Contents
Using Kaspersky Security Network
The KSN functionality may not be available in the application in the territory of the USA.
To increase the protection of devices and user data, Kaspersky Embedded Systems Security can use Kaspersky's cloud-based knowledge base, Kaspersky Security Network (KSN), to check the reputation of files, Internet resources, and software. Using Kaspersky Security Network data ensures a faster response to various threats, high protection component performance, and fewer false positives.
Use of Kaspersky Security Network is voluntary. You can start or stop using KSN at any time.
Kaspersky Security Network infrastructure solutions
Kaspersky Embedded Systems Security supports the following infrastructure solutions to work with Kaspersky's reputation databases:
- Kaspersky Security Network (KSN) – A solution that receives information from Kaspersky and sends data about objects detected on user devices to Kaspersky for additional verification by Kaspersky analysts and to add to reputation and statistical databases.
- Kaspersky Private Security Network (KPSN) – A solution that allows users of devices with Kaspersky Embedded Systems Security installed to access the reputation databases of Kaspersky, as well as other statistical data, without sending data to Kaspersky from their devices. KPSN is designed for corporate clients who can't use Kaspersky Security Network, for example, for the following reasons:
- No connection of local workplaces to the Internet
- Legal prohibition or corporate security restrictions on sending any data outside the country or the organization's local network
To use KPSN after activating a new application license, inform the service provider about the new license key. Otherwise, an authentication error will prevent data exchange with KPSN.
Kaspersky Security Network usage options:
There are two options for using KSN:
- Extended KSN mode – you can receive information from the Kaspersky knowledge base, while Kaspersky Embedded Systems Security automatically sends statistical information to Kaspersky Security Network that it obtained during its operation. The application can also send to Kaspersky for additional scanning certain files (or parts of files) that intruders can use to harm the device or data.
- Basic KSN mode – you can receive information from the Kaspersky knowledge base, but Kaspersky Embedded Systems Security does not send anonymous statistics and data about the types and sources of threats.
You can select a different Kaspersky Security Network usage option at any time.
No personal data is collected, processed, or stored. Detailed information about the storage, and destruction, and/or submission to Kaspersky of statistical information generated during participation in KSN is available in the Kaspersky Security Network Statement and on Kaspersky's website. The file with the text of the Kaspersky Security Network Statement is included in the application distribution kit.
Cloud mode for Kaspersky Embedded Systems Security
Cloud mode is an operating mode of Kaspersky Embedded Systems Security that uses a lightweight version of the malware databases. This lets you reduce the load on device memory.
Kaspersky Security Network facilitates the application's use of the lightweight malware databases.
If you use KSN with the application, you can enable cloud mode for the application.
Kaspersky Embedded Systems Security switches to using a lightweight version of the malware databases after enabling cloud mode and performing the latest update of the application databases and modules. If cloud mode is disabled, Kaspersky Embedded Systems Security downloads the full version of the application databases from Kaspersky servers during the next update of application databases and modules.
If you are not using KSN or cloud mode is disabled, Kaspersky Embedded Systems Security uses the full version of the application databases.
Cloud mode is disabled automatically if use of KSN is disabled.
Using the KSN Proxy service
User devices managed by Administration Server can communicate with KSN directly or via the KSN Proxy service.
A KSN proxy server provides the following capabilities:
- The user's device can query KSN and submit information to KSN, even without direct access to the Internet.
- A KSN proxy server caches processed data, thereby reducing the load on the external network connection and speeding up receipt of the information that is requested by the user's device.
The KSN proxy server settings can be configured in the Administration Server properties. For details about the KSN proxy server, refer to the Kaspersky Security Center Help.
Configuring the use of Kaspersky Security Network in the Web Console
In the Web Console, you can configure the use of Kaspersky Security Network in Kaspersky Embedded Systems Security in the policy properties (Application settings → Advanced Threat Protection → Kaspersky Security Network).
You can read the text of the Kaspersky Security Network Statement in the Kaspersky Security Network Statement window, which can be opened by clicking the Kaspersky Security Network Statement link.
Kaspersky Security Center displays information about the availability of KSN via the client device status (OK, Critical, Warning) in the list of managed devices on the Assets (Devices) tab.
