KASPERSKY Endpoint Security 8 for Windows 8.0 User Manual
Kaspersky Endpoint Security 8 for Windows®
Administrator Guide
APPLICATION VERSION: 8.0
2
Dear User,
Thank you for choosing our product! We hope that you will find this documentation useful and that it will provide answers
to most questions that may arise.
Warning: This document is the property of Kaspersky Lab ZAO (herein also referred to as Kaspersky Lab): all rights to
this document are reserved by the copyright laws of the Russian Federation and by international treaties. Illegal
reproduction or distribution of this document or parts hereof will result in civil, administrative, or criminal liability under
applicable law.
Any type of reproduction or distribution of any materials, including translations, may be allowed only with written
permission from Kaspersky Lab.
This document and related graphic images can be used exclusively for informational, non-commercial, or personal use.
This document may be amended without prior notice. The latest version of this document can be found on the Kaspersky
Lab website, at http://www.kaspersky.com/docs.
Kaspersky Lab assumes no liability for the content, quality, relevance, or accuracy of any third-party materials used
herein, or for any potential harm that may arise out of using such materials.
Document revision date: 9/30/11
© 2011 Kaspersky Lab ZAO. All Rights Reserved.
http://www.kaspersky.com
http://support.kaspersky.com/
3
CONTENTS
ABOUT THIS GUIDE ................................................................................................................................................... 10
In this Guide ........................................................................................................................................................... 10
Document conventions ........................................................................................................................................... 11
SOURCES OF INFORMATION ABOUT THE APPLICATION ..................................................................................... 13
Sources of information for independent research ................................................................................................... 13
Discussing Kaspersky Lab applications on the Forum ........................................................................................... 14
Contacting the Documentation Development Team by email ................................................................................. 14
KASPERSKY ENDPOINT SECURITY 8 FOR WINDOWS .......................................................................................... 15
What's new ............................................................................................................................................................. 15
Distribution kit ......................................................................................................................................................... 16
Organizing computer protection .............................................................................................................................. 17
Service for registered users .................................................................................................................................... 19
Hardware and software requirements ..................................................................................................................... 19
INSTALLING AND REMOVING THE APPLICATION .................................................................................................. 21
Installing the application ......................................................................................................................................... 21
About ways to install the application ................................................................................................................. 21
Installing the application by using the Setup Wizard ......................................................................................... 22
Installing the application from the command line .............................................................................................. 25
Installing the application through the Group Policy Object Editor snap-in ......................................................... 27
Description of setup.ini file settings ................................................................................................................... 27
Initial configuration of the application ................................................................................................ ................ 30
Upgrading from a previous version of the application ............................................................................................. 33
About ways to upgrade an old application version ............................................................................................ 33
Upgrading an old application version through the Group Policy Object Editor snap-in ..................................... 34
Removing the application ....................................................................................................................................... 35
About ways to remove the application .............................................................................................................. 35
Removing the application by using the Setup Wizard ....................................................................................... 35
Removing the application from the command line ............................................................................................ 37
Removing the application through the Group Policy Object Editor snap-in ....................................................... 37
APPLICATION LICENSING ......................................................................................................................................... 38
About the End User License Agreement ................................................................................................................ 38
About data submission ........................................................................................................................................... 38
About the License ................................................................................................................................................... 39
About activation code ............................................................................................................................................. 39
About the key file .................................................................................................................................................... 40
About application activation methods ..................................................................................................................... 40
Managing the license .............................................................................................................................................. 41
Using the Activation Wizard to activate the application ..................................................................................... 41
Buying a license ................................................................................................................................................ 41
Renewing a license ........................................................................................................................................... 42
Viewing license information............................................................................................................................... 42
Activation Wizard .............................................................................................................................................. 42
APPLICATION INTERFACE ........................................................................................................................................ 45
Application icon in the taskbar notification area ...................................................................................................... 45
A D M I N I S T R A T O R G U I D E
4
Application icon context menu ................................................................................................................................ 46
Main application window ......................................................................................................................................... 46
Application settings window .................................................................................................................................... 48
STARTING AND STOPPING THE APPLICATION ...................................................................................................... 49
Enabling and disabling automatic startup of the application ................................................................................... 49
Starting and stopping the application manually ...................................................................................................... 49
Pausing and resuming computer protection and control ......................................................................................... 50
PROTECTING THE COMPUTER FILE SYSTEM. FILE ANTI-VIRUS ......................................................................... 51
About File Anti-Virus ............................................................................................................................................... 51
Enabling and disabling File Anti-Virus .................................................................................................................... 51
