plug-in will be automatically removed during the update.

When the web plug-in is updated, already existing components (for example, policies or tasks) are saved. The new settings of components implementing new functions of Kaspersky Embedded Systems Security will appear in existing components and will have the default values.

You can update the web plug-in as follows:

  • In the list of web plug-ins in online mode.

    To update the web plug-in, select the distribution package of Kaspersky Embedded Systems Security web plug-in in the Kaspersky Security Center Web Console interface (Console settingsWeb plug-ins) and run the update. Web Console checks for available updates on Kaspersky servers and downloads the relevant updates.

  • From file.

    To update the web plug-in, select the ZIP-archive of the distribution package of Kaspersky Embedded Systems Security web plug-in in the Kaspersky Security Center Web Console interface: Console settingsWeb plug-ins. The distribution kit of the web plug-in can be downloaded on the Kaspersky website, for example. For a local version of the application, additionally upload a text file that contains a signature.

    You can only update the web plug-in to a more recent version. The web plug-in cannot be updated to an older version.

If any component is opened (such as a policy or task), the web plug-in checks its compatibility information. If the version of the web plug-in is equal to or later than the version specified in the compatibility information, you can change the settings of this component. Otherwise, you cannot use the web plug-in to change the settings of the selected component. It is recommended to update the web plug-in.

Page top
[Topic 202111]

Deploying the application using Kaspersky Security Center

You can install Kaspersky Embedded Systems Security on a client device remotely from the administrator's workstation using Kaspersky Security Center, by means of the Administration Console or Kaspersky Security Center Web Console.

You can deploy Kaspersky Embedded Systems Security on the devices in the corporate network in the following ways:

  • Using the Protection Deployment Wizard.

    This installation method is recommended if you are satisfied with the default application settings and your organization has a simple infrastructure that does not require special configuration.

  • Using the remote installation task.

    The universal installation method allowing you to configure the application settings and flexibly manage the remote installation tasks.

For the remote installation, Kaspersky Embedded Systems Security installation package is used. An installation package is a set of files created for remote installation of Kaspersky applications using Kaspersky Security Center. The installation package contains the settings required to install the application and ensure its operation immediately after the installation. The values of the settings correspond to the default values of the application settings. The installation package is created using the .kud file included in the application distribution kit. Kaspersky Embedded Systems Security installation package is common for all supported operating systems and processor architecture types.

To manage the operation of Kaspersky Embedded Systems Security installed on the client devices using Kaspersky Security Center, assign these devices to the

administration groups
. Before starting Kaspersky Embedded Systems Security installation, you can create Kaspersky Security Center administration groups to which you want to move the devices with the application installed, and configure the rules to automatically move the devices to these administration groups. If rules for moving devices to the administration groups are not configured, Kaspersky Security Center moves all the devices that have the Administration Agent installed and are connected to Administration Server to the Unassigned devices list. In this case, you need to manually move computers to the administration groups (refer to Kaspersky Security Center documentation for details).

In this section

Installing Kaspersky Embedded Systems Security using the Administration Console

Installing Kaspersky Embedded Systems Security using the Web Console

Getting started using Kaspersky Security Center

Activating the application using Kaspersky Security Center
Page top
[Topic 197922]

Installing Kaspersky Embedded Systems Security using the Administration Console

You can install Kaspersky Embedded Systems Security on a client device remotely from the administrator's workstation using Kaspersky Security Center Administration Console.

It is installed using the Remote Installation Wizard or using the remote installation task (for details refer to Kaspersky Security Center documentation).

Remote installation uses a

Kaspersky Embedded Systems Security installation package
that contains the settings required to install the application. You can create an installation package manually.

