Kaspersky Next XDR Expert
1.2

Contents

About Kaspersky Next XDR Expert

Kaspersky Next XDR Expert (XDR) is a robust cybersecurity solution that defends your corporate IT infrastructure against sophisticated cyberthreats, including those that cannot be detected by EPP applications installed on corporate assets. It provides full visibility, correlation, and automation; and leverages a diverse range of response tools and data sources, including endpoint assets, and network and cloud data. To protect your IT infrastructure effectively, Kaspersky Next XDR Expert analyzes the data from these sources to identify threats, create alerts for potential incidents, and provide the tools to respond to them. Kaspersky XDR is backed by advanced analytics capabilities and a strong track record of security expertise.

This solution provides a unified detection and response process through integrated components and holistic scenarios in a single interface to improve the efficiency of security professionals.

The detection tools include:

  • Threat hunting tools to proactively search for threats and vulnerabilities by analyzing events.
  • Advanced threat detection and cross-correlation: real-time correlation of events from different sources, more than 350 correlation rules out-of-the-box for different scenarios with MITRE ATT&CK matrix mapping, ability to create new rules and customize existing ones, and retrospective scans for detecting zero-day vulnerabilities.
  • An investigation graph to visualize and facilitate an incident investigation and identify the root causes of the alert.
  • Use of Kaspersky Threat Intelligence Portal to get the latest detailed threat intelligence, for example, about web addresses, domains, IP addresses, file hashes, statistical and behavioral data, and WHOIS and DNS data.

The response tools include:

  • Manual response actions: asset isolation, run commands, create prevention rules, launch tasks on an asset, Kaspersky Threat Intelligence Portal reputation enrichment, and training assignments for users.
  • Playbooks, both predefined and user-created, to automate typical response operations.
  • Third-party application response actions and cross-application response scenarios.

Kaspersky Next XDR Expert also takes advantage of the Open Single Management Platform component for asset management and the centralized run of security administration and maintenance tasks:

  • Deploying Kaspersky applications on the assets in the corporate network.
  • Remotely launching scan and update tasks.
  • Obtaining detailed information about asset protection.
  • Configuring all the security components by using Kaspersky applications.

Kaspersky Next XDR Expert supports the hierarchy of tenants.

Kaspersky Next XDR Expert is integrated with Active Directory, includes APIs, and supports a wide range of integrations both with Kaspersky applications and third-party solutions for data obtaining and responding. For information about the applications and solutions that XDR supports, see the Compatible Kaspersky applications and Integration with other solutions sections.

Updates functionality (including providing anti-virus signature updates and codebase updates), as well as KSN functionality may not be available in the software in the U.S.

In this section

Hardware and software requirements

Compatible applications and solutions
Page top
[Topic 247185]

Hardware and software requirements

This article describes hardware requirements of single-node deployment scheme and multi-node deployment scheme, software requirements of Open Single Management Platform, hardware and software requirements of Kaspersky Deployment Toolkit and OSMP components.

Common requirements and considerations

100% vCPU allocation is required if you use virtualization.

For networks that exceed 40,000 devices, use secondary Administration Servers.

Make sure that the DNS server is available on the network.

Single-node deployment cannot be upgraded to multi-node deployment. Multi-node installation should be preferred If network growth is expected.

Effective device and EPS calculation

Hardware requirements may vary depending on the operating system running on endpoint devices. Use the following formula to estimate effective devices in your network:

<number of devices> = <Windows endpoints> + 3* <Linux and macOS endpoints> + 20 * <servers>

An effective device is expected to contribute 0.5 EPS (events per second) with default settings. Total EPS is calculated using the following formula:

<total EPS> = <EPS from effective devices> + <third-party EPS>

You can convert total EPS to effective devices using the following formula:

<total effective devices> = <total EPS> / 0.5

Single-node deployment: hardware requirements

Single-node deployment requires less resources (see the table below), but the following considerations should be taken into account:

  • Single-node scheme only supports up to 10,000 devices in the network.
  • The database is located on the primary worker node outside the cluster.

    In case of single-node deployment, it is strongly recommended that you first install the DBMS manually on the host that will act as a primary node. After that, you can deploy Kaspersky Next XDR Expert on the same host.

  • Additional nodes are required for KATA/KEDR.
  • To deploy the solution correctly, ensure that CPU of the target host supports the BMI, AVX, and SSE 4.2 instruction set.

    Minimum hardware requirements

    Hardware requirements for a single-node deployment scheme

    Solution

    250 devices

    1000 devices

    3000 devices

    5000 devices

    10,000 devices

    A solution that includes the following applications:

    • Open Single Management Platform
    • Kaspersky Unified Monitoring and Analysis Platform
    • Kaspersky Anti-Targeted Attack Platform / Kaspersky Endpoint Detection and Response Central Node

      Note: The requirements do not take into account hosts for KEDR services.