Automatically pausing File Anti-Virus ..................................................................................................................... 52
Configuring File Anti-Virus ...................................................................................................................................... 53
Changing the file security level ......................................................................................................................... 54
Changing the action to take on infected files..................................................................................................... 55
Editing the protection scope of File Anti-Virus................................................................................................... 55
Using Heuristic Analyzer with File Anti-Virus .................................................................................................... 56
Using scan technologies in the operation of File Anti-Virus .............................................................................. 57
Optimizing file scanning .................................................................................................................................... 58
Scanning compound files .................................................................................................................................. 58
Changing the scan mode .................................................................................................................................. 59
SYSTEM WATCHER ................................................................................................................................................... 61
About System Watcher ........................................................................................................................................... 61
Enabling and disabling System Watcher ................................................................................................................ 62
Using behavior stream signatures (BSS) ................................................................................................................ 63
Rolling back malware actions during disinfection ................................................................................................... 63
EMAIL PROTECTION. MAIL ANTI-VIRUS .................................................................................................................. 64
About Mail Anti-Virus .............................................................................................................................................. 64
Enabling and disabling Mail Anti-Virus ................................................................................................................... 64
Configuring Mail Anti-Virus ..................................................................................................................................... 65
Changing the mail security level ....................................................................................................................... 67
Changing the action to take on infected email messages ................................................................................. 67
Editing the protection scope of Mail Anti-Virus .................................................................................................. 67
Scanning compound files that are attached to email messages ....................................................................... 69
Filtering attachments in email messages .......................................................................................................... 69
Using heuristic analysis .................................................................................................................................... 70
Scanning emails in Microsoft Office Outlook ................................................................ ..................................... 70
Scanning emails in The Bat! ............................................................................................................................. 71
COMPUTER PROTECTION ON THE INTERNET. WEB ANTI-VIRUS........................................................................ 73
About Web Anti-Virus ............................................................................................................................................. 73
Enabling and disabling Web Anti-Virus ................................................................................................................... 73
Configuring Web Anti-Virus .................................................................................................................................... 74
Changing the web traffic security level .............................................................................................................. 75
Changing the action to take on malicious web traffic objects ............................................................................ 76
Scanning URLs against databases of suspicious and phishing web addresses ............................................... 76
Using Heuristic Analyzer with Web Anti-Virus ................................................................................................... 77
Configuring the duration of caching web traffic ................................................................................................. 78
Editing the list of trusted URLs .......................................................................................................................... 78
C O N T E N T S
5
PROTECTION OF INSTANT MESSAGING CLIENT TRAFFIC. IM ANTI-VIRUS ........................................................ 80
About IM Anti-Virus ................................................................................................................................................. 80
Enabling and disabling IM Anti-Virus ...................................................................................................................... 80
Configuring IM Anti-Virus ........................................................................................................................................ 81
Creating the protection scope of IM Anti-Virus .................................................................................................. 82
Scanning URLs against databases of suspicious and phishing URLs with IM Anti-Virus ................................. 82
Using Heuristic Analyzer with IM Anti-Virus ...................................................................................................... 83
NETWORK PROTECTION .......................................................................................................................................... 84
Firewall ................................................................................................................................................................... 84
About Firewall ................................................................................................................................................... 84
Enabling or disabling Firewall ........................................................................................................................... 85
About network rules .......................................................................................................................................... 85
About the network connection status ................................................................................................................ 86
Changing the network connection status .......................................................................................................... 86
Managing network packet rules ........................................................................................................................ 87
Managing network rules for application groups ................................................................................................. 91
Managing network rules for applications ........................................................................................................... 98
Configuring advanced Firewall settings .......................................................................................................... 103
Network Attack Blocker......................................................................................................................................... 104
About Network Attack Blocker ......................................................................................................................... 104
Enabling and disabling Network Attack Blocker .............................................................................................. 105
Editing the settings used in blocking an attacking computer ........................................................................... 106
Monitoring network traffic...................................................................................................................................... 106
About network traffic monitoring ...................................................................................................................... 106
Configuring the settings of network traffic monitoring ..................................................................................... 107
Network Monitor ................................................................................................................................................... 110
About Network Monitor ................................................................................................................................... 110
Starting Network Monitor................................................................................................................................. 110