Kaspersky Security Network settings
Setting |
Description |
|---|---|
Do not use KSN |
By selecting this option, you decline to use Kaspersky Security Network. |
Extended KSN mode |
By selecting this option, you accept the terms of using Kaspersky Security Network. You will be able to receive information from Kaspersky's online knowledge base about the reputation of files, web resources, and software. Also, anonymous statistics and information about the types and sources of various threats will be sent to Kaspersky to improve Kaspersky Security Network. |
Basic KSN mode |
By selecting this option, you accept the terms of using Kaspersky Security Network. You will be able to receive information from Kaspersky online knowledge base about the reputation of files, web resources, and software. |
Enable cloud mode |
The check box enables or disables the operating mode in which Kaspersky Embedded Systems Security uses a lightweight version of the malware databases. The check box is available if use of KSN is enabled. The check box is selected if, when creating a policy, you accepted the terms of the Kaspersky Security Network Statement and are using KSN in extended mode. The mode is enabled or disabled after the next application database update. |
Use KSN servers when KSN Proxy is not available |
The check box enables or disables the ability to communicate with KSN servers directly when the KSN Proxy service is unavailable. The check box is selected by default. |
Kaspersky Security Network Statement |
This link opens the Kaspersky Security Network Statement window, where you can read the text of the Kaspersky Security Network Statement. |
Kaspersky Security Network Statement
In this window, you can read the text of the Kaspersky Security Network Statement and accept its terms and conditions.
Kaspersky Security Network settings
Setting |
Description |
|---|---|
I confirm that I have fully read, understand, and accept the terms and conditions of the Kaspersky Security Network Statement |
By selecting this option, you confirm that you want to use the Kaspersky Security Network, and you have fully read, understood, and accept the terms and conditions of the Kaspersky Security Network Statement that is displayed. |
I do not accept the terms and conditions of the Kaspersky Security Network Statement |
By selecting this option, you confirm that you do not want to use Kaspersky Security Network. |
Kaspersky Private Security Network Statement
In this window, you can read the text of the Kaspersky Private Security Network Statement and accept its terms and conditions.
Kaspersky Security Network settings
Setting |
Description |
|---|---|
I confirm that I have fully read, understand, and accept the terms and conditions of the Kaspersky Security Network Statement |
By selecting this option, you confirm that you want to participate in the Kaspersky Security Network, and you have fully read, understood, and accept the terms and conditions of the Kaspersky Private Security Network Statement that is displayed. |
I do not accept the terms and conditions of the Kaspersky Security Network Statement |
By selecting this option, you confirm that you do not want to use Kaspersky Security Network. |
Configuring the use of Kaspersky Security Network in the Administration Console
In the Administration Console, you can configure the use of Kaspersky Security Network in Kaspersky Embedded Systems Security in the policy properties (Advanced Threat Protection → Kaspersky Security Network).
You can read the text of the Kaspersky Security Network Statement in the Kaspersky Security Network Statement window, which can be opened by clicking the Kaspersky Security Network Statement link.
Kaspersky Security Center displays information about the availability of KSN via the client device status (OK, Critical, Warning) in the list of managed devices on the Devices tab.
Kaspersky Security Network settings
Setting |
Description |
|---|---|
Kaspersky Security Network Statement |
Clicking this link opens the Kaspersky Security Network Statement window. In this window, you can read the text of the Kaspersky Security Network Statement. |
Kaspersky Security Network (KSN) |
This section displays information about the KSN mode or indicates that KSN is not used by Kaspersky Embedded Systems Security. The Edit button opens a window where you can configure the use of Kaspersky Security Network. |
Enable cloud mode |
The check box enables or disables the operating mode in which Kaspersky Embedded Systems Security uses a lightweight version of the malware databases. The check box is available if use of KSN is enabled. The check box is selected if, when creating a policy, you accepted the terms of the Kaspersky Security Network Statement and are using KSN in extended mode. The mode is enabled or disabled after the next application database update. |
Use KSN servers when KSN Proxy is not available |
The check box enables or disables the ability to communicate with KSN servers directly when the KSN Proxy service is unavailable. The check box is selected by default. |
Kaspersky Security Network settings
In this window, you can configure Kaspersky Security Network participation settings.
Kaspersky Security Network settings
Setting |
Description |
|---|---|
More info |
Clicking this link opens the Kaspersky website. |
Do not use Kaspersky Security Network |
By selecting this option, you decline to use Kaspersky Security Network. |
Basic KSN mode |
By selecting this option, you accept the terms of using Kaspersky Security Network. You will be able to receive information from Kaspersky's online knowledge base about the reputation of files, web resources, and software. |
Extended KSN mode |
By selecting this option, you accept the terms of using Kaspersky Security Network. You will be able to receive information from Kaspersky's online knowledge base about the reputation of files, web resources, and software. Also, anonymous statistics and information about the types and sources of various threats will be sent to Kaspersky to improve Kaspersky Security Network. |
Kaspersky Security Network Statement |
This link opens the Kaspersky Security Network Statement window, where you can read the text of the Kaspersky Security Network Statement. |
Kaspersky Security Network Statement
In this window, you can read the text of the Kaspersky Security Network Statement and accept its terms and conditions.
