Kaspersky Embedded Systems Security 3.3 for Linux

Kaspersky Embedded Systems Security 3.3 for Linux ("Kaspersky Embedded Systems Security", "Application") protects devices running Linux operating systems against various types of threats, including network and scam attacks.

The application is not intended for industrial processes that use automated control systems. To protect devices in these systems, we recommend using Kaspersky Industrial CyberSecurity for Linux Nodes.

The application is used to:

• Scan file system objects located on local disks of your device, as well as mounted and shared resources, which are accessed via SMB and NFS protocols.
• Scan objects in the file system both in real time using the File Threat Protection task and on demand using scan tasks.
• Scan startup objects, boot sectors, process memory, and kernel memory.
• Detect infected objects and neutralize threats detected in them.
• Automatically select an action to neutralize the threat.
• Save backup copies of files before disinfection or deletion and restore files from backups.
• Manage tasks and configure their settings.
• Add keys and activate the application using activation codes.
• Update the application with service packs.
• Update application databases from Kaspersky update servers, via the Administration Server, or from a user-specified source on schedule and on demand.
• Use application databases to detect and disinfect infected files. During the scan process, the application analyzes each file for the presence of a threat: it compares the file code with the code of a specific threat and looks for possible matches.
• Monitor the integrity of the system or specified files and report changes. System Integrity Monitoring can be performed in continuous monitoring mode and in on-demand scan mode.
• Manage the operating system firewall and restore the set of firewall rules if they were changed.
• Protect files in local directories with network access via SMB / NFS from remote malicious encryption.
• Analyze traffic sent to users' devices via HTTP / HTTPS and FTP and check if web addresses are malicious or phishing.
• Configure flexible restrictions on access to data storage devices (hard disks, removable disks, CD / DVD drives), data transfer equipment (modems), data conversion devices (printers) and interfaces for connecting devices (USB, FireWire).
• Check removable drives when connected to your device.
• Check incoming network traffic for activity typical of network attacks.
• Check containers, images and namespaces.
• Receive information about application actions on your device.
• Configure encrypted connections scan settings.
• Control the start of applications and restrict access to applications on user devices to help reduce the risk of client device infections.
• Get information about all executable files of the applications installed on client devices using the Inventory Scan task, which can be useful, for example, for creating Application Control rules.
• Use Kaspersky Security Network. The use of data from Kaspersky Security Network ensures faster responses by Kaspersky Embedded Systems Security to various threats, improves the performance of some protection components, and reduces the likelihood of false positives.
• Allow users without root permissions to manage the application functions.
• Notify the administrator about events that occurred while the application was running.
• Check the integrity of application components using the integrity check tool.

You can manage Kaspersky Embedded Systems Security using the following methods:

• Using control commands from the command line.
• Using Kaspersky Security Center Administration Console.
• Using Kaspersky Security Center Web Console and Kaspersky Security Center Cloud Console.
• Using a graphical user interface.

The update functionality (including anti-virus signature updates and code base updates), as well as the KSN functionality may not be available in the application in the territory of the USA.

Distribution kit

The distribution kit includes Kaspersky Embedded Systems Security installation package containing the following files:

• kess-3.3.0-<build number>.i386.rpm, kess_3.3.0-<build number>_i386.deb

  Contain the main application files. Packages can be installed to 32-bit operating systems based on the type of package manager.

• kess_3.3.0-<build number>.x86_64.rpm, kess_3.3.0-<build number>_amd64.deb

  Contain the main application files. Packages can be installed to 64-bit operating systems based on the type of package manager.

• kess-gui-3.3.0-<build number>.i386.rpm, kess-gui-3.3.0-<build number>_i386.deb

  Contain the files of the application graphical user interface. Packages can be installed to 32-bit operating systems based on the type of package manager.

• kess-gui-3.3.0-<build number>.x86_64.rpm, kess-gui-3.3.0-<build number>_amd64.deb

  Contain the files of the application graphical user interface. Packages can be installed to 64-bit operating systems based on the type of package manager.

• kess-3.3.0.<build number>.zip

  Contains the files used for remote application installation using Kaspersky Security Center, including license.<language ID> and ksn_license.<language ID> files.

• ksn_license. <language ID>

  Contains the text of the Statement on Kaspersky Security Network.

• license. <language ID>

  Contains the text of the License Agreement. The License Agreement specifies the terms for using the application.

Independently changing application files using means not described in the application documentation or not recommended by Technical Support specialists may lead to poor performance and failures in the application and operating system, reduced protection of your device, inaccessible and corrupted data, as well as enabling the sending of additional statistics to KSN.