    1 XDR primary node:

    • CPU: 6 cores, operating frequency of 2.5 GHz
    • RAM: 27 GB
    • Available disk space: 360 GB

    1 KUMA services node:

    • CPU: 10 cores
    • RAM: 16 GB
    • Disk space: 500 GB

    1 XDR primary worker node:

    • CPU: 8 cores, operating frequency of 2.5 GHz
    • RAM: 32 GB
    • Available disk space: 400 GB

    1 KUMA services node:

    • CPU: 10 cores
    • RAM: 16 GB
    • Disk space: 600 GB

    1 XDR primary worker node:

    • CPU: 11 cores, operating frequency of 2.5 GHz
    • RAM: 38 GB
    • Available disk space: 600 GB

    1 KUMA services node:

    • CPU: 10 cores
    • RAM: 16 GB
    • Disk space: 1000 GB

    1 XDR primary worker node:

    • CPU: 15 cores, operating frequency of 2.5 GHz
    • RAM: 46 GB
    • Available disk space: 740 GB

    1 KUMA services node:

    • CPU: 10 cores
    • RAM: 16 GB
    • Disk space: 1400 GB

    1 XDR primary worker node:

    • CPU: 18 cores, operating frequency of 2.5 GHz
    • RAM: 57 GB
    • Available disk space: 1500 GB

    1 KUMA services node:

    • CPU: 10 cores
    • RAM: 16 GB
    • Disk space: 2400 GB

Multi-node deployment: hardware requirements

Multi-node deployment requires more resources (see the table below). For this scheme, the following considerations should be taken into account:

  • Multi-node cluster scheme is recommended for networks that exceed 10,000 devices.
  • The database is located on a separate host outside the cluster.
  • To deploy the solution correctly, ensure that CPUs of target hosts support the BMI/AVX instruction set.

    Minimum hardware requirements

    Hardware requirements for a multi-node deployment scheme

    Solution

    20,000 devices

    30,000 devices

    50,000 devices

    A solution that includes the following applications:

    • Open Single Management Platform
    • Kaspersky Unified Monitoring and Analysis Platform
    • Kaspersky Anti-Targeted Attack Platform / Kaspersky Endpoint Detection and Response Central Node

      Note: The requirements do not take into account hosts for KEDR services.

    12 nodes:

    • 1 XDR primary node
    • 3 XDR worker nodes
    • 1 XDR database node
    • 1 KUMA collector
    • 1 KUMA correlator
    • 3 KUMA keeper
    • 2 KUMA storage

    12 nodes:

    • 1 XDR primary node
    • 3 XDR worker nodes
    • 1 XDR database node
    • 1 KUMA collector
    • 1 KUMA correlator
    • 3 KUMA keeper
    • 2 KUMA storage

    12 nodes:

    • 1 XDR primary node
    • 3 XDR worker nodes
    • 1 XDR database node
    • 1 KUMA collector
    • 1 KUMA correlator
    • 3 KUMA keeper
    • 2 KUMA storage

