Contents
Installing and updating Kaspersky Thin Client
The Kaspersky Thin Client installation procedure depends on the delivery format:
- A partner delivers a hardware platform with Kaspersky Thin Client pre-installed. In that case, installation of Kaspersky Thin Client on the hardware platform is done by TONK.
- Kaspersky Thin Client is delivered without a hardware platform (thin client). In this case, the software platform is installed according to the instructions provided in this section.
Preparing for installation
Prior to installing Kaspersky Thin Client, do the following:
- Prepare a bootable USB drive containing the Linux Ubuntu operating system (recommended version: Ubuntu 20.04).
- Copy the Kaspersky Thin Client installation files received in the distribution kit to a separate partition on the bootable USB drive or to a separate USB drive:
- KTC_uboot_<version number>.tar.gz—boot package.
- Kaspersky_Thin_Client_<version number>.tar.gz—installation image.
- hw_install.sh—Kaspersky Thin Client installation script.
To ensure security prior to installation of Kaspersky Thin Client, we recommend updating the BIOS on the thin client to the latest version, setting a password for BIOS configuration changes, and configuring the option to boot only from a local SSD device. These recommended measures will help prevent potential security risks, such as operating system substitution, replacement or deletion of remote server connection certificates, and unauthorized access to operating system settings.
Page topInstalling Kaspersky Thin Client
To install Kaspersky Thin Client on a thin client:
- Insert the prepared bootable USB drive into the appropriate port on the thin client.
- Turn on the thin client and boot the Ubuntu image from the bootable USB drive without installing the system on the thin client hard drive.
- After the operating system loads, go to the directory containing the Kaspersky Thin Client installation files.
- Run the following command using an account with root privileges:
sudo ./hw_install.sh –b KTC_uboot_<version number>.tar.gz –u Kaspersky_Thin_Client_<version number>.tar.gz
where:
./hw_install.sh
—path to the installation script.KTC_uboot_<version number>.tar.gz
—boot package.Kaspersky_Thin_Client_<version number>.tar.gz
—installation image.
The Installed OK! Remove USB drive and reboot message is displayed after successful installation.
- Turn off the thin client and extract the bootable USB drive.
The Kaspersky Thin Client system will be loaded the next time you turn on the thin client.
You can check the current OS version number in the Kaspersky Thin Client interface.
Page topUpdating Kaspersky Thin Client
To update Kaspersky Thin Client to version 2.0, you must obtain an archive containing the database updates from Kaspersky experts. Upload the obtained archive to the Kaspersky Security Center Web Console (hereinafter also referred to as Web Console), and then create, configure, and run a task to download updates to the Kaspersky Security Center Administration Server (hereinafter also referred to as Server) repository in the Web Console interface.
Kaspersky Thin Client can be updated only if the thin client is connected to Kaspersky Security Center.
One Kaspersky Security Center Administration Server can have only one active update task with one priority update source. For this reason, you are advised to use a separate Server for managing thin clients so that you can receive critical security patches from Kaspersky update servers.
To update Kaspersky Thin Client on the thin client using the Kaspersky Security Center Web Console:
- On the Kaspersky Security Center Server, unpack the archive containing the update databases received from Kaspersky experts.
- Grant all users in the system full access rights to the unpacked folder by performing the following actions:
- Right-click the unpacked folder and select Properties.
- In the menu that opens, select the Security tab and click Edit.
- In the window that opens, click Add, then select Advanced and in the window that opens, click Find now.
- In the list that appears, select the Everyone group and click OK, then click OK once again in the window that opens.
The Security tab appears, and the Everyone group appears in the Group or user names list.
- In the Permissions for Everyone section, select the check boxes for all parameters in the Allow column.
- Click OK and then click OK once again in the window that opens.
- Launch the Web Console and select the Devices section, then go to the Tasks tab.
- If the task Download updates to the Administration Server repository is available in the list, proceed to the next step of the instructions. If it is not available, add it by doing the following:
- On the Tasks tab, click Add.
- In the window that opens, in the Task type drop-down list, select Download updates to the Administration Server repository and click Next.
- Click Finish to complete creating the task.
- Select the Download updates to the Administration Server repository task and in the window that opens, go to the Application settings tab.
- In the Sources of updates group of settings, select the check box next to the Kaspersky update servers source and click Delete.
- In the same group of settings, click Add, then in the list that appears, select Local or network folder and specify the full path to the folder with the update files.
- Click Save to complete changing the update source.
- Go to the Schedule tab, then select the necessary value from the Scheduled start drop-down list.
Configure the other settings on this tab if necessary.
- Click Save to complete configuring the task.
- In the list of tasks, select the check box next to the Download updates to the Administration Server repository task and click Run.
The task execution starts. You can track the task progress in the task list, in the Status column.
- To view the result of a task for individual devices:
- In the task list, select Download updates to the Administration Server repository, and in the window that opens, go to the Results tab.
- To view detailed information about the task execution on a device, select the check box next to the required device and click Device history.
- After the update download task finishes, accept the End User License Agreement and approve the download of updates to the thin clients by completing the following steps:
- In the Web Console, go to Operations → Kaspersky applications and select Seamless updates from the drop-down list.
- In the list of updates that appears, click You must accept EULA next to the required update, and in the window that opens, read the text of the End User License Agreement.
- If you agree to the terms in the agreement, accept it by selecting the The terms and conditions of this EULA check box and confirming your choice. If you do not agree with the terms in the End User License Agreement and do not accept these, you will not be able to download updates to thin clients.
- In the list of updates, click the update name, and in the Update approval status section that appears, select Approved and confirm your choice.
For detailed information about approving update downloads, refer to Approving and declining software updates in the Kaspersky Security Center Online Help.
The update download request will be approved.
Once the request is approved, the updates are downloaded to thin clients connected to Kaspersky Security Center, including those not included in the
or managed devices groups.Detailed information on how to receive and install updates on thin clients is provided in a separate article.
Page top