In this section

Creating an installation package

Autoinstall.ini configuration file settings
Page top
[Topic 198115]

Creating an installation package

To create a Kaspersky Embedded Systems Security installation package:

  1. Download the kess.zip archive from the application download page. It is located in the Kaspersky Embedded Systems Security for Linux -> Additional distribution section, in the Files for Product remote installation subsection.
  2. Unpack the files from the kess.zip archive to a folder accessible by Kaspersky Security Center Administration Server. Place the distribution files, that correspond to the type of operating system where you want to install the application and the type of its package manager, to the same folder:
    • To install Kaspersky Embedded Systems Security:
      • kess-3.3.0-<build number>.i386.rpm (for 32-bit operating systems with rpm)
      • kess_3.3.0-<build number>_i386.deb (for 32-bit operating systems with dpkg)
      • kess-3.3.0-<build number>.x86_64.rpm (for 64-bit operating systems with rpm)
      • kess_3.3.0-<build number>_amd64.deb (for 64-bit operating systems with dpkg)
    • To install the graphical user interface:
      • kess-gui-3.3.0-<build number>.i386.rpm (for 32-bit operating systems with rpm)
      • kess-gui-3.3.0-<build number>_i386.deb (for 32-bit operating systems with dpkg)
      • kess-gui-3.3.0-<build number>.x86_64.rpm (for 64-bit operating systems with rpm)
      • kess-gui-3.3.0-<build number>_amd64.deb (for 64-bit operating systems with dpkg)

      If you do not want to install a graphical user interface, do not use these files; this will make the installation package smaller.

    If the graphical user interface will not be used, the next step requires you to set the parameter-value pair USE_GUI=No in the autoinstall.ini configuration file. Otherwise, the installation will fail.

    If you want to use the created installation package to install the application on several types of operating systems or package managers, place the files for all the required types of operating systems and package managers in the folder.

  3. If necessary, configure the application installation settings using the autoinstall.ini configuration file.
  4. Open the Administration Console of Kaspersky Security Center.
  5. In the console tree, select AdditionalRemote installationInstallation packages.
  6. Click the Create installation package button.

    The wizard for creating an installation package will start.

  7. In the wizard window that opens, click the Create installation package for a Kaspersky application button.
  8. Enter the name of the new installation package and proceed to the next step.
  9. Select Kaspersky Embedded Systems Security distribution package. To do this, open a standard browsing window using the Browse button and specify the path to the kess.kud file.

    The application name is displayed in the window.

    Proceed to the next step.

  10. Read the License Agreement between you and Kaspersky and the Privacy Policy that describes the processing and transmission of data.

    To continue creating the installation package, you must confirm that you have read and accept the full terms of the End User License Agreement and the Privacy Policy. To confirm, in the window that opens, select both check boxes.

    Proceed to the next step.

  11. The wizard downloads the files required to install the application to Kaspersky Security Center Administration Server. Wait for the download to finish.
  12. Complete the wizard.

The created installation package is located in the tree of the Administration Console of Kaspersky Security Center in the AdditionalRemote installationInstallation packages folder. You can use the same installation package many times.

Page top
[Topic 236944]

Autoinstall.ini configuration file settings

The autoinstall.ini configuration file contains the settings described in the following table.

Autoinstall.ini configuration file settings

Setting

Description

Values

EULA_AGREED

Required setting.

Acceptance of the terms of the End User License Agreement.

yes: accept the terms of the End User License Agreement to continue the application installation.

no – do not accept the End User License Agreement. The application installation will be terminated.

PRIVACY_POLICY_AGREED

Required setting.

Acceptance of the terms of the Privacy Policy.

yes: accept the Privacy Policy to continue installing the application.

no: do not accept the Privacy Policy. The application installation will be terminated.

USE_KSN

Acceptance of the Kaspersky Security Network Statement.

yes – accept the Kaspersky Security Network Statement.

no – do not accept the Kaspersky Security Network Statement.

LOCALE

Optional setting.

The locale used for the application events sent to Kaspersky Security Center.

Locale in the format specified by RFC 3066.

If the Locale setting is not specified, the operating system locale is used. If the application fails to determine the operating system localization language or the operating system localization is not supported, the default value will be used – en_US.utf8.

The locale of the graphical interface and the application command line depends on the value of the LANG environment variable. If the locale that is not supported by Kaspersky Embedded Systems Security is specified as the value of the LANG environment variable, the graphical interface and the command line are displayed in English.

INSTALL_LICENSE

Activation code or key file.

 

UPDATER_SOURCE

Update source.

SCServer – use the Kaspersky Security Center Administration Server as the update source.

KLServers – use Kaspersky servers as the update source.

Update source address

PROXY_SERVER

Address of the proxy server used to connect to the Internet.

