- Kaspersky Endpoint Security 12.0 for Linux Help
- Kaspersky Endpoint Security 12.0 for Linux
- What's new
- Preparing to install the application
- Installing the application
- Deploying the application using the command line
- Installing the application using the command line
- Post-installation configuration of the application in interactive mode
- Selecting the application usage mode
- Defining the role of the virtual machine
- Enabling VDI protection mode
- Selecting the locale
- Viewing the End User License Agreement and the Privacy Policy
- Accepting the End User License Agreement
- Accepting the Privacy Policy
- Using Kaspersky Security Network
- Removing users from privileged groups
- Assigning the Administrator role to a user
- Determining the file operation interceptor type
- Enabling automatic configuration of SELinux
- Configuring the update source
- Configuring proxy server settings
- Starting an application database update
- Enabling automatic application database update
- Application activation
- Post-installation configuration of the application in automatic mode
- Settings in the configuration file for post-installation configuration
- Installing and configuring Kaspersky Security Center Network Agent
- Installing Kaspersky Endpoint Security administration plug-ins
- Deploying the application using Kaspersky Security Center
- Creating an installation package in Kaspersky Security Center Administration Console
- Creating an installation package in Kaspersky Security Center Web Console
- Preparing an archive with application databases in order to create an installation package with integrated databases
- Autoinstall.ini configuration file parameters
- Getting started using Kaspersky Security Center
- Activating the application using Kaspersky Security Center
- Running the application on Astra Linux in closed software environment mode
- Configuring allowing rules in the SELinux system
- Deploying the application using the command line
- Updating the application from a previous version
- Uninstalling the application
- Application licensing
- Data provision
- Data provided when using an activation code
- Data provided when downloading updates from Kaspersky update servers
- Data transferred when using the application in Light Agent mode
- Data sent to Kaspersky Security Center
- Data provided when following links in the application interface
- Data provided when using Kaspersky Security Network
- Data provided when using Kaspersky Anti Targeted Attack Platform
- Managing the application using the command line
- Starting and stopping the application
- Displaying Help on the commands
- Enabling automatic addition of kesl-control commands (bash completion)
- Enabling the display of events
- Viewing information about the application
- Description of the application commands
- Using filters to limit query results
- Exporting and importing application settings
- Setting the application memory usage limit
- User roles
- General application settings
- Managing application tasks using the command line
- View the list of tasks
- Creating a new task
- Editing task settings using a configuration file
- Editing task settings using the command line
- Resetting task settings to their default values
- Starting and stopping a task
- Viewing a task state
- Scheduling a task
- Managing scan scopes from the command line
- Managing exclusion scopes from the command line
- Deleting a task
- Encrypted connections scan
- File Threat Protection task (File_Threat_Protection, ID:1)
- Malware Scan task (Scan_My_Computer, ID:2)
- Custom Scan task (Scan_File, ID:3)
- Critical Areas Scan task (Critical_Areas_Scan, ID:4)
- Update task (Update, ID:6)
- Rollback task (Rollback, ID:7)
- Licensing task (License, ID:9)
- Storage management task (Backup, ID:10)
- System Integrity Monitoring task (System_Integrity_Monitoring, ID:11)
- Firewall Management task (Firewall_Management, ID:12)
- About network packet rules
- About dynamic rules
- About the predefined network zone names
- Firewall Management task settings
- Adding a network packet rule
- Deleting a network packet rule
- Changing the execution priority of a network packet rule
- Adding a network address to a zone section
- Deleting a network address from a zone section
- Anti-Cryptor task (Anti_Cryptor, ID:13)
- Web Threat Protection task (Web_Threat_Protection, ID:14)
- Device Control task (Device_Control, ID:15)
- Removable Drives Scan task (Removable_Drives_Scan, ID:16)
- Network Threat Protection task (Network_Threat_Protection, ID:17)
- Container Scan task (Container_Scan, ID:18)
- Custom Container Scan task (Custom_Container_Scan, ID:19)
- Behavior Detection task (Behavior_Detection, ID:20)
- Application Control task (Application_Control, ID:21)
- Inventory Scan task (Inventory_Scan, ID:22)
- Kaspersky Endpoint Detection and Response (KATA) Integration task (KATAEDR, ID:24)
- Using Kaspersky Security Network
- Integration with Kaspersky Managed Detection and Response
- KESL container
- Events and reports
- Managing the application using the Administration Console
- Starting and stopping the application on a client device
- Viewing the protection status of a device
- Viewing application settings
- Updating application databases and modules
- Managing policies in the Administration Console
- Policy settings
- File Threat Protection
- Exclusion scopes
- Exclusions by process
- Firewall Management
- Web Threat Protection
- Network Threat Protection
- Kaspersky Security Network
- Application Control
- Anti-Cryptor
- System Integrity Monitoring
- Device Control
- Behavior Detection
- Task management
- Removable Drives Scan
- Proxy server settings
- Application settings
- Container scan settings
- Managed Detection and Response
- Network settings
- Global exclusions
- Excluding process memory
- Storage settings
- Kaspersky Endpoint Detection and Response (KATA) Integration
- Light Agent mode
- Managing tasks in the Administration Console
- Task settings
- Configuring integration with Kaspersky Managed Detection and Response
- Configuring KESL container settings
- Manually checking the connection with the Administration Server. Klnagchk utility
- Manually connecting to the Administration Server. Klmover utility
- Remote diagnostics of client devices. Kaspersky Security Center remote diagnostics utility
- Remote application administration using Kaspersky Security Center Web Console and Kaspersky Security Center Cloud Console
- Logging in and out of the Web Console and Cloud Console
- Starting and stopping the application on a client device
- Viewing the protection status of a device
- Updating application databases and modules
- Managing policies in the Web Console
- Policy settings
- Application settings tab
- File Threat Protection
- Scan exclusions
- Firewall Management
- Web Threat Protection
- Network Threat Protection
- Kaspersky Security Network
- Anti-Cryptor
- System Integrity Monitoring
- Application Control
- Device Control