APPLICATION STARTUP CONTROL ....................................................................................................................... 111
About Application Startup Control ......................................................................................................................... 111
Enabling and disabling Application Startup Control .............................................................................................. 111
About Application Startup Control rules ................................................................................................................ 113
Managing Application Startup Control rules.......................................................................................................... 115
Adding and editing an Application Startup Control rule ................................................................................... 115
Adding a trigger condition for an Application Startup Control rule ................................................................... 116
Editing the status of an Application Startup Control rule ................................................................................. 118
Editing Application Startup Control message templates ....................................................................................... 119
About Application Startup Control operation modes ............................................................................................. 120
Switching from Black List mode to White List mode ............................................................................................. 120
Stage 1. Gathering information about applications that are installed on user computers ................................ 121
Stage 2. Creating application categories ........................................................................................................ 121
Stage 3. Creating allow rules of Application Startup Control ........................................................................... 122
Stage 4. Testing allow rules of Application Startup Control ............................................................................ 123
Stage 5. Switching to White List mode ............................................................................................................ 123
Changing the status of an Application Startup Control rule on the Kaspersky Security Center side ............... 124
APPLICATION PRIVILEGE CONTROL ..................................................................................................................... 125
About Application Privilege Control ...................................................................................................................... 125
A D M I N I S T R A T O R G U I D E
6
Enabling and disabling Application Privilege Control ............................................................................................ 126
Placing applications into groups ........................................................................................................................... 127
Modifying a trust group ......................................................................................................................................... 128
Managing Application Control rules ................................................................ ................................ ...................... 129
Editing control rules for trust groups and application groups........................................................................... 129
Editing an application control rule ................................................................................................................... 130
Downloading and updating application control rules from the Kaspersky Security Network database ............ 131
Disabling the inheritance of restrictions from the parent process .................................................................... 132
Excluding specific application actions from application control rules .............................................................. 133
Configuring storage settings for control rules that govern unused applications .............................................. 133
Protecting operating system resources and identity data ..................................................................................... 134
Adding a category of protected resources ...................................................................................................... 134
Adding a protected resource ........................................................................................................................... 135
Disabling resource protection .......................................................................................................................... 136
DEVICE CONTROL ................................................................................................................................................... 137
About Device Control ............................................................................................................................................ 137
Enabling and disabling Device Control ................................................................................................................. 138
About device and connection bus access rules .................................................................................................... 139
About trusted devices ........................................................................................................................................... 139
Standard decisions on access to devices ............................................................................................................. 139
Editing a device access rule ................................................................................................................................. 140
Editing a connection bus access rule ................................................................................................................... 141
Actions with trusted devices ................................................................................................................................. 142
Adding a device to the list of trusted devices .................................................................................................. 142
Editing the Users setting of a trusted device ................................................................................................... 143
Removing a device from the list of trusted devices ......................................................................................... 143
Editing templates of Device Control messages .................................................................................................... 144
Obtaining access to a blocked device .................................................................................................................. 144
Creating a device access code ............................................................................................................................. 146
WEB CONTROL ........................................................................................................................................................ 148
About Web Control ............................................................................................................................................... 148
Enabling and disabling Web Control ..................................................................................................................... 149
About web resource access rules ......................................................................................................................... 150
Actions with web resource access rules ............................................................................................................... 150
Adding and editing a web resource access rule .............................................................................................. 151
Assigning priorities to web resource access rules ........................................................................................... 152
Testing web resource access rules ................................................................................................................. 153
Enabling and disabling a web resource access rule ....................................................................................... 154
Exporting and importing the list of web resource addresses................................................................................. 154
Editing masks for web resource addresses .......................................................................................................... 155
Editing templates of Web Control messages ........................................................................................................ 157
UPDATING DATABASES AND APPLICATION SOFTWARE MODULES ................................................................. 159
About database and application module updates ................................................................................................. 159
About update sources ........................................................................................................................................... 160
Update settings configuration ............................................................................................................................... 160
Adding an update source ................................................................................................................................ 161
Selecting the update server region ................................................................................................................. 162