Proxy server address

UPDATE_EXECUTE

Start application database update task during setup.

yes – start update task.

no – do not start update task.

KERNEL_SRCS_INSTALL

Automatic start of kernel module compilation.

yes – compile kernel module.

no – do not compile kernel module.

ADMIN_USER

A user assigned the administrator role (admin).

No

CONFIGURE_SELINUX

Automatic configuration of SELinux for working with Kaspersky Embedded Systems Security.

yes – automatically configure SELinux to work with Kaspersky Embedded Systems Security.

no – do not automatically configure SELinux to work with Kaspersky Embedded Systems Security.

USE_GUI

Use of the graphical user interface.

yes – Enable use of the graphical user interface.

no – Disable use of the graphical user interface.

The application must be restarted to change the setting's value.

If you want to change the settings in the autoinstall.ini configuration file, specify the values of settings in the following format: <setting name>=<setting value> (the application does not process spaces between the name of a setting and its value).

Page top

[Topic 236945]

Installing Kaspersky Embedded Systems Security using the Web Console

Kaspersky Security Center Web Console supports the following main deployment methods:

Installation process consists of the following steps:

  1. Creating an installation package. The Protection Deployment Wizard creates the package automatically if it has not already been created. The installation package is located in the list of installation packages downloaded into the Kaspersky Security Center Web Console: Device discovery and deploymentDeployment and assignmentInstallation packages. You can also create an installation package and configure its settings manually.
  2. Creating a remote installation task. The Protection Deployment Wizard creates and runs the remote installation task automatically. You can also create and run the task manually.

In this section

Creating an installation package

Installation using the Protection Deployment Wizard

Creating a remote installation task
Page top
[Topic 202117]

Creating an installation package

To create an installation package:

  1. In Web Console main window, select Device discovery and deploymentDeployment and assignmentInstallation packages.

    This opens a list of installation packages downloaded to Web Console.

  2. Click Add.

    The wizard for creating an installation package will start. Follow the instructions of the Wizard.

  3. At the first page of the Wizard, select Create installation package for Kaspersky application.

    The Wizard will create an installation package from the distribution kit residing on Kaspersky servers. The list is updated automatically as new versions of applications are released. It is recommended to select this option to install Kaspersky Embedded Systems Security.

    You can also create an installation package from a file.

    Kaspersky Security Center Cloud Console does not allow creation of installation packages from a file.

  4. Select Kaspersky Embedded Systems Security distribution package. Information about the distribution kit will be displayed on the right.
  5. Read the information and click the Download and create installation package button. The installation package creation process starts.
  6. During creation of the installation package, accept the terms of the End User License Agreement and Privacy Policy. When prompted by the Wizard, read the License Agreement between you and Kaspersky and the Privacy Policy that describes the processing and transmission of data. To continue creating the installation package, you must confirm that you have read and accept the full terms of the End User License Agreement and the Privacy Policy.

The installation package will be created and added to the Web Console. Using the installation package, you can install the application on devices in the corporate network or update the application version.

In the installation package properties, you can also configure the application installation settings (see the table below) on the Settings tab.

An installation package for Kaspersky Embedded Systems Security cannot be configured in Kaspersky Security Center Web Console versions lower than 14.2. Use the autoinstall.ini configuration file to configure settings.

Installation package settings

Section

Description

Specify the locale.

Select this check box to specify the locale used during the application operation. Locale in the format specified by RFC 3066. If this setting is not specified, the default locale is used.

Activate the application

Select this check box to specify the activation code.

Update source

Specify the update source:

  • Kaspersky update servers.
  • Kaspersky Security Center Administration Server.
  • Other source in the local or global network.

Run update task after installation.

Select this check box to run the Update task after the application is installed.

Specify proxy server settings

Select this check box to specify the address of the proxy server used to connect to the Internet.

Install kernel source

Select this check box to automatically start of kernel module compilation.

Use GUI

Select this check box to enable the use of the graphical user interface.

Page top

[Topic 247278]

Installation using the Protection Deployment Wizard

The TCP ports 139 and 445, and the UDP ports 137 and 138 must be opened on a client device.

To deploy Kaspersky Embedded Systems Security:

  1. In Web Console main window, select Device discovery and deploymentDeployment and assignmentProtection Deployment Wizard.