    1 XDR primary node:

    • CPU: 4 cores
    • RAM: 8 GB
    • Available disk space: 500 GB

    3 XDR worker nodes:

    • CPU: 8 cores
    • RAM: 20 GB
    • Available disk space: 1 TB

    1 XDR database node:

    • CPU: 10 cores
    • RAM: 21 GB
    • Available disk space: 1.6 TB

    1 KUMA collector node:

    • CPU: 8 cores
    • RAM: 16 GB
    • Available disk space: 500 GB

    1 KUMA corellator node:

    • CPU: 8 cores
    • RAM: 32 GB
    • Available disk space: 500 GB

    3 KUMA keeper nodes:

    • CPU: 6 cores
    • RAM: 12 GB
    • Available disk space: 150 GB

    2 KUMA storage nodes:

    • CPU: 24 cores
    • RAM: 64 GB
    • Available SSD disk space: 4.7 TB

    1 XDR primary node:

    • CPU: 4 cores
    • RAM: 8 GB
    • Available disk space: 500 GB

    3 XDR worker nodes:

    • CPU: 10 cores
    • RAM: 24 GB
    • Available disk space: 1 TB

    1 XDR database node:

    • CPU: 12 cores
    • RAM: 24 GB
    • Available disk space: 2.7 TB

    1 KUMA collector node:

    • CPU: 8 cores
    • RAM: 16 GB
    • Available disk space: 500 GB

    1 KUMA corellator node:

    • CPU: 8 cores
    • RAM: 32 GB
    • Available disk space: 500 GB

    3 KUMA keeper nodes:

    • CPU: 6 cores
    • RAM: 12 GB
    • Available disk space: 150 GB

    2 KUMA storage nodes:

    • CPU: 24 cores
    • RAM: 64 GB
    • Available SSD disk space: 7 TB

    1 XDR primary node:

    • CPU: 4 cores
    • RAM: 8 GB
    • Available disk space: 500 GB

    3 XDR worker nodes:

    • CPU: 12 cores
    • RAM: 28 GB
    • Available disk space: 1 TB

    1 XDR database node:

    • CPU: 16 cores
    • RAM: 32 GB
    • Available disk space: 4.3 TB

    1 KUMA collector node:

    • CPU: 8 cores
    • RAM: 16 GB
    • Available disk space: 500 GB

    1 KUMA corellator node:

    • CPU: 8 cores
    • RAM: 32 GB
    • Available disk space: 500 GB

    3 KUMA keeper nodes:

    • CPU: 6 cores
    • RAM: 12 GB
    • Available disk space: 150 GB

    2 KUMA storage nodes:

    CPU: 24 cores

    RAM: 64 GB

    Available SSD disk space: 12 TB

Open Single Management Platform: Software requirements

Software requirements and supported systems and platforms

Operating system

64-bit versions of the following operating systems are supported:

Astra Linux Special Edition RUSB.10015-01 (2023-0426SE17 update 1.7.4)

Ubuntu Server 22.04 LTS

Debian GNU/Linux 11.х (Bullseye)

On the target hosts with the Ubuntu family operating systems, the Linux kernel version must be 5.15.0.107 or later.

Virtualization platforms

VMWare vSphere 7

VMWare vSphere 8

Microsoft Hyper-V Server 2016

Microsoft Hyper-V Server 2019

Microsoft Hyper-V Server 2022

Kernel-based Virtual Machine

Proxmox Virtual Environment 7.2

Proxmox Virtual Environment 7.3

Nutanix AHV 20220304.242 and later

Database management system (DBMS)

PostgreSQL 13.х 64-bit

PostgreSQL 14.х 64-bit

PostgreSQL 15.х 64-bit

PostgreSQL 16.x 64-bit

Postgres Pro 13.х 64-bit (all editions)

Postgres Pro 14.х 64-bit (all editions)

Postgres Pro 15.х 64-bit (all editions)

Postgres Pro 16.x 64-bit (all editions)

File system on the cluster nodes (controller and workers)

ext4

XFS

Highly available PostgreSQL clusters are supported. The Postgres role used by the Server to access the DBMS needs to have privileges to read the following views (enabled by default):

  • pg_stat_replication
  • pg_stat_wal_receiver

Kaspersky Deployment Toolkit

All Open Single Management Platform components are installed by using Kaspersky Deployment Toolkit.

Kaspersky Deployment Toolkit has the following hardware and software requirements:

Specification

System requirements

Hardware

CPU: 4 cores, operating frequency of 2.5 GHz

RAM: 8 GB

Available disk space: 40 GB

Operating system

64-bit versions of the following operating systems are supported:

  • Astra Linux Special Edition RUSB.10015-01 (2023-0426SE17 update 1.7.4)
  • Oracle Linux 9
  • Ubuntu Server 22.04 LTS
  • Debian GNU/Linux 11.х (Bullseye)
  • CentOS 7.x
  • CentOS 8.x

Open Single Management Platform components

To view the hardware and software requirements for an Open Single Management Platform component, click its name:

Page top
[Topic 247187]

Requirements for hosts with KUMA services

The KUMA services (collectors, correlators, and storages) are installed on the hosts that are outside of the Kubernetes cluster. Hardware and software requirements for these hosts are described in this article.

Recommended hardware and software requirements

This section lists the hardware and software requirements for processing a data stream of up to 40,000 events per second (EPS). The KUMA load value depends on the type of events being parsed and the efficiency of the normalizer.

For event processing efficiency, the CPU core count is more important than the clock rate. For example, 8 CPU cores with a medium clock rate can process events more efficiently than 4 CPU cores with a high clock rate. The table below lists the hardware and software requirements of KUMA components.

The amount of RAM utilized by the collector depends on configured enrichment methods (DNS, accounts, assets, enrichment with data from Kaspersky CyberTrace) and whether aggregation is used. RAM consumption is influenced by the data aggregation window setting, the number of fields used for aggregation of data, volume of data in fields being aggregated.