Kaspersky Security Network settings
Setting |
Description |
|---|---|
I confirm that I have fully read, understand, and accept the terms and conditions of the Kaspersky Security Network Statement |
By selecting this option, you confirm that you want to use the Kaspersky Security Network, and you have fully read, understood, and accept the terms and conditions of the Kaspersky Security Network Statement that is displayed. This option is available if you selected the Basic KSN mode or Extended KSN mode option in the Kaspersky Security Network settings window. |
I do not accept the terms and conditions of the Kaspersky Security Network Statement |
By selecting this option, you confirm that you do not want to use Kaspersky Security Network. This option is available if you selected the Basic KSN mode or Extended KSN mode option in the Kaspersky Security Network settings window. |
Kaspersky Private Security Network Statement
In this window, you can read the text of the Kaspersky Private Security Network Statement and accept its terms and conditions.
Kaspersky Security Network settings
Setting |
Description |
|---|---|
I confirm that I have fully read, understand, and accept the terms and conditions of the Kaspersky Security Network Statement |
By selecting this option, you confirm that you want to participate in the Kaspersky Security Network, and you have fully read, understood, and accept the terms and conditions of the Kaspersky Private Security Network Statement that is displayed. |
I do not accept the terms and conditions of the Kaspersky Security Network Statement |
By selecting this option, you confirm that you do not want to use Kaspersky Security Network. |
Configuring the use of Kaspersky Security Network in the command line
You can enable or disable the use of Kaspersky Security Network in the command line by using the UseKSN option in the general application settings.
You can change the value of UseKSN with the help of command line switches or a configuration file that contains all general application settings.
To enable the use of Kaspersky Security Network with the help of command line switches, run:
kess-control --set-app-settings UseKSN=<Extended/Basic> --accept-ksn
where:
<Extended/Basic>: Kaspersky Security Network mode.--accept-ksn: an option signifying that you agree to the terms in the Kaspersky Security Network Statement. You confirm that you have fully read, understand, and accept the terms and conditions of the Kaspersky Security Network Statement.
The file ksn_license.<language ID> containing the text of the Kaspersky Security Network Statement is located in the directory /opt/kaspersky/kess/doc/.
To disable the use of Kaspersky Security Network with the help of command line switches, run:
kess-control --set-app-settings UseKSN=No
To enable or disable use of Kaspersky Security Network with a configuration file, execute the following command:
kess-control --set-app-settings --file <configuration file name> [--json] [--accept-ksn]
where:
--file <configuration file path>is the full path to the configuration file with the general application settings where the requiredUseKSNvalue is configured.--json: specify this option if you are importing settings from a configuration file in JSON format. If the--jsonoption is not specified, the application attempts to import from an INI file. If the import fails, an error is displayed.--accept-ksn: an option signifying that you agree to the terms in the Kaspersky Security Network Statement. You must specify the option if you are enabling the use of Kaspersky Security Network.
If Kaspersky Embedded Systems Security installed on a client device runs under a policy that was assigned in Kaspersky Security Center, the value of the UseKSN setting can only be modified by using Kaspersky Security Center. When Kaspersky Embedded Systems Security installed on a client device stops running under a policy, the following value is assigned to the setting: UseKSN=No.
Checking the connection to Kaspersky Security Network using the command line
To check the connection to Kaspersky Security Network, run the following command:
kess-control --app-info
The Using Kaspersky Security Network line displays the status of the connection to Kaspersky Security Network:
- If
Extended KSN modeis displayed, Kaspersky Embedded Systems Security uses Kaspersky Security Network, information can be obtained from the knowledge base, and anonymous statistics and information about the types and sources of threats are sent. - If
Basic KSN modeis displayed, Kaspersky Embedded Systems Security uses Kaspersky Security Network and information can be obtained from the knowledge base, but anonymous statistics and information about the types and sources of threats are not sent. - If the status is
Disabled, Kaspersky Embedded Systems Security does not use Kaspersky Security Network.
The Kaspersky Security Network Infrastructure line displays information about the infrastructure solution that is used to work with Kaspersky reputation databases: Kaspersky Security Network or Kaspersky Private Security Network.
A connection to Kaspersky Security Network may be absent for the following reasons:
- The user device is not connected to the internet.
- The use of Kaspersky Security Network is disabled.
- The application has not been activated or the license has expired.
- Problems related to the license key are detected. For example, the key is in the denylist.
Enabling and disabling cloud mode from the command line
Cloud mode is an operating mode of Kaspersky Embedded Systems Security that uses a lightweight version of the malware databases.
You can enable or disable cloud mode in the command line with the help of the CloudMode=Yes/No option in the general application settings.
You can change the value of CloudMode using a configuration file that contains all general application settings or with command line options.
Cloud mode is available if use of Kaspersky Security Network is enabled.