    The Protection Deployment Wizard starts.

  2. Follow the instructions of the Protection Deployment Wizard.

Step 1. Selecting an installation package

At this step, select the Kaspersky Embedded Systems Security installation package from the list of installation packages. If the package is not available in the list, click Add and select the Kaspersky Embedded Systems Security distribution kit from the list. The installation package is created automatically.

You can configure the installation package settings using the Web Console.

Step 2. Application activation

At this step, you can add a license key to the installation package to activate the application. This step is optional. If the Administration Server contains a license key with automatic distribution functionality, the key will be automatically added later. You can also activate the application later using the Add Key task.

Step 3. Selecting a Network Agent

At this step, select the version of the Network Agent that will be installed together with Kaspersky Embedded Systems Security. The Network Agent facilitates interaction between the Administration Server and client devices. If the Network Agent is already installed on the device, it is not installed again.

Step 4. Selecting devices to install the application

At this step, select the devices to install the application. The following options are available:

  • Specify an administration group. The task is assigned to the devices included in a previously created administration group.
  • Specify a device selection. The task is assigned to devices included in the device selection. You can specify one of the existing device selections.

Step 5. Configuring advanced installation settings

At this step, configure the following advanced application installation settings:

  • Force installation package download. Selecting the application installation method:
    • Using the Network Agent. If the Network Agent is not installed on the device, first the Network Agent is installed using the operating system tools. Then, Kaspersky Embedded Systems Security is installed by means of the Network Agent.
    • Using operating system resources through distribution points. The installation package is delivered to the client devices using the operating system tools via the distribution points. You can select this option if there is at least one distribution point in the network. A distribution point is a device with Network Agent installed that is used for update distribution, remote installation of applications, and retrieval of information about devices in the network. For more details about distribution points, refer to Kaspersky Security Center documentation.
    • Using operating system resources through Administration Server. Files are delivered to the client devices by means of the operating system tools using the Administration Server. You can select this option if the Network Agent is not installed on the client device, but this device belongs to the same network as the Administration Server.
  • Do not re-install the application if it is already installed. Clear this check box if you want to install an earlier version of the application, for example.
  • Assign package installation in the Active Directory group policies. Kaspersky Embedded Systems Security is installed by means of the Network Agent or manually by means of Active Directory. To install Network Agent, the remote installation task must be run with domain administrator privileges.

Step 6. Device restart management

At this step, you can select an action to be performed if the device restart is required. When installing the application, device restart is not required. Restart is required only if you have to remove incompatible applications before installation. Restart may also be required when updating the application version.

Step 7. Removing incompatible applications

This step is displayed if applications incompatible with Kaspersky Embedded Systems Security are installed on the client device.

At this step, carefully review the list of incompatible applications and allow the removal of these applications. If incompatible applications are installed on the client device, Kaspersky Embedded Systems Security installation finishes with an error.

Step 8. Assigning to an administration group

At this step, select an administration group where to move the client devices after the Network Agent installation. Moving devices to the administration group is necessary for applying policies and group tasks. If a device is already assigned to an administration group, it will not be re-assigned. If you do not select an administration group, the devices are added to the Unassigned devices group.

Step 9. Selecting an account for accessing the client devices

At this step, select the account used for installing Network Agent using the tools of the operating system. In this case, administrator rights are required for accessing the client device. You can add multiple accounts. If an account does not have sufficient rights, the Installation Wizard uses the next account. If you install Kaspersky Embedded Systems Security by means of the Network Agent, you do not have to select an account.

Step 10. Starting installation

Exiting the Wizard. The remote application installation task is started automatically. You can monitor the task execution progress in the task properties in the Results section.

Page top
[Topic 202118]

Creating a remote installation task

To create a remote installation task:

  1. In the main window of Web Console, select DevicesTasks.

    The list of tasks opens.

  2. Click Add.

    The Task Wizard starts.

  3. Follow the Task wizard instructions.

Step 1. Configuring general task settings

At this step, configure the general settings of the task:

  1. In the Application drop-down list, select Kaspersky Security Center.
  2. In the Task type drop-down list, select Install application remotely.
  3. In the Task name field, enter a short description.
  4. In the Select devices to which the task will be assigned section, select the task scope.