For example, with an event stream of 1000 EPS and event enrichment disabled (event enrichment is disabled, event aggregation is disabled, 5000 accounts, 5000 assets per tenant), one collector requires the following resources:

  • 1 CPU core or 1 virtual CPU
  • 512 MB of RAM
  • 1 GB of disk space (not counting event cache)

For example, to support 5 collectors that do not perform event enrichment, you must allocate the following resources: 5 CPU cores, 2.5 GB of RAM, and 5 GB of free disk space.

Recommended hardware and software requirements for installation of the KUMA services

 

Collector

Correlator

Storage

CPU

Intel or AMD with SSE 4.2 support:

at least 4 cores/8 threads or 8 virtual CPUs.

Intel or AMD with SSE 4.2 support:

at least 4 cores/8 threads or 8 virtual CPUs.

Intel or AMD with SSE 4.2 support:

at least 12 cores/24 threads or 24 virtual CPUs.

RAM

16 GB

16 GB

48 GB

Free disk space

/opt directory size: at least 500 GB.

/opt directory size: at least 500 GB.

/opt directory size: at least 500 GB.

Operating systems
  • Ubuntu 22.04 LTS (Jammy Jellyfish).
  • Oracle Linux 8.6, 8.7, 9.2, 9.4.
  • Astra Linux Special Edition RUSB.10015-01 (2021-1126SE17 update 1.7.1).
  • Astra Linux Special Edition RUSB. 10015-01 (2022-1011SE17MD update 1.7.2.UU.1).
  • Astra Linux Special Edition RUSB.10015-01 (2022-1110SE17 update 1.7.3). Core version 5.15.0.33 or higher is required.
  • Astra Linux Special Edition RUSB.10015-01 (2023-0630SE17MD update 1.7.4.UU.1).
  • Astra Linux Special Edition RUSB.10015-01 (2023-1023SE17MD update 1.7.5).

Network bandwidth

100 Mbps

100 Mbps

The transfer rate between ClickHouse nodes must be at least 10 Gbps if the data stream exceeds 20,000 EPS.

Installation of KUMA is supported in the following virtual environments:

  • VMware 6.5 or later
  • Hyper-V for Windows Server 2012 R2 or later
  • QEMU-KVM 4.2 or later
  • Software package of virtualization tools "Brest" RDTSP.10001-02

Kaspersky recommendations for storage servers

For storage servers Kaspersky specialists recommend the following:

  • Put ClickHouse on solid state drives (SSD). SSDs help improve data access speed. Hard drives can be used to store data using the HDFS technology.
  • To connect a data storage system to storage servers, use high-speed protocols, such as Fibre Channel or iSCSI 10G. We do not recommend using application-level protocols such as NFS and SMB to connect data storage systems.
  • Use the ext4 file system on ClickHouse cluster servers.
  • If you are using RAID arrays, use RAID 0 for high performance, or RAID 10 for high performance and fault tolerance.
  • To ensure fault tolerance and performance of the data storage subsystem, make sure that ClickHouse nodes are deployed strictly on different disk arrays.
  • If you are using a virtualized infrastructure to host system components, deploy ClickHouse cluster nodes on different hypervisors. In this case, it is necessary to prevent two virtual machines with ClickHouse from working on the same hypervisor.
  • For high-load KUMA installations, install ClickHouse on physical servers.

Requirements for devices for installing agents

To have data sent to the KUMA collector, you must install agents on the network infrastructure devices. Hardware and software requirements are listed in the table below.

Recommended hardware and software requirements for installation of agents

 

Windows devices

Linux devices

CPU

Single-core, 1.4 GHz or higher

Single-core, 1.4 GHz or higher

RAM

512 MB

512 MB

Free disk space

1 GB

1 GB

Operating systems
  • Microsoft Windows 2012
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2019
  • Microsoft Windows 10 20H2, 21H1
  • Astra Linux Special Edition RUSB.10015-01 (2023-0426SE17 update 1.7.4)
  • Ubuntu 22.04 LTS (Jammy Jellyfish)
  • Debian 11.7 (Bullseye)

Requirements for the operating system

Requirements for the operating system are listed in the table below.

Installation requirements for the operating system

 

Astra Linux

Python version

3.6 or later

SELinux module

Disabled

Package manager

pip3

Basic packages
  • python3-apt
  • curl
  • libcurl4

The packages can be installed using the following command:

apt install python3-apt curl libcurl4

Dependent packages
  • netaddr
  • python3-cffi-backend

The packages can be installed by using the following command:

apt install python3-netaddr python3-cffi-backend

If you are planning to query Oracle DB databases from KUMA, you must install the libaio1 Astra Linux package.