- Behavior Detection
- Task management
- Removable Drives Scan
- Proxy server settings
- Application settings
- Container scan settings
- Managed Detection and Response
- Network settings
- Global exclusions
- Storage settings
- Kaspersky Endpoint Detection and Response (KATA) Integration
- Light Agent mode
- Managing tasks in the Web Console
- Task settings
- Configuring integration with Kaspersky Managed Detection and Response
- Configuring KESL container settings
- Configuring remote diagnostics of client devices
- Managing application using graphical user interface
- Application components integrity check
- Contact Technical Support
- Appendices
- Appendix 1. Resource consumption optimization
- Appendix 2. Application configuration files
- Application settings configuration files
- Rules for editing application task configuration files
- File Threat Protection task configuration file
- Configuration file for the Malware Scan task
- Custom Scan task configuration file
- Critical Areas Scan task configuration file
- Update task configuration file
- Storage management task configuration file
- System Integrity Monitoring task configuration file
- Firewall Management task configuration file
- Anti-Cryptor task configuration file
- Web Threat Protection task configuration file
- Device Control task configuration file
- Removable Drives Scan task configuration file
- Network Threat Protection task configuration file
- Container Scan task configuration file
- Behavior Detection task configuration file
- Application Control task configuration file
- Inventory Scan task configuration file
- Kaspersky Endpoint Detection and Response (KATA) Integration task configuration file
- Appendix 3. Command line return codes
- Appendix 4. Managing KESL container using REST API
- Appendix 5. Configuring interaction with Kaspersky Anti-Virus for Linux Mail Server
- Sources of information about Kaspersky Endpoint Security
- Glossary
- Active key
- Active policy
- Administration group
- Administration Server
- Application activation
- Application databases
- Application settings
- Database of malicious web addresses
- Database of phishing web addresses
- Exclusion
- False positive
- File mask
- Group policy
- Group task
- Infected object
- Integration Server
- Kaspersky update servers
- License
- License certificate
- Light Agent
- Object disinfection
- Policy
- Proxy server
- Reserve key
- Startup objects
- Subscription
- SVM
- Trusted device
- Information about third-party code
- Trademark notices
Installing the application > Deploying the application using Kaspersky Security Center > Getting started using Kaspersky Security Center
Getting started using Kaspersky Security Center
Getting started using Kaspersky Security Center
After deploying Kaspersky Endpoint Security through Kaspersky Security Center, you must prepare the application for operation. The actions to be performed depend on the mode in which you plan to use Kaspersky Endpoint Security.
Standalone mode
If you plan to use Kaspersky Endpoint Security in standalone mode, after deploying the application, you need to do the following:
- Activate the application. You can create and execute an activation task using the Administration Console or Kaspersky Security Center Web Console, as well as distribute the license key to the devices from the Kaspersky Security Center key storage.
- Update application databases and modules using the Administration Console or Kaspersky Security Center Web Console. You can use the Update task, which is created automatically by the initial configuration wizard of Kaspersky Security Center after installing the MMC administration plug-in or the Kaspersky Endpoint Security web administration plug-in.
Kaspersky Endpoint Security protects the device only after the application databases are updated.
- Configure a policyfor centralized management of the application using Kaspersky Security Center Administration Console or Web Console. You can use a policy that is created automatically by the initial configuration wizard of Kaspersky Security Center after installing the administration MMC plug-in or the Kaspersky Endpoint Security administration web plug-in.
A policy determines the application settings and manages the access to configuration of an application installed on devices within an administration group. An individual policy must be created for each application. You can create an unlimited number of various policies for applications installed on the devices in each administration group, but only one policy can be applied to each application at a time within an administration group.
You can also configure the application management tasks using the Administration Console or the Web Console.
Light Agent mode
If you plan to use Kaspersky Endpoint Security in Light Agent mode to protect virtual environments, after deploying the application, perform the following actions:
- Configure SVM detection settings for Light Agents. To do this, you need to create and configure a policy for centralized application management on client devices. You can use the Administration Console or the Web Console to work with policies.
You need to configure the following settings in the policy:
- Settings for connecting Light Agents to the Integration Server.
- Settings for connecting Light Agents to SVMs.
- Make sure that a connection is established between Light Agents and the SVMs and the Integration Server.
You can obtain information about the connection by using Kaspersky Endpoint Security commands on the protected virtual machine:
- You can view information about connecting to SVMs using the
kesl-control [-V] --svm-infocommand. - You can view information about connecting to the Integration Server using the
kesl-control [-V] --viis-infocommand.
- You can view information about connecting to SVMs using the
- Make sure that Kaspersky Endpoint Security used as a Light Agent receives information about the license under which Kaspersky Hybrid Cloud Security for Virtualization Light Agent is activated.
After activating the solution on SVMs and connecting Light Agents to the SVMs, the Protection Server component sends license information to Light Agents. Information about the license used by Kaspersky Endpoint Security as part of the solution can be viewed on the protected virtual machine using the
kesl-control -L --querycommand. - Make sure that database updates required for Light Agent to operate are installed on the protected virtual machines.
Databases on protected virtual machines are updated using a special Update task, in which a folder on the SVM is specified as the update source. The update task starts automatically.
You can check how up-to-date the databases are on a protected virtual machine with Light Agent by using the
kesl-control --app-infocommand.You can also configure the application management tasks using the Administration Console or the Web Console.
Article ID: 202127, Last review: Mar 26, 2025