Step 2. Selecting devices to install the application

At this step, select the devices where to install Kaspersky Embedded Systems Security according to the selected task scope.

Step 3. Configuring an installation package

At this step, configure the settings of the installation package:

  1. Select Kaspersky Embedded Systems Security 3.3 for Linux installation package.
  2. Select the Network Agent installation package.

    The selected version of the Network Agent will be installed together with Kaspersky Embedded Systems Security. The Network Agent facilitates interaction between the Administration Server and client devices. If the Network Agent is already installed on the device, it is not installed again.

  3. In the Force installation package download section, select the application installation method:
    • Using the Network Agent. If the Network Agent is not installed on the device, first the Network Agent is installed using the operating system tools. Then Kaspersky Embedded Systems Security is installed by means of the Network Agent.
    • Using operating system resources through distribution points. The installation package is delivered to the client devices using the operating system tools via the distribution points. You can select this option if there is at least one distribution point in the network. For more details about distribution points, refer to Kaspersky Security Center documentation.
    • Using operating system resources through Administration Server. Files are delivered to the client devices by means of the operating system tools using the Administration Server. You can select this option if the Network Agent is not installed on the client device, but the client device belongs to the same network as the Administration Server.
  4. In the Maximum number of concurrent downloads field, set a limit on the number of installation package download requests sent to the Administration Server. The limit on the number of requests allows avoiding network overload.
  5. In the Maximum number of installation attempts field, specify the limit on the number of attempts to install the application. If the application installation finishes with an error, the task will automatically start installation again.
  6. If necessary, clear the Do not install application if it is already installed check box. It allows, for example, to install one of the previous versions of the application.
  7. If necessary, select the Assign package installation in Active Directory group policies check box. The application is installed by means of the Network Agent or manually by means of Active Directory. To install Network Agent, the remote installation task must be run with domain administrator privileges.
  8. If necessary, select the Prompt users to close running applications check box. Application installation requires device resources. For the convenience of the user, the Installation Wizard prompts you to close running applications before starting the installation. This helps prevent disruptions in the operation of other applications and prevents possible malfunctions of the device.
  9. In the Behavior of devices managed by other Administration Servers section, select Kaspersky Embedded Systems Security installation method. If the network has more than one Administration Server installed, these Administration Servers may see the same client devices. This may cause, for example, an application to be installed remotely on the same client device several times through different Administration Servers, or other conflicts.
  10. If necessary, in the Device moving mode section, specify a group for moving unassigned devices.

Step 4. Device restart management

At this step, you can select an action to be performed if the device restart is required.

Step 5. Selecting an account to access the device

At this step, select the account used for installing Network Agent using the tools of the operating system. In this case, administrator rights are required for accessing the device. You can add multiple accounts. If an account does not have sufficient rights, the Installation Wizard uses the next account. If you install Kaspersky Embedded Systems Security by means of the Network Agent, you do not have to select an account.

Step 6. Completing task creation

Complete wizard operations by clicking the Create button. A new task will be displayed in the list of tasks. To run a task, select the check box next to the task and click the Start button. The application will be installed in silent mode.

Page top
[Topic 202124]

Getting started using Kaspersky Security Center

To work with Kaspersky Embedded Systems Security using Kaspersky Security Center, perform the following steps after deploying the application:

Page top
[Topic 202127]

Activating the application using Kaspersky Security Center

Activation is the process of activating an application under a license that allows you to use a fully functional version of the application until the license expires. The application activation process involves adding a license key.

You can activate the application remotely using Kaspersky Security Center in the following ways:

  • Using the application activation task.

    This method allows you to add a license key to a specific device or the devices included in an administration group. You can create and run an activation task using the Administration Console or Kaspersky Security Center Web Console.

  • By distributing a license key stored on Kaspersky Security Center Administration Server to the client devices.

    This method lets you automatically add a key to the client devices that are already connected to Kaspersky Security Center, and to new client devices. To use this method, first add the key to the key storage on Kaspersky Security Center Administration Server.

You can use Kaspersky Security Center Administration Console or Kaspersky Security Center Web Console to create the tasks for application activation, adding a key to the key storage, and distributing the key to the client devices.

