Application licensing

This section contains information about the basic concepts associated with licensing Kaspersky applications, as well as information about the specifics of activating the Kaspersky Embedded Systems Security application.

After activating the application, we recommend monitoring the license validity period in order to renew the license in a timely manner when necessary. You can use Kaspersky Security Center or the command line on a protected device to view information about license keys used by Kaspersky Embedded Systems Security.

About the End User License Agreement

The End User License Agreement is a binding agreement between you and AO Kaspersky Lab, stipulating the terms on which you may use the application.

Read through the terms of the End User License Agreement carefully before you start using the application.

You can review the terms of the End User License Agreement for the Kaspersky Embedded Systems Security solution and the Privacy Policy, which describes the processing and transmission of data, in the following ways:

• By reading the text in the license.<language ID> file. This file is included in the application distribution kit.
• During Kaspersky Embedded Systems Security installation.

  By confirming your consent to the text of the End User License Agreement and Privacy Policy when creating the application installation package (if installed using Kaspersky Security Center) or during the initial application configuration (if installing using the command line), you accept the terms of the End User License Agreement and Privacy Policy If you do not accept the terms of the End User License Agreement or Privacy Policy, you must cancel the installation of the application and may not use the application.

• After installing the Kaspersky Embedded Systems Security.

  After the application is installed, the files containing the text of the Kaspersky Embedded Systems Security End User License Agreement and the Privacy Policy are located on the protected device in the /opt/kaspersky/kess/doc/license.<language ID> folder.

Page top

About the license

License is a time-limited right to use Kaspersky Embedded Systems Security, granted under the End User License Agreement.

The list of available functions and the validity period of the application depend on the license under which the application is used.

The following license types are provided:

• Trial – a free license intended for trying out the application.

  Trial licenses have a short validity period. When the trial license expires, all Kaspersky Embedded Systems Security features become disabled. To continue using the application, you need to purchase a commercial license.

  You can use the application under a trial license for only one trial period.

• Commercial is a paid license.

  The main functions of the application stop working when a commercial license expires. To continue using Kaspersky Embedded Systems Security, you need to renew the commercial license. After the license expires, you can no longer use the application and must uninstall it from the device.

  It is recommended to renew the license before its expiration date to ensure continued protection of your device against security threats.

Page top

About the license certificate

The License Certificate is a document provided together with the key file or activation code.

A license certificate contains the following information about the license provided:

• License key or order number
• Information about the license user
• Information about the application that can be activated under the provided license
• Restrictions on the number of licensing units (for example, devices on which the application can be used under the license)
• License validity start date
• License expiration date or validity period
• License type

About the license key

The license key is a sequence of bits that can be used to activate the application for further usage in accordance with the terms of the End User License Agreement. License key is generated by Kaspersky experts.

You can add a license key to the application using one of the following methods: by applying a key file or by entering an activation code. After you add a key to the application, the license key is displayed in the application interface as a unique alphanumeric sequence.

The license key may be blocked by Kaspersky, if the terms of the End User License Agreement are violated. If the license key is blocked, add another license key for proper application operation.

A license key may be active or reserve.

Active license key is currently used to run the application. A license key for a trial or commercial license can be added as the active key. The application cannot have more than one active license key.

Reserve license key is a license key that entitles the user to use the application, but is not currently in use. The reserve license key automatically becomes active when the license associated with the current active license key expires. A reserve license key can be added only if an active license key is already added.

A trial license key can only be added as an active license key. A trial license key cannot be added as a reserve license key.

Page top

About the activation code

An activation code is a unique sequence of twenty Latin letters and numbers. You have to enter an activation code in order to add a license key for activating Kaspersky Embedded Systems Security. You receive the activation code at the email address that you provided when you bought Kaspersky Embedded Systems Security or requested the trial version of Kaspersky Embedded Systems Security.

To activate the application with an activation code, you need Internet access in order to connect to Kaspersky activation servers.

If you lost your activation code after activating the application, contact the Kaspersky partner from whom you purchased the license.

About the key file

A key file is a file with the .key extension that you receive from Kaspersky. Key files are intended to add a license key for activating the application.

You receive a key file at the email address that you provided when you bought Kaspersky Embedded Systems Security or ordered the trial version of Kaspersky Embedded Systems Security.

You do not need to connect to Kaspersky activation servers in order to activate the application with a key file.

