Kaspersky Embedded Systems Security for Linux

Kaspersky Embedded Systems Security for Linux

Support Send link

Kaspersky Embedded Systems Security 3.4 for Linux Help
Kaspersky Embedded Systems Security 3.4 for Linux
- Distribution kit
- Hardware and software requirements
What's new
Preparing to install Kaspersky Embedded Systems Security
Installation and initial configuration of Kaspersky Embedded Systems Security
- The installation and initial configuration of Kaspersky Security Center Network Agent
- Installing the Kaspersky Embedded Systems Security management plug-ins
  - Installing the Kaspersky Embedded Systems Security web plug-in
  - Installing the Kaspersky Embedded Systems Security MMC plug-in
- Installing and initially configuring the application using Kaspersky Security Center
- Installing and initially configuring the application using the command line
- Configuring permissive rules in the SELinux system
- Running the application on Astra Linux OS in closed software environment mode
Updating the application from a previous version
- About updating Kaspersky Embedded Systems Security management plug-ins
- Updating the application using Kaspersky Security Center
- Updating the application using the command line
- Special considerations when setting parameter values when updating the application
Uninstalling the application
- Uninstalling the application and Network Agent using Kaspersky Security Center
- Uninstalling the application using the command line
- Network Agent removal using the command line
- Removing Kaspersky Embedded Systems Security management plug-ins
Application licensing
- About the End User License Agreement
- About the license
- About the license certificate
- About the license key
- About the activation code
- About the key file
- About subscription
- Application activation and license key management
  - Activating the application using Kaspersky Security Center
  - License key management in the command line
- Viewing information about used license keys
Data provision
- Data provided when using an activation code
- Data provided when downloading updates from Kaspersky update servers
- Data sent to Kaspersky Security Center
- Data provided when following links in the application interface
- Data provided when using Kaspersky Security Network
Application management concept
- Managing the application using Kaspersky Security Center
- Managing the application using the command line
Starting and stopping the application
- Starting and stopping the application using the Web Console
- Starting and stopping the application using the Administration Console
- Starting and stopping the application using the command line
Viewing the protection status of a device and information about application performance
- Viewing the protection status of a device in the Web Console
- Viewing the protection status of a device in the Administration Console
- Viewing information about the operation of an application in the Web Console
- Viewing information about the operation of an application in the Administration Console
- Viewing information about the operation of an application in the command line
- Viewing application statistics
- Collecting system performance metrics
Updating application databases and modules
- Updating databases and modules
- Updating sources and update scenarios
- Updating application databases and modules in the Web Console
- Updating application databases and modules in the Administration Console
- Updating application databases and modules in the command line
- Updating using Kaspersky Update Utility
- Rolling back application database and module updates
File Threat Protection
- Configuring File Threat Protection in the Web Console
- Configuring File Threat Protection in the Administration Console
- Configuring File Threat Protection in the command line
  - File Threat Protection task settings
  - Optimizing network directory scanning
- Special considerations for scanning symbolic links and hard links
Malware Scan
- Malware Scan in the Web Console
- Malware Scan in the Administration Console
- Malware Scan in the command line
  - Settings of the Malware Scan predefined task
  - Custom Scan of files and directories on the command line
Critical Areas Scan
- Critical Areas Scan in the Web Console
- Critical Areas Scan in the Administration Console
- Critical Areas Scan in the command line
Removable Drives Scan
- Configuring Removable Drives Scan in the Web Console
- Configuring Removable Drives Scan in the Administration Console
- Configuring Removable Drives Scan in the command line
Firewall Management
- About network packet rules
- About dynamic rules
- About the predefined network zone names
- Firewall Management in the Web Console
- Firewall Management in the Administration Console
- Firewall Management in the command line
  - Configuring a list of network packet rules in the command line
  - Configuring network zones in the command line
Web Threat Protection
- Configuring Web Threat Protection in the Web Console
  - Web address window
- Configuring Web Threat Protection in the Administration Console
- Configuring Web Threat Protection in the command line
Encrypted connections scan
- Configuring encrypted connections scan in the Web Console
- Configuring encrypted connections scan in the Administration Console
- Configuring encrypted connections scan in the command line
Network Threat Protection
- Configuring Network Threat Protection in the Web Console
  - IP address window
- Configuring Network Threat Protection in the Administration Console
  - Exclusions window
  - IP address window
- Configuring Network Threat Protection in the command line
Protection against remote malicious encryption
- Configuring Anti-Cryptor in the Web Console
- Configuring Anti-Cryptor in the Administration Console
- Configuring Anti-Cryptor in the command line
Managing blocked devices
Application Control
- About Application Control rules