Activation using Kaspersky Security Center Web Console

Before creating an activation task or a key distribution task, add the key to Kaspersky Security Center Administration Server key storage.

To add a key to Kaspersky Security Center key storage using the Web Console:

  1. In the Web Console main window, select the Operations → Licensing → Kaspersky Licenses.
  2. Click Add.
  3. In the window that opens, select how to add the key to the repository:
    • Enter the activation code to add a key using an activation code.
    • Add a key file to add a key using a key file.
  4. Depending on the key adding method you selected at the previous step, do one of the following:
    • Enter the activation code and click Submit.
    • Click the Select key file button and in the window that opens, select the file with the key extension.
  5. Click Close.

The added key will appear in the list of keys.

To activate the application using the Web Console by means of the Add Key task:

  1. In the main window of Web Console, select DevicesTasks.

    The list of tasks opens.

  2. Click Add.

    The Task Wizard starts.

  3. Configure the task settings:
    1. In the Application drop-down list, select the application name: Kaspersky Embedded Systems Security.
    2. In the Task type drop-down list, select Add Key.
    3. In the Task name field, enter a brief description, such as Activation of Kaspersky Embedded Systems Security.
    4. In the Select devices to which the task will be assigned section, select the task scope. Click Next.
  4. Select devices according to the selected task scope option. Click Next.

    The Kaspersky Security Center key storage window opens.

  5. If you have previously added a key to Kaspersky Security Center key storage, select the key from in the list and click Next.
  6. If the required key cannot be found in the key storage, click the Add key button.
    1. In the window that opens, select how to add the key to the repository:
      • Enter the activation code to add a key using an activation code.
      • Add a key file to add a key using a key file.
    2. Depending on the key adding method you selected at the previous step, do one of the following:
      • Enter the activation code and click Submit.
      • Click the Select key file button and in the window that opens, select the file with the key extension.
    3. Read the information about the key and click Close.
    4. The added key will appear in the list of keys. Select it from the list and click Next.
  7. Read the information about the license and click Next.
  8. Finish the wizard by clicking the Finish button.

    A new task will be displayed in the list of tasks.

  9. Select the check box next to the task. Click the Start button.

In the properties of the Add Key task, you can add a reserve key to the device. The reserve key becomes active when the license associated with the active key expires or when the active key is deleted. Availability of a reserve key allows you to avoid application functionality limitation when your license expires.

To activate the application using the Web Console by distributing a key stored on Kaspersky Security Center Administration Server to the devices:

  1. In the Web Console main window, select the OperationsLicensing → Kaspersky Licenses.
  2. Open the key properties using the link with the name of the application for that the key is intended to.
  3. On the General tab, select the Automatically distribute a license key to managed devices check box.
  4. Click Save.

The license key is automatically distributed to the appropriate client devices. During the automatic distribution of a key as an active or a reserve key, the licensing limit on the number of devices (set in the key properties) is taken into account. If the licensing limit is reached, distribution of this key to the devices stops automatically. You can view the number of devices to which the key has been added and other information in the key properties on the Devices tab.

You can control license usage using Web Console in the following ways:

  • View the Key usage report for the organization infrastructure (Monitoring and reportsReports).
  • View the statuses of the managed devices (DevicesManaged devices). If the application is not activated, the device will have the Warning_Status status and the Protection disabled status description.
  • View the key properties (OperationsLicensingKaspersky licenses).

Special considerations for the activation process in Kaspersky Security Center Cloud Console

A trial version is provided for the Kaspersky Security Center Cloud Console. The trial version is a special version of Kaspersky Security Center Cloud Console designed to familiarize a user with the features of the application. In this version, you can perform actions in a workspace for a period of 30 days. All managed applications, including Kaspersky Embedded Systems Security, are automatically activated under Kaspersky Security Center Cloud Console trial license. However, you cannot activate Kaspersky Embedded Systems Security using its own trial license when the trial license for the Kaspersky Security Center Cloud Console expires. For detailed information about Kaspersky Security Center Cloud Console, please refer to the Kaspersky Security Center Cloud Console documentation.

The trial version of Kaspersky Security Center Cloud Console does not allow you to subsequently switch to a commercial version. Any trial workspace will be automatically deleted with all its contents after the 30-day period expires.