Configuring updates from a shared folder ....................................................................................................... 162
C O N T E N T S
7
Selecting the update task run mode ................................................................................................................ 164
Starting an update task under the rights of a different user account ............................................................... 165
Starting and stopping an update task ................................................................................................................... 165
Rolling back the last update .................................................................................................................................. 166
Configuring proxy server settings ......................................................................................................................... 166
Enabling and disabling scanning of files in Quarantine after an update ............................................................... 167
SCANNING THE COMPUTER ................................................................................................................................... 168
About scan tasks .................................................................................................................................................. 168
Starting or stopping a scan task ........................................................................................................................... 169
Configuring scan task settings .............................................................................................................................. 169
Changing the file security level ....................................................................................................................... 171
Changing the action to take on infected files................................................................................................... 171
Editing the scan scope .................................................................................................................................... 172
Optimizing file scanning .................................................................................................................................. 173
Scanning compound files ................................................................................................................................ 174
Selecting the scan method .............................................................................................................................. 175
Using scan technologies ................................................................................................................................. 175
Selecting the scan task run mode ................................................................................................................... 175
Starting a scan task under the account of a different user .............................................................................. 176
Scanning removable drives when they are connected to the computer .......................................................... 177
Handling unprocessed files................................................................................................................................... 178
About unprocessed files .................................................................................................................................. 178
Managing the list of unprocessed files ............................................................................................................ 178
VULNERABILITY SCAN ............................................................................................................................................ 182
About Vulnerability Monitor ................................................................ ................................................................... 182
Enabling and disabling Vulnerability Monitor ........................................................................................................ 182
Viewing information about vulnerabilities of running applications ......................................................................... 183
About the Vulnerability Scan task ......................................................................................................................... 184
Starting or stopping the Vulnerability Scan task ................................................................................................... 184
Creating the vulnerability scan scope ................................................................................................................... 185
Selecting the Vulnerability Scan task run mode .................................................................................................... 185
Configuring the launch of the Vulnerability Scan task under a different user account .......................................... 186
Handling detected vulnerabilities .......................................................................................................................... 188
About vulnerabilities ........................................................................................................................................ 188
Managing the list of vulnerabilities .................................................................................................................. 189
MANAGING REPORTS ............................................................................................................................................. 193
Principles of managing reports ............................................................................................................................. 193
Configuring report settings.................................................................................................................................... 194
Configuring the maximum report storage term ................................................................................................ 195
Configuring the maximum size of the report file .............................................................................................. 195
Generating reports ................................................................................................................................................ 195
Viewing reported event information in a separate section .................................................................................... 196
Saving a report to file ............................................................................................................................................ 196
Removing information from reports ...................................................................................................................... 197
NOTIFICATION SERVICE ......................................................................................................................................... 199
About Kaspersky Endpoint Security notifications .................................................................................................. 199
Configuring the notification service ....................................................................................................................... 199
A D M I N I S T R A T O R G U I D E
8
Configuring event log settings ......................................................................................................................... 200
Configuring delivery of on-screen and email notifications ............................................................................... 200
Viewing Microsoft Windows Event Log ................................................................................................................. 201
MANAGING QUARANTINE AND BACKUP ............................................................................................................... 202
About Quarantine and Backup .............................................................................................................................. 202
Configuring Quarantine and Backup settings ....................................................................................................... 203
Configuring the maximum storage term for files in Quarantine and file copies in Backup ............................... 203
Configuring the maximum size of Quarantine and Backup ............................................................................. 204
Managing Quarantine ........................................................................................................................................... 204
Moving a file to Quarantine ............................................................................................................................. 205
Starting a Custom Scan task for files in Quarantine ........................................................................................ 206
Restoring files from Quarantine ...................................................................................................................... 206
Deleting files from Quarantine ......................................................................................................................... 207
Sending probably infected files to Kaspersky Lab for examination ................................................................. 207
Managing Backup ................................................................................................................................................. 208
Restoring files from Backup ............................................................................................................................ 208