You can restore a key file if it has been accidentally deleted. You may need a key file to register a Kaspersky CompanyAccount, for example.

To restore your key file, perform any of the following actions:

• Contact the license seller.
• Get the key file on the Kaspersky website when you have an activation code.

About subscription

Subscription for Kaspersky Embedded Systems Security is a purchase order for the application with specific settings (subscription expiry date, number of devices protected). You can order a subscription for Kaspersky Embedded Systems Security from your service provider (such as your internet service provider). You can renew or cancel your subscription. You can manage your subscription on the website of the service provider.

Subscription can be limited (for one year, for example) or unlimited (without an expiry date). To continue using the application after the limited subscription expires, you need to renew your subscription. Unlimited subscription is renewed automatically if the vendor's services have been prepaid on time.

Upon a limited subscription's expiry, you may be offered a grace period to renew the subscription. During this period the application retains its functionality. The service provider decides whether or not to grant a grace period and, if so, determines the duration of the grace period.

The set of options for managing your subscription may vary depending on your service provider. The service provider might not provide a grace period for renewing the subscription where the application retains its functionality.

To use Kaspersky Embedded Systems Security under a subscription, you need to use the activation code received from the service provider. After you apply the activation code, an active key corresponding to the license to use the application under subscription is added to the application. A reserve key can only be added when you use an activation code and cannot be added for a key file or subscription.

Activation codes purchased under subscription may not be used to activate previous versions of Kaspersky Embedded Systems Security.

Application activation and license key management

Activation is the process of activating a license that allows you to use a fully functional version of the application until the license expires.

To activate the Kaspersky Embedded Systems Security application on a protected device, you need to add a main license key to the application.

If you did not activate the Kaspersky Embedded Systems Security application during installation (by adding a key to the installation package or by running the initial configuration script), you need to activate the installed application in one of the following ways:

• Remotely, using Kaspersky Security Center:
  • Using the Add key task.
  • By distributing a license key stored on the Administration Server to the client devices.
• On the command line using administration commands.

You can also add a reserve key to the application. A reserve key becomes active when the license associated with the active key expires or when the active key is deleted. Availability of a reserve key allows you to avoid application functionality limitation when your license expires.

A reserve license key can be added only after adding an active license key.

You can view information about license keys remotely added to the application using Kaspersky Security Center or the command line on a protected device.

You can also use the graphical user interface to activate the application and manage license keys.

Activating the application using Kaspersky Security Center

You can add license keys to the application through Kaspersky Security Center in the following ways:

• Using the Add key task.

  This method allows you to add a license key to a specific device or the devices included in an administration group. When creating a task, it uses the key that is added to the Kaspersky Security Center key store. You can add a license key to the key store in advance or when creating the activation task.

• By distributing a license key stored on Kaspersky Security Center Administration Server to the client devices.

  This method lets you automatically add a key to the client devices that are already connected to Kaspersky Security Center, and to new client devices. To use this method, first add the key to the Kaspersky Security Center key store.

You can use the Kaspersky Security Center Web Console or Kaspersky Security Center Administration Console to create tasks for adding a key to the application, adding a key to the key store, and distributing the key to the client devices.

Adding keys using the Kaspersky Security Center Web Console.

To add a key to Kaspersky Security Center key storage using the Web Console:

1. In the Web Console main window, select Operations → Kaspersky Licenses.
2. Click Add.
3. In the window that opens, select how to add the key to the repository:
   • Enter the activation code to add a key using an activation code.
   • Add a key file to add a key using a key file.
4. Depending on the key adding method you selected at the previous step, do one of the following:
   • Enter the activation code and click Submit.
   • Click the Select key file button and in the window that opens, select a file with the .key extension.
5. Click Close.

The added key will appear in the list of keys.

To add a key to the application via the Web Console using the Add key task:

1. In the main window of the Web Console, select Assets (Devices) → Tasks.

   The list of tasks opens.

2. Click Add.

   The Task Wizard starts.

3. Configure the task settings:
   1. In the Application drop-down list, select the application name: Kaspersky Embedded Systems Security.
   2. In the Task type drop-down list, select Add Key.
   3. In the Task name field, enter a brief description, such as Activation of Kaspersky Embedded Systems Security.
   4. In the Devices to which the task will be assigned section, select the task scope. Click Next.
4. Select devices according to the selected task scope option. Click Next.