Page top

[Topic 202128]

Running the application on Astra Linux in closed software environment mode

This section describes how to start the application in the Astra Linux Special Edition operating system.

For Astra Linux Special Edition (operational update 1.7) and Astra Linux Special Edition (operational update 1.6)

To start the application on the Astra Linux Special Edition (operational update 1.7) or Astra Linux Special Edition (operational update 1.6) operating system:

  1. Specify the following setting in the /etc/digsig/digsig_initramfs.conf file:

    DIGSIG_ELF_MODE=1

  2. Install the compatibility package:

    apt install astra-digsig-oldkeys

  3. Create a directory for the application key:

    mkdir -p /etc/digsig/keys/legacy/kaspersky/

  4. Locate the application key (/opt/kaspersky/kess/shared/kaspersky_astra_pub_key.gpg) in the directory created at the previous step:

    cp kaspersky_astra_pub_key.gpg /etc/digsig/keys/legacy/kaspersky/

  5. Update the initramfs image:

    update-initramfs -u -k all

For Astra Linux Special Edition (operational update 1.5)

To run the application in the Astra Linux Special Edition (operational update 1.5) operating system:

  1. Specify the following setting in the /etc/digsig/digsig_initramfs.conf file:

    DIGSIG_LOAD_KEYS=1

    DIGSIG_ENFORCE=1

  2. Create a directory for the application key:

    mkdir -p /etc/digsig/keys/legacy/kaspersky/

  3. Locate the application key (/opt/kaspersky/kess/shared/kaspersky_astra_pub_key.gpg) in the directory created at the previous step:

    cp kaspersky_astra_pub_key.gpg /etc/digsig/keys/legacy/kaspersky/

  4. Update the initramfs image:

    sudo update-initramfs -u -k all

The application graphical user interface can be used during mandatory access control sessions.

Page top
[Topic 236566]

Configuring permissions in the SELinux system

If SELinux could not be configured automatically during the post-installation configuration of the application, or if you declined automatic configuration, you can manually configure SELinux to work with Kaspersky Embedded Systems Security.

To configure SELinux to work with the application:

  1. Switch SELinux to permissive mode:
    • If SELinux has been activated, run the following command:

      # setenforce Permissive

    • If SELinux was disabled, set the SELINUX=permissive setting in the configuration file / etc / selinux / config and restart the operating system.
  2. Make sure the semanage utility is installed on the system. If the utility is not installed, install the policycoreutils-python or policycoreutils-python-utils package, depending on the package manager.
  3. If you use a custom SELinux policy rather than the default targeted policy, assign a label for the following Kaspersky Embedded Systems Security source executable files in accordance with the SELinux policy used:
    • /var/opt/kaspersky/kess/3.3.0.<build number>_<installation timestamp>/opt/kaspersky/kess/libexec/kess
    • /var/opt/kaspersky/kess/3.3.0.<build number>_<installation timestamp>/opt/kaspersky/kess/bin/kess-control
    • /var/opt/kaspersky/kess/3.3.0.<build number>_<installation timestamp>/opt/kaspersky/kess/libexec/kess-gui
    • /var/opt/kaspersky/kess/3.3.0.<build number>_<installation timestamp>/opt/kaspersky/kess/shared/kess
  4. Run the following tasks:
    • File Threat Protection task:

      kess-control --start-task 1

    • Critical Areas Scan task:

      kess-control --start-task 4 -W

    It is recommended to run all the tasks that you plan to run while using Kaspersky Embedded Systems Security.

  5. Start the graphical user interface if you plan to use it.
  6. Ensure that there are no errors in the audit.log file:

    grep kess /var/log/audit/audit.log

  7. If there are errors in the audit.log file, create and download a new rule module based on the blocking records in order to fix the errors, and then relaunch all the tasks that you plan to run while using Kaspersky Embedded Systems Security.

    If new audit messages related to Kaspersky Embedded Systems Security appear, the file with the rule module file must be updated.

  8. Switch SELinux to blocking mode:

    # setenforce Enforcing

If you use a custom SELinux policy, manually assign a label to Kaspersky Embedded Systems Security source executable files after installing application updates (follow steps 1, 3–8).

For additional information, please refer to the documentation on the relevant operating system.

Page top
[Topic 237162]