User permissions level required to install the application

To assign the required permissions to the user account used for installing the application, run the following command:

sudo pdpl-user -i 63 <user name under which the application is being installed>

Page top
[Topic 265299]

OSMP Console requirements

OSMP Console Server

For hardware and software requirements, refer to the requirements for a worker node.

Client devices

For a client device, use of OSMP Console requires only a browser.

The minimum screen resolution is 1366x768 pixels.

The hardware and software requirements for the device are identical to the requirements of the browser that is used with OSMP Console.

Browsers:

  • Google Chrome 100.0.4896.88 or later (official build)
  • Microsoft Edge 100 or later
  • Safari 15 on macOS
  • "Yandex" Browser 23.5.0.2271 or later
  • Mozilla Firefox Extended Support Release 102.0 or later

Page top
[Topic 255792]

Network Agent requirements

Minimum hardware requirements:

  • CPU with operating frequency of 1 GHz or higher. For a 64-bit operating system, the minimum CPU frequency is 1.4 GHz.
  • RAM: 512 MB.
  • Available disk space: 1 GB.

Software requirement for Linux-based devices: the Perl language interpreter version 5.10 or higher must be installed.

Network Agent. Supported platforms

Operating systems. Microsoft Windows workstations

Microsoft Windows Embedded POSReady 2009 with latest Service Pack 32-bit

Microsoft Windows Embedded 7 Standard with Service Pack 1 32-bit/64-bit

Microsoft Windows Embedded 8.1 Industry Pro 32-bit/64-bit

Microsoft Windows 10 Enterprise 2015 LTSB 32-bit/64-bit

Microsoft Windows 10 Enterprise 2016 LTSB 32-bit/64-bit

Microsoft Windows 10 IoT Enterprise 2015 LTSB 32-bit/64-bit

Microsoft Windows 10 IoT Enterprise 2016 LTSB 32-bit/64-bit

Microsoft Windows 10 Enterprise 2019 LTSC 32-bit/64-bit

Microsoft Windows 10 IoT Enterprise version 1703, 1709, 1803, 1809 32-bit/64-bit

Microsoft Windows 10 20H2, 21H2 IoT Enterprise 32-bit/64-bit

Microsoft Windows 10 IoT Enterprise 32-bit/64-bit

Microsoft Windows 10 IoT Enterprise version 1909 32-bit/64-bit

Microsoft Windows 10 IoT Enterprise LTSC 2021 32-bit/64-bit

Microsoft Windows 10 IoT Enterprise version 1607 32-bit/64-bit

Microsoft Windows 10 TH1 (July 2015) Home/Pro/Pro for Workstations/Enterprise/Education 32-bit/64-bit

Microsoft Windows 10 TH2 (November 2015) Home/Pro/Pro for Workstations/Enterprise/Education 32-bit/64-bit

Microsoft Windows 10 RS1 (August 2016) Home/Pro/Pro for Workstations/Enterprise/Education 32-bit/64-bit

Microsoft Windows 10 RS2 (April 2017) Home/Pro/Pro for Workstations/Enterprise/Education 32-bit/64-bit

Microsoft Windows 10 RS3 (Fall Creators Update, v1709) Home/Pro/Pro for Workstations/Enterprise/Education 32-bit/64-bit

Microsoft Windows 10 RS4 (April 2018 Update, 17134) Home/Pro/Pro for Workstations/Enterprise/Education 32-bit/64-bit

Microsoft Windows 10 RS5 (October 2018) Home/Pro/Pro for Workstations/Enterprise/Education 32-bit/64-bit

Microsoft Windows 10 RS6 (May 2019) Home/Pro/Pro for Workstations/Enterprise/Education 64-bit

Microsoft Windows 10 19H1, 19H2 Home/Pro/Pro for Workstations/Enterprise/Education 32-bit/64-bit

Microsoft Windows 10 20H1 (May 2020 Update) Home/Pro/Pro for Workstations/Enterprise/Education 32-bit/64-bit

Microsoft Windows 10 20H2 (October 2020 Update) Home/Pro/Pro for Workstations/Enterprise/Education 32-bit/64-bit

Microsoft Windows 10 21H1 (May 2021 Update) Home/Pro/Pro for Workstations/Enterprise/Education 32-bit/64-bit

Microsoft Windows 10 21H2 (October 2021 Update) Home/Pro/Pro for Workstations/Enterprise/Education 32-bit/64-bit

Microsoft Windows 10 22H2 (October 2023 Update) Home/Pro/Pro for Workstations/Enterprise/Education 32-bit/64-bit