   The Kaspersky Security Center key storage window opens.

5. If you have previously added a key to Kaspersky Security Center key storage, select the key from in the list and click Next.
6. If the required key cannot be found in the key storage, click the Add key button.
   1. In the window that opens, select how to add the key to the repository:
      • Enter the activation code to add a key using an activation code.
      • Add a key file to add a key using a key file.
   2. Depending on the key adding method you selected at the previous step, do one of the following:
      • Enter the activation code and click Submit.
      • Click the Select key file button and in the window that opens, select a file with the .key extension.
   3. Read the information about the key and click Close.
   4. The added key will appear in the list of keys. Select it from the list and click Next.
7. Read the information about the license and click Next.
8. Complete the wizard.

   A new task will be displayed in the list of tasks.

9. Select the check box next to the task. Click the Start button.

In the properties of the Add key task, you can add a reserve key to the application. A reserve key becomes active when the license associated with the active key expires or when the active key is deleted. Availability of a reserve key allows you to avoid application functionality limitation when your license expires.

If you are adding a reserve key but no active key has been added to the application yet, the task ends with an error.

To add a key using the Web Console by distributing a key stored on the Administration Server to the devices:

1. In the Web Console main window, select Operations → Kaspersky Licenses.
2. Open the key properties using the link with the name of the application for that the key is intended to.
3. On the General tab, select the Automatically distribute a license key to managed devices check box.
4. Click Save.

The license key is automatically distributed to the appropriate client devices.

A new license key is added to a device only if the application has not yet been activated on the device or if the license expires in less than 14 days.

During the automatic distribution of a key as an active or a reserve key, the licensing limit on the number of devices (set in the key properties) is taken into account. If the licensing limit is reached, distribution of this key to the devices stops automatically. You can view the number of devices to which the key has been added and other information in the key properties on the Devices tab.

Special considerations for the activation process in Kaspersky Security Center Cloud Console

A trial version is provided for the Kaspersky Security Center Cloud Console. The trial version is a special version of Kaspersky Security Center Cloud Console designed to familiarize a user with the features of Cloud Console. In this version, you can perform actions in a workspace for a period of 30 days. All managed applications, including Kaspersky Embedded Systems Security, are automatically activated under Kaspersky Security Center Cloud Console trial license. However, you cannot activate Kaspersky Embedded Systems Security using its own trial license when the trial license for the Cloud Console expires. For more details about Cloud Console, please refer to Kaspersky Security Center Cloud Console documentation.

The trial version of Kaspersky Security Center Cloud Console does not allow you to subsequently switch to a commercial version. Any trial workspace will be automatically deleted with all its contents after the 30-day period expires.

License key management in the command line

To manage license keys on a device, you can use license key management commands.

To add an active license key to the application, run the following command:

kess-control [-L] --add-active-key <path to the key file> / <activation code>

where:

• <path to the key file> – path to the key file. If the key file is located in the current directory, it is sufficient to specify only the file name.
• <activation code> – activation code.

To add a reserve license key to the application, run the following command:

kess-control [-L] --add-reserve-key <path to the key file> / <activation code>

If an active key has not yet been added to the application on the device, the command fails.

To remove an active key, run the following command:

kess-control [-L] --remove-active-key

To remove a reserve key, run the following command:

kess-control [-L] --remove-reserve-key

Viewing information about used license keys

You can view information about the license keys being used by Kaspersky Embedded Systems Security in the following ways:

• In Kaspersky Security Center, in the properties of the Add key task.

  In the properties of the Add key task, you can find information about the key that this task adds to the application.

• In Kaspersky Security Center, in the properties of the relevant Kaspersky application installed on the client device.

  In the properties of the Kaspersky Embedded Systems Security application on the protected device, you can find information about the active and reserve keys added to the application on this device. You can view the properties of the application using the Web Console as well as the Administration Console.

• In Kaspersky Security Center, in the license key usage report.

  You can view the license key usage report using the Web Console (Monitoring & reporting → Reports), as well as the Administration Console (Reports tab). To view the report, you need to select the "Report on usage of license keys" template in the list of reports and start generating the report.

• In Kaspersky Security Center, in the Kaspersky Security Center license key store.