Deleting backup copies of files from Backup................................................................................................... 209
ADVANCED APPLICATION SETTINGS ................................................................ ................................ .................... 210
Trusted zone ......................................................................................................................................................... 210
About the trusted zone .................................................................................................................................... 210
Configuring the trusted zone ........................................................................................................................... 212
Kaspersky Endpoint Security Self-Defense .......................................................................................................... 217
About Kaspersky Endpoint Security Self-Defense .......................................................................................... 217
Enabling or disabling Self-Defense ................................................................................................................. 217
Enabling or disabling Remote Control Defense .............................................................................................. 218
Supporting remote administration applications ............................................................................................... 218
Performance of Kaspersky Endpoint Security and compatibility with other applications ...................................... 219
About the performance of Kaspersky Endpoint Security and compatibility with other applications ................. 219
Selecting types of detectable threats .............................................................................................................. 220
Enabling or disabling Advanced Disinfection technology ................................................................................ 221
Enabling or disabling energy-saving mode ..................................................................................................... 221
Enabling or disabling conceding of resources to other applications ................................................................ 222
Password protection ............................................................................................................................................. 223
About restricting access to Kaspersky Endpoint Security ............................................................................... 223
Enabling and disabling password protection ................................................................................................... 223
Modifying the Kaspersky Endpoint Security access password........................................................................ 225
REMOTE ADMINISTRATION THROUGH KASPERSKY SECURITY CENTER ........................................................ 226
Managing Kaspersky Endpoint Security ............................................................................................................... 226
Starting and stopping Kaspersky Endpoint Security on a client computer ...................................................... 226
Configuring Kaspersky Endpoint Security settings .......................................................................................... 227
Managing tasks .................................................................................................................................................... 228
About tasks for Kaspersky Endpoint Security ................................................................................................. 228
Creating a local task ....................................................................................................................................... 229
Creating a group task ...................................................................................................................................... 230
Creating a task for a set of computers ............................................................................................................ 230
Starting, stopping, suspending, and resuming a task ...................................................................................... 230
Editing task settings ................................................................ ................................................................ ........ 232
Managing policies ................................................................................................................................................. 233
C O N T E N T S
9
About policies .................................................................................................................................................. 234
Creating a policy ............................................................................................................................................. 234
Editing policy settings ..................................................................................................................................... 235
Viewing user complaints in the Kaspersky Security Center event storage ........................................................... 235
PARTICIPATING IN KASPERSKY SECURITY NETWORK ...................................................................................... 237
About participation in Kaspersky Security Network .............................................................................................. 237
Enabling and disabling use of Kaspersky Security Network ................................................................................. 238
Checking the connection to Kaspersky Security Network ..................................................................................... 238
CONTACTING TECHNICAL SUPPORT .................................................................................................................... 240
How to obtain technical support ............................................................................................................................ 240
Collecting information for Technical Support ........................................................................................................ 240
Creating a trace file ......................................................................................................................................... 241
Sending data files to the Technical Support server ......................................................................................... 241
Saving data files on the hard drive .................................................................................................................. 242
Technical support by phone .................................................................................................................................. 242
Obtaining technical support via Personal Cabinet ................................................................................................ 243
GLOSSARY ............................................................................................................................................................... 245
KASPERSKY LAB ZAO ............................................................................................................................................. 249
INFORMATION ABOUT THIRD-PARTY CODE ........................................................................................................ 250
TRADEMARK NOTICES ............................................................................................................................................ 251
INDEX ........................................................................................................................................................................ 252
10
ABOUT THIS GUIDE
IN THIS SECTION:
In this Guide .................................................................................................................................................................... 10
Document conventions .................................................................................................................................................... 11
This document is the Administrator Guide for Kaspersky Endpoint Security 8 for Windows (hereafter referred to
as Kaspersky Endpoint Security).
This Guide is designed for administrators of local corporate networks and for specialists who are responsible for antivirus protection of enterprise computers. For regular users whose workplace computers have Kaspersky Endpoint
Security installed, this Guide can help to solve to solve certain tasks.
This Guide is intended to do the following:
Help to install the application on the computer, and to activate and configure it with regard to the user's required
tasks.
Provide a readily searchable source of information for questions related to operation of the application.
Describe additional sources of information about the application and ways of receiving technical support.
IN THIS GUIDE
This Guide comprises the following sections.
Sources of information about the application (see page 13)
This section describes sources of information about the application and lists websites that you can use to discuss
application operation.
Kaspersky Endpoint Security 8 for Windows (see page 15)
This section describes the features of the application and provides brief information about application functions and
components. You will learn what items are included in the distribution kit and what services are available for registered
users of the application. This section provides information about the software and hardware requirements that a
computer must meet to allow installation.