- Configuring Application Control in the Web Console
- Configuring Application Control in the Administration Console
- Configuring Application Control in the command line
Inventory
- Configuring Inventory in the Web Console
- Configuring Inventory in the Administration Console
- Configuring Inventory on the command line
  - Inventory task settings
  - Viewing a list of detected applications
Device Control
- Configuring Device Control in the Web Console
- Configuring Device Control in the Administration Console
- Configuring Device Control on the command line
  - Device Control task settings
  - Viewing the list of connected devices on the command line
System Integrity Monitoring
- Real-time System Integrity Monitoring
- System Integrity Check
Behavior Detection
- Configuring Behavior Detection in the Web Console
  - Exclusions by process window
  - Adding a process exclusion scope window
- Configuring Behavior Detection in the Administration Console
  - Exclusions by process window
  - Trusted process window
- Configuring Behavior Detection in the command line
Using Kaspersky Security Network
- Configuring the use of Kaspersky Security Network in the Web Console
  - Kaspersky Security Network Statement
  - Kaspersky Private Security Network Statement
- Configuring the use of Kaspersky Security Network in the Administration Console
- Configuring the use of Kaspersky Security Network in the command line
  - Checking the connection to Kaspersky Security Network using the command line
  - Enabling and disabling cloud mode from the command line
Advanced application settings
- Configuring a proxy server
- Configuring global exclusions
- Exclude process memory from scans
- Selecting the interception mode for file operations
- Configuring detection of applications that hackers can use to harm
- Enabling application stability monitoring
- Configuring application startup settings
- Limiting the use of resident memory by the application
- Limiting the use of memory and processor resources
- Limiting the number of Custom Scan tasks
- Configuring the transfer of data to Kaspersky Security Center storage
- Configuring permissions for task management
- Enabling or disabling monitoring of namespaces
Backup
- Configuring Backup settings in the Web Console
- Configuring Backup settings in the Administration Console
- Configuring Backup settings in the command line
- Working with Backup objects in the command line
Viewing events and reports
- Configuring event logging to the operating system log
- Configuring application event log settings
- Viewing events in Kaspersky Security Center
- Viewing events in the command line
- Configuring the display of notifications in the graphical user interface
Application management via the graphical user interface
- Graphical user interface
- Enabling and disabling application components
- Starting and stopping scan tasks
- Starting a custom scan
- Starting and stopping the Update task
- Configuring Kaspersky Security Network
- Viewing reports
- Viewing Backup objects
- Managing license keys
- Creating a trace file
Application components integrity check
Contact Technical Support
- Technical Support via Kaspersky CompanyAccount
- Obtaining information for Technical Support
- Remote device diagnostics using Kaspersky Security Center
- Manually checking the connection with the Administration Server. Klnagchk utility
- Manually connecting to the Administration Server. Klmover utility
Appendices
- Appendix 1. Resource consumption optimization
- Appendix 2. Commands for managing Kaspersky Embedded Systems Security
- Appendix 3. Configuration files and default application settings
- Appendix 4. Command line return codes
Sources of information about Kaspersky Embedded Systems Security
Glossary
- Active key
- Active policy
- Administration group
- Administration Server
- Application activation
- Application databases
- Application settings
- Database of malicious web addresses
- Database of phishing web addresses
- Exclusion
- False positive
- File mask
- Group policy
- Group task
- Infected object
- Kaspersky update servers
- License
- License certificate
- Object disinfection
- Policy
- Proxy server
- Reserve key
- Startup objects
- Subscription
- Trusted device
Information about third-party code
Trademark notices

Advanced application settings

You can configure the following additional application settings:

Using a proxy server in the application.
Global exclusions to exclude mount points from file operation interception for the File Threat Protection and Anti-Cryptor components and the Malware Scan, Critical Areas Scan, and Removable Drives Scan tasks.
Exclude process memory from scans.
File operations interception mode.
Detection of legitimate applications that threat intruders can use to compromise devices or data.
Application stability monitoring.
Application startup settings.
Limit on the use of memory and processor resources for scan tasks.
Limit on the use of resident memory by the application.
Limit on the number of Custom Scan tasks that a non-privileged user can start simultaneously.
Settings for the transfer of data to the Kaspersky Security Center storage.
Task management permissions.
Enabling or disabling namespace scanning.

In this Help section

Configuring a proxy server

Configuring global exclusions

Exclude process memory from scans

Selecting the interception mode for file operations

Configuring detection of applications that hackers can use to harm

Enabling application stability monitoring

Configuring application startup settings

Limiting the use of resident memory by the application

Limiting the use of memory and processor resources

Limiting the number of Custom Scan tasks

Configuring the transfer of data to Kaspersky Security Center storage

Configuring permissions for task management

Enabling or disabling namespace scanning

Article ID: 197637, Last review: Mar 10, 2025

Page top