Microsoft Windows 11 Home/Pro/Pro for Workstations/Enterprise/Education 64-bit

Microsoft Windows 11 22H2 Home/Pro/Pro for Workstations/Enterprise/Education 64-bit

Microsoft Windows 11 23H2 Home/Pro/Pro for Workstations/Enterprise/Education 64-bit

Microsoft Windows 11 24H2 Home/Pro/Pro for Workstations/Enterprise/Education 64-bit

Microsoft Windows 8.1 Pro/Enterprise 32-bit/64-bit

Microsoft Windows 8 Pro/Enterprise 32-bit/64-bit

Microsoft Windows 7 Professional/Enterprise/Ultimate/Home Basic/Premium with Service Pack 1 and later 32-bit/64-bit

Microsoft Windows XP Professional with Service Pack 2 32-bit/64-bit (supported by Network Agent version 10.5.1781 only)

Microsoft Windows XP Professional with Service Pack 3 and later 32-bit (supported by Network Agent version 14.0.0.20023)

Microsoft Windows XP Professional for Embedded Systems with Service Pack 3 32-bit (supported by Network Agent version 14.0.0.20023)

Operating systems. Microsoft Windows servers

Microsoft Windows MultiPoint Server 2011 Standard/Premium 64-bit

Microsoft Windows Server 2003 SP1 32-bit/64-bit (supported only by Network Agent version 10.5.1781, that you can request through Technical Support)

Microsoft Windows Server 2008 Foundation with Service Pack 2 32-bit/64-bit

Microsoft Windows Server 2008 Standard/Enterprise/Datacenter with Service Pack 2 32-bit/64-bit

Microsoft Windows Server 2008 R2 Datacenter/Enterprise/Foundation/Standard with Service Pack 1 and later 64-bit

Microsoft Windows Server 2012 Server Core/Datacenter/Essentials/Foundation/Standard 64-bit

Microsoft Windows Server 2012 R2 Server Core/Datacenter/Essentials/Foundation/Standard 64-bit

Microsoft Windows Server 2016 Datacenter/Standard/Server Core (Installation Option) (LTSB) 64-bit

Microsoft Windows Server 2019 Standard/Datacenter/Core 64-bit

Microsoft Windows Server 2019 RS5 Essentials/Standard 64-bit

Microsoft Windows Server 2022 Standard/Datacenter/Core 64-bit

Microsoft Windows Server 2022 21H2 Standard/Datacenter 64-bit

Microsoft Windows Storage Server 2019 64-bit

Microsoft Windows Small Business Server 2011 Standard 64-bit

Microsoft Windows Small Business Server 2011 Essentials 64-bit

Microsoft Windows Small Business Server 2011 Premium Add-on 64-bit

Operating systems. Linux

Debian GNU/Linux 10.х (Buster) 32-bit/64-bit

Debian GNU/Linux 11.х (Bullseye) 32-bit/64-bit

Debian GNU/Linux 12 (Bookworm) 32-bit/64-bit

Ubuntu Server 10.04 LTS (Lucid Lynx) 32-bit/64-bit

Ubuntu Server 16.04 LTS (Xenial Xerus) 32-bit/64-bit

Ubuntu Server 18.04 LTS (Bionic Beaver) 64-bit

Ubuntu Server 20.04 LTS (Focal Fossa) 64-bit

Ubuntu Server 22.04 LTS (Jammy Jellyfish) 64-bit

Ubuntu Server 22.04 LTS ARM 64-bit

Ubuntu Server 24.04 LTS (Noble Numbat) 64-bit

Ubuntu Desktop 10.04 LTS (Lucid Lynx) 32-bit/64-bit

Ubuntu Desktop 16.04 LTS (Xenial Xerus) 32-bit/64-bit

CentOS 6.х 32-bit/64-bit

CentOS 7.2 and later 64-bit

CentOS Stream 8 64-bit

CentOS Stream 9 64-bit

CentOS Stream 9 ARM 64-bit

Red Hat Enterprise Linux Server 6.x 32-bit/64-bit

Red Hat Enterprise Linux Server 7.2 and later 64-bit

Red Hat Enterprise Linux Server 8.x 64-bit

Red Hat Enterprise Linux Server 9.x 64-bit

SUSE Linux Enterprise Server 12.5 and later (all Service Packs) 64-bit

SUSE Linux Enterprise Server 15 (all Service Packs) 64-bit

SUSE Linux Enterprise Server 15 (all Service Packs) ARM 64-bit

openSUSE Leap 15 64-bit

EulerOS 2.0 SP10 64-bit

EulerOS 2.0 SP10 ARM 64-bit

Astra Linux Special Edition RUSB.10015-01 (operational update 1.5) 64-bit

Astra Linux Special Edition RUSB.10015-01 (operational update 1.6) 64-bit

Astra Linux Special Edition RUSB.10015-16 (release 1) (operational update 1.6) 64-bit