  You can open the key store using the Web Console (Operations → Kaspersky licenses) or using the Administration Console (Kaspersky licenses folder). The store displays information about all keys added to Kaspersky Security Center Administration Server.

• On a device with Kaspersky Embedded Systems Security installed. You can view information about the license used by the Kaspersky Embedded Systems Security application on the command line.

You can also use notifications about Kaspersky Security Center events to get information about the used license keys and the licenses associated with them. The application sends information about expired licenses and license violations to the Kaspersky Security Center Administration Server.

If you use Kaspersky Security Center to manage the application, by default, information about license keys being added and removed and about license term expiration is recorded in the operating system log.

Viewing information about license keys on a device using the Web Console

To view information about license keys added to the device in the Web Console:

1. In the main window of the Web Console, select Assets (Devices) → Managed devices.

   The list of managed devices opens.

2. Select the administration group containing the necessary device. To do so, click the link in the Current path field above the list of managed devices and select an administration group in the window that opens.

   The list displays only the managed devices for the selected administration group.

3. In the list, find the device for which you want to view information and click the device name.
4. This opens a managed device properties window; in that window, go to the Applications tab.
5. In the list of applications installed on the device, click the name of the Kaspersky Embedded Systems Security 3.4 for Linux application.
6. This opens the Kaspersky Embedded Systems Security 3.4 for Linux window; in that window, open the General tab, Licenses section.

   This section displays information about license keys added to the application and the licenses associated with these keys.

   • License key status is the status of the key: active or reserve.
   • Application name is the name of the license associated with the key and information about this license.
   • License key is the license key, a unique alphanumeric sequence.
   • License type can be trial, commercial, or subscription.
   • Activation date is the date when this key was added.
   • Expiration date is the date when your right to use the application activated with the current key expires.

Viewing information about license keys on a device using the Administration Console

To view information about the license keys added to the device in Kaspersky Security Center Administration Console:

1. In the Kaspersky Security Center Administration Console tree, in the Managed devices folder, select the administration group containing the required device.
2. In the workspace, select the Devices tab.
3. In the list of managed devices, select the required device and double-click it to open the Properties: <Task name> window.
4. In the window that opens with the properties of the managed device, select the Applications section.

   The right part of the window displays a list of Kaspersky applications installed on the device.

5. Select Kaspersky Embedded Systems Security 3.4 for Linux and double-click it to open the application properties window. Alternatively, you can click the Properties button in the lower part of the window.
6. This opens the Kaspersky Embedded Systems Security 3.4 for Linux settings window; in that window, go to the License keys section.

   This section contains information about the active and reserve license keys:

   • Serial number – unique alphanumeric sequence.
   • Status – The status of the license key, e.g. active or reserve.
   • Type: type of license (commercial or trial).
   • License validity period — Number of days during which you can use the application activated with this key.
   • License limit — Number of devices on which you can use the key.
   • Activation date (this field is only available for the active key): date when the active key was added.
   • License expiration date (this field is only available for the active key): date when the application can no longer be used with the current active key.

Viewing information about the license and the key in the command line

In the command line, using the -L --query command, you can view information about the active and reserve license keys added to the application, and about the license under which the application has been activated.

To view information about the license keys and license on the device, run the following command:

kess-control -L --query [--json]

where --json: output data in JSON format. If the --json option is not specified, the settings are output in the INI format.

As a result of the command execution, the following information will be displayed in the console:

• Information about the active license key, if this key has been added:
  • Date and time when the license for using the application expires.
  • Number of days before the end of the license term.
  • Information about the limitation of protection functions.
  • Information about the limitation of the function for updating application databases.
  • Information about the status of the license key.
  • The type of license associated with the key.
  • Licensing limitation of the key (the number of licensing units).
  • Name of the application that the key is intended to activate.
  • Active license key (unique alphanumeric sequence).
  • Activation date.
• Information about the reserve license key, if a reserve key has been added.
  • Date and time when the license for using the application expires.
  • Information about the limitation of protection functions.
  • Information about the limitation of the function for updating application databases.
  • Information about the status of the license key.
  • The type of license associated with the key.
  • Licensing limitation of the key (the number of licensing units).
  • Name of the application that the key is intended to activate.
  • Reserve license key (unique alphanumeric sequence).
  • Date and time when the license associated with the active key expires, in UTC.

You can also get information about the license under which the application is being used when viewing information about the operation of the application using the kess-control --app-info command.