About Kaspersky Security Center Cloud Console

Kaspersky Security Center Cloud Console is an application hosted and maintained by Kaspersky. You do not have to install Kaspersky Security Center Cloud Console on your computer or server. Kaspersky Security Center Cloud Console enables the administrator to install Kaspersky security applications on devices on a corporate network, remotely run scan and update tasks, and manage the security policies of managed applications. The administrator can use a detailed dashboard that provides a snapshot of corporate device statuses, detailed reports, and granular settings in protection policies.

Key features of Kaspersky Security Center Cloud Console

Kaspersky Security Center Cloud Console enables you to do the following:

• Install Kaspersky applications on devices on your network and manage the installed applications.
• Create a hierarchy of administration groups to manage a selection of client devices as a whole.
• Create virtual Administration Servers and arrange them in a hierarchy.
• Protect your network devices, including workstations and servers:
  • Manage an antimalware protection system built on Kaspersky applications.
  • Use the detection and response (EDR and MDR) capabilities (a license for Kaspersky Endpoint Detection and Response and/or for Kaspersky Managed Detection and Response is required), including:
    • Analyzing and investigating incidents
    • Incident visualization through creating a threat development chain graph
    • Accepting or rejecting responses manually or setting up the auto-accept of all responses
• Use Kaspersky Security Center Cloud Console as a multi-tenant application.
• Remotely manage Kaspersky applications installed on client devices.
• Perform centralized deployment of license keys for Kaspersky applications to client devices.
• Create and manage security policies for devices on your network.
• Create and manage user accounts.
• Create and manage user roles (RBAC).
• Create and manage tasks for applications installed on your network devices.
• View reports on the security system status for every client organization individually.

About licensing of Kaspersky Security Center Cloud Console for MSPs

When you start using Kaspersky Security Center Cloud Console, you can either request a trial workspace (in this case, you are granted a 30-day trial license that is embedded in your workspace) or enter an activation code for a commercial license.

You cannot convert a trial workspace into a commercial one. To continue using Kaspersky Security Center Cloud Console after the trial license expires, you must delete the trial workspace and create another one with a commercial license.

Later, you can add one or several commercial license keys to the Administrator Server repository.

About detection and response capabilities for MSPs

Kaspersky Security Center Cloud Console can integrate features of other Kaspersky applications into the console interface. For example, you can add the detection and response features to the functionality of Kaspersky Security Center Cloud Console by integrating the following applications:

• Kaspersky Endpoint Detection and Response Optimum

  Kaspersky Endpoint Detection and Response Optimum is a solution designed to protect an organization's IT infrastructure from complex cyberthreats. The solution's functionality combines automatic threat detection with the ability to respond to these threats to resist complex attacks, including new exploits, ransomware, fileless attacks, and methods that use legitimate system tools.

  After a Kaspersky Endpoint Protection Platform (EPP) application detects a security incident, a detailed card with important data about the security incident is generated in Kaspersky Security Center Cloud Console. The incident card is generated by one of the following applications:

  • Kaspersky Endpoint Agent which is installed together with a Kaspersky EPP application
  • Kaspersky Endpoint Security 11.7.0 for Windows or later which has built-in EDR Optimum functionality and does not require additional installation of Kaspersky Endpoint Agent

  An incident card enables you to analyze and investigate the incident. Also, you can visualize the incident by creating a threat development chain graph. The graph describes the deployment stages of the detected attack in time. The created graph includes information about the modules involved in the attack and the actions performed by these modules.

  You can also initiate a chain of response actions: create an execution prevention rule for an untrusted object; search for similar incidents in the device group, based on the selected indicators of compromise (IOC); isolate an untrusted object; isolate a compromised device from the network.

  For information about the application activation, see the Kaspersky Endpoint Detection and Response Optimum documentation.

  If integrated, this application adds the Alerts section to the interface of Kaspersky Security Center Cloud Console (Monitoring & reporting → Alerts).

• Kaspersky Managed Detection and Response

  Kaspersky Managed Detection and Response delivers round-the-clock protection from the growing volume of threats that circumvent automated security barriers to organizations who struggle to find the expertise and staff, or for those with limited in-house resources. The MDR SOC analysts of Kaspersky or a third-party company investigate the incidents and offer responses to solve the incidents. You can accept or reject the offered measures manually, or enable the option to auto-accept all of the responses.

  For information about the application activation, see the Kaspersky Managed Detection and Response documentation.

  If integrated, this application adds the Incidents section to the interface of Kaspersky Security Center Cloud Console (Monitoring & reporting → Incidents).

You can show or hide the interface elements that refer to the Kaspersky Endpoint Detection and Response or Kaspersky Managed Detection and Response features at any time in the Interface options section of Kaspersky Security Center Cloud Console.