Astra Linux Special Edition RUSB.10015-17 (operational update 1.7.3) 64-bit

Astra Linux Special Edition RUSB.10015-01 (operational update 1.7) 64-bit

Astra Linux Special Edition RUSB.10015-01 (operational update 1.8) 64-bit

Astra Linux Special Edition RUSB.10015-03 (operational update 7.6) 64-bit

Astra Linux Special Edition RUSB.10015-37 (operational update 7.7) 64-bit

Astra Linux Special Edition RUSB.10152-02 (operational update 4.7) ARM 64-bit

Astra Linux Common Edition (operational update 2.12) 64-bit

ALT Workstation 10.1 64-bit

ALT Server 10.1 64-bit

ALT Education 10.1 64-bit

ALT SP Server 10 32-bit/64-bit

ALT SP Server 10 ARM 64-bit

ALT SP Workstation 10 32-bit/64-bit

ALT SP Workstation 10 ARM 64-bit

ALT 8 SP Server (LKNV.11100-01) 32-bit/64-bit

ALT 8 SP Server (LKNV.11100-02) 32-bit/64-bit

ALT 8 SP Server (LKNV.11100-03) 32-bit/64-bit

ALT 8 SP Workstation (LKNV.11100-01) 32-bit/64-bit

ALT 8 SP Workstation (LKNV.11100-02) 32-bit/64-bit

ALT 8 SP Workstation (LKNV.11100-03) 32-bit/64-bit

Mageia 4 32-bit

Oracle Linux 7 64-bit

Oracle Linux 8 64-bit

Oracle Linux 9 64-bit

Linux Mint 20.3 and later 64-bit

Linux Mint 21.1 and later 64-bit

Linux Mint 22.x 64-bit

AlterOS 7.5 and later 64-bit

GosLinux IC6/7.17 64-bit

GosLinux IC6/7.2 64-bit

SberOS 3.3.3 64-bit

Platform V SberLinux OS Server (SLO) 8.8 64-bit

Platform V SberLinux OS Server (SLO) 8.9.2 64-bit

RED OS 7.3 ARM 64-bit

RED OS 7.3 Server 64-bit

RED OS 7.3 Certified Edition 64-bit

RED OS 8 64-bit

RED OS 8 ARM 64-bit

ROSA Enterprise Linux Server 7.9 64-bit

ROSA Enterprise Linux Desktop 7.9 64-bit

ROSA COBALT 7.9 64-bit

ROSA CHROME 12 64-bit

AlmaLinux 8 and later 64-bit

AlmaLinux 9 and later 64-bit

Rocky Linux 8 and later 64-bit

Rocky Linux 9 and later 64-bit

Atlant, Alcyone build, version 2022.02 64-bit

MSVSPHERE 9.2 SERVER 64-bit

MSVSPHERE 9.2 ARM 64-bit

MSVSPHERE 9.4 SERVER 64-bit

MSVSPHERE 9.4 ARM 64-bit

SynthesisM Server 8.6 64-bit

SynthesisM Client 8.6 64-bit

OSnova 2.* 64-bit

Kylin 10 64-bit

EMIAS 1.0 64-bit

Amazon Linux 2 64-bit

MosOS 15.4 Arbat 64-bit

OS MES (Moscow Electronic School) 12 (for computers and laptops) 64-bit

OS MES (Moscow Electronic School) 12 (for interactive panels) 64-bit

M OS (Moscow Electronic School) 12 Server 64-bit

Mostech 64-bit

Mostech Server 64-bit

Fedora Linux Server 40 64-bit

Fedora Linux Workstation 40 64-bit

Operating systems. macOS

macOS 12.x

macOS 13.x

macOS 14.x

macOS 15.x

For Network Agent, the Apple Silicon (M1) architecture is also supported, as well as Intel.

Virtualization platforms

VMware vSphere 6.7.0

VMware vSphere 7.0.3

Citrix XenServer 7.x

Citrix XenServer 8.2

Parallels Desktop 18

Oracle VM VirtualBox 7.0.12

Microsoft Hyper-V Server 2019 64-bit

Microsoft Hyper-V Server 2022 64-bit

Kernel-based Virtual Machine (all Linux operating systems supported by Network Agent)

Refer to requirements for managed applications for other supported platforms.

On the devices running Windows 10 version RS4 or RS5, Kaspersky Security Center might be unable to detect some vulnerabilities in folders where case sensitivity is enabled.