Hardware and software requirements

Kaspersky Embedded Systems Security has the following hardware and software requirements:

Minimum hardware requirements:

• Core 2 Duo 1.86 GHz or faster processor
• swap partition at least 1 GB
• 1 GB of RAM for 32-bit operating systems, 2 GB of RAM for 64-bit operating systems
• 4 GB of free hard disk space for installation of the application and storage of temporary and log files

Software requirements:

• Supported 32-bit operating systems:
  • Debian GNU/Linux 10.1 and later.
  • Debian GNU/Linux 11.0 and later.
  • Mageia 4.
  • ALT 8 SP Workstation.
  • ALT 8 SP Server.
  • ALT Education 10.
  • ALT Workstation 10.
• Supported 64-bit operating systems:
  • AlmaLinux OS 8 and later.
  • AlmaLinux OS 9 and later.
  • AlterOS 7.5 and later.
  • Amazon Linux 2.
  • Astra Linux Common Edition 2.12.
  • Astra Linux Special Edition RUSB.10015-01 (operational update 1.5).
  • Astra Linux Special Edition RUSB.10015-01 (operational update 1.6).
  • Astra Linux Special Edition RUSB.10015-01 (operational update 1.7).
  • Astra Linux Special Edition RUSB.10015-16 (release 1) (operational update 1.6).
  • CentOS 7.2 and later.
  • CentOS Stream 9.
  • Debian GNU/Linux 10.1 and later.
  • Debian GNU/Linux 11.0 and later.
  • EMIAS 1.0 and later.
  • EulerOS 2.0 SP5.
  • Linux Mint 20.3 and later.
  • Linux Mint 21.1.
  • openSUSE Leap 15.0 and later.
  • Oracle Linux 7.3 and later.
  • Oracle Linux 8.0 and later.
  • Oracle Linux 9.0 and later.
  • Red Hat Enterprise Linux 7.2 and later.
  • Red Hat Enterprise Linux 8.0 and later.
  • Red Hat Enterprise Linux 9.0 and later.
  • Rocky Linux 8.5 and later.
  • Rocky Linux 9.1.
  • SUSE Linux Enterprise Server 12.5 or later.
  • SUSE Linux Enterprise Server 15 or later.
  • Ubuntu 20.04 LTS.
  • Ubuntu 22.04 LTS.
  • ALT 8 SP Workstation.
  • ALT 8 SP Server.
  • ALT Education 10.
  • ALT Workstation 10.
  • ALT Server 10.
  • Atlant, Alcyone build, version 2022.02.
  • GosLinux 7.17.
  • GosLinux 7.2.
  • RED OS 7.3.
  • ROSA Cobalt 7.9.
  • ROSA Chrome 12.

Due to technical limitations of fanotify, the application does not support the following file systems: autofs, binfmt_misc, cgroup, configfs, debugfs, devpts, devtmpfs, fuse, fuse.gvfsd-fuse, gvfs, hugetlbfs, mqueue, nfsd, proc, parsecfs, pipefs, pstore, usbfs, rpc_pipefs, securityfs, selinuxfs, sysfs, tracefs.

Supported versions of Kaspersky Security Center

Kaspersky Embedded Systems Security is compatible with the following Kaspersky Security Center versions:

• Kaspersky Security Center 14. You can manage the Kaspersky Embedded Systems Security application in the Administration Console using the MMC administration plug-in and in the Kaspersky Security Center Web Console using the web administration plug-in.
• Kaspersky Security Center 14 Linux. The web administration plug-in can be used to administer Kaspersky Embedded Systems Security through Kaspersky Security Center Web Console.

  Kaspersky Security Center Linux includes a version of Administration Server intended for installation on a device running the Linux operating system. Kaspersky Security Center Linux interacts with Administration Server through Kaspersky Security Center Web Console. For more information about Kaspersky Security Center Linux, see its documentation.

  Some functionality of Kaspersky Security Center 14, e.g. features tied to Kaspersky Security Network, are unavailable in Kaspersky Security Center 14 Linux. You can manage Kaspersky Security Network usage through Kaspersky Security Center running on Windows.

• Kaspersky Security Center 14.2. You can manage the Kaspersky Embedded Systems Security application in the Administration Console using the MMC administration plug-in and in the Kaspersky Security Center Web Console using the web administration plug-in.
• Kaspersky Security Center 14.2 Linux. The web administration plug-in can be used to administer Kaspersky Embedded Systems Security through Kaspersky Security Center Web Console.
• Kaspersky Security Center 15 Linux. The web administration plug-in can be used to administer Kaspersky Embedded Systems Security through Kaspersky Security Center Web Console.