Before installing Network Agent on the devices running Windows 7, Windows Server 2008, Windows Server 2008 R2 or Windows MultiPoint Server 2011, make sure that you have installed the security update KB3063858 for OS Windows (Security Update for Windows 7 (KB3063858), Security Update for Windows 7 for x64-based Systems (KB3063858), Security Update for Windows Server 2008 (KB3063858), Security Update for Windows Server 2008 x64 Edition (KB3063858), Security Update for Windows Server 2008 R2 x64 Edition (KB3063858).

In Microsoft Windows XP, Network Agent might not perform some operations correctly.

You can install or update Network Agent for Windows XP in Microsoft Windows XP only. The supported editions of Microsoft Windows XP and their corresponding versions of the Network Agent are listed in the list of supported operating systems. You can download the required version of the Network Agent for Microsoft Windows XP from this page.

We recommend that you install the same version of the Network Agent for Linux as Open Single Management Platform.

Open Single Management Platform fully supports Network Agent of the same or newer versions.

Network Agent for macOS is provided together with Kaspersky security application for this operating system.

Page top
[Topic 255797]

Requirements for a distribution point

Hardware and software requirements for Windows and Linux-based distribution points are described in this article.

If any remote installation tasks are pending on the Administration Server, the device with the distribution point will also require an amount of free disk space that is equal to the total size of the installation packages to be installed.

If one or multiple instances of the task for update (patch) installation and vulnerability fix are pending on the Administration Server, the device with the distribution point will also require additional free disk space, equal to twice the total size of all patches to be installed.

If you use the scheme where distribution points receive database updates and application software modules directly from Kaspersky update servers, the distribution points must be connected to the internet.

It is not recommended to assign the Administration Server as a distribution point, as this will increase the load on the Administration Server.

Hardware requirements for Windows-based distribution points

Minimum hardware requirements for Windows-based distribution points

Number of client devices

CPU

RAM

RAM, with patch management enabled

Disk space

10,000

4 cores, 2500 MHz

8 GB

8 GB

120 GB

5000

4 cores, 2500 MHz

6 GB

8 GB

120 GB

1000

2 cores, 2500 MHz

4 GB

8 GB

120 GB

Hardware requirements for Linux-based distribution points

Minimum hardware requirements for Linux-based distribution points

Number of client devices

CPU

RAM

Disk space

10,000

4 cores, 2500 MHz

10 GB

120 GB

5000

4 cores, 2500 MHz

8 GB

120 GB

1000

2 cores, 2500 MHz

6 GB

120 GB

See also:

Scenario: Kaspersky applications deployment
Page top
[Topic 92569]

Compatible applications and solutions

Kaspersky Next XDR Expert can be integrated with the following versions of applications and solutions:

  • Kaspersky Security Center 15 Linux (as secondary Administration Servers)
  • Kaspersky Security Center 14.2 Windows (as secondary Administration Servers)
  • Kaspersky Anti Targeted Attack Platform 5.1
  • Kaspersky Anti Targeted Attack Platform 6.0
  • Kaspersky Anti Targeted Attack Platform 7.0
  • Kaspersky Endpoint Security for Windows 12.3 or later (supports file servers)
  • Kaspersky Endpoint Security for Linux 12.1 or later
  • Kaspersky Endpoint Security for Windows 12.3 or later
  • Kaspersky Endpoint Security for Mac 12.0 or later
  • Kaspersky CyberTrace 4.2 (integration can only be configured in the KUMA Console)
  • Kaspersky Industrial CyberSecurity for Nodes 3.2 or later
  • Kaspersky Endpoint Agent 3.16
  • Kaspersky Industrial CyberSecurity for Networks 4.0 (integration can only be configured in the KUMA Console)
  • Kaspersky Secure Mail Gateway 2.0 or later (integration can only be configured in the KUMA Console)
  • Kaspersky Security for Linux Mail Server 10 or later (integration can only be configured in the KUMA Console)
  • Kaspersky Web Traffic Security 6.0 or later (integration can only be configured in the KUMA Console)
  • UserGate 7
  • Kaspersky Automated Security Awareness Platform
  • Kaspersky Threat Intelligence Portal
  • Kaspersky Next Generation Firewall (Kaspersky NGFW) Beta-2 (0.95)

Refer to the Application Support Lifecycle webpage for the versions of the applications.

Known issues

Open Single Management Platform supports management of Kaspersky Endpoint Security for Windows with the following limitations:

  • The Adaptive Anomaly Control component is not supported. Open Single Management Platform does not support Adaptive Anomaly Control rules.
  • Kaspersky Sandbox components are not supported.
Page top
[Topic 250553]