Installing and removing the application (see page 21)
This section guides you through installing Kaspersky Endpoint Security on your computer, completing initial
configuration, upgrading from a previous version of the application, and removing the application from the computer.
Application licensing (see page 38)
This section contains information about the basic concepts of application activation. This section describes the purpose
of the End User License Agreement, the types of licenses, the ways to activate the application, and renew your license.
A B O U T T H I S G U I D E
11
Application interface (see page 45)
This section describes the basic elements of the graphical interface of the application: the application icon and its context
menu, main application window, and application settings window.
Starting and stopping the application (see page 49)
This section describes how you can configure automatic startup of the application, start or stop the application manually,
and pause or resume protection and control components.
Typical tasks (see the section "Protecting the computer file system. File Anti-Virus" on page 51)
A group of sections that describe typical tasks and application components. Those sections provide detailed information
about how to configure tasks and application components.
Remote administration through Kaspersky Security Center (see page 226)
This section describes Kaspersky Endpoint Security administration through Kaspersky Security Center.
Participating in Kaspersky Security Network (see page 237)
This section contains information about participation in Kaspersky Security Network and instructions on how to enable or
disable use of Kaspersky Security Network.
Contacting Technical Support (see page 240)
This section provides information about how to obtain technical support and the requirements for receiving help from
Technical Support.
Glossary (see page 245)
This section contains a list of terms that are mentioned in the document and their definitions.
Kaspersky Lab ZAO (see page 249)
This section provides information about Kaspersky Lab ZAO.
Index
This section allows you to quickly find required information within the document.
DOCUMENT CONVENTIONS
The document text is accompanied by semantic elements to which we recommend paying particular attention: warnings,
hints, and examples.
Document conventions are used to highlight semantic elements. The following table shows document conventions and
examples of their use.
A D M I N I S T R A T O R G U I D E
12
Sample text
Description of document convention
Note that ...
Warnings are highlighted in red and boxed.
Warnings provide information about possible unwanted actions that may lead to
data loss or failures in computer operation.
It is recommended to use...
Notes are boxed.
Notes provide auxiliary and reference information. Notes may contain useful
hints, recommendations, specific values, or important special cases in operation
of the application.
Example:
...
Examples are listed in respective sections under the heading "Example".
Update means...
The Databases are out of date event
occurs.
The following semantic elements are italicized in the text:
New terms
Names of application statuses and events
Press ENTER.
Press Option+N.
Names of keyboard keys appear in bold and are capitalized.
Names of keys that are connected by a + (plus) sign indicate the use of a key
combination. Those keys must be pressed simultaneously.
Click the Enable button.
Names of application interface elements, such as entry fields, menu items, and
buttons, are set off in bold.
To create a trace file:
Introductory phrases of instructions are italicized and are accompanied by the
arrow sign.
In the command line, enter the
following text: kav update
The following message then appears:
Specify the date in dd:mm:yy
format.
The following types of text content are set off with a special font (Courier):
Text in the command line
Text of messages that the application displays on screen
Data that the user must enter.
<IP address of your
computer>
Variables are enclosed in angle brackets. Each of the variables should be
replaced by the corresponding value, omitting angle brackets.
Table 1. Document conventions
13
SOURCES OF INFORMATION ABOUT THE
IN THIS SECTION:
Sources of information for independent research ............................................................................................................ 13
Discussing Kaspersky Lab applications on the Forum .................................................................................................... 14
Contacting the Documentation Development Team by email .......................................................................................... 14
APPLICATION
This section describes sources of information about the application and lists websites that you can use to discuss
application operation.
You can select the most suitable information source, depending on the level of importance and urgency of the issue.
SOURCES OF INFORMATION FOR INDEPENDENT RESEARCH
You can use the following sources to independently find information about the application:
Application page on the Kaspersky Lab website
Page on the Kaspersky Lab Technical Support (hereafter also "Technical Support") website (Knowledge Base)
Online help
Documentation
If you cannot find a solution for your issue, we recommend that you contact Kaspersky Lab Technical Support (see the
section "Technical support by phone" on page 242).
An Internet connection is required to use information sources on the Kaspersky Lab website.
Application page on the Kaspersky Lab website
The Kaspersky Lab website features an individual page for each application.
On the page http://www.kaspersky.com/endpoint-security-windows, you can view general information about the
application, its functions, and its features.
The page http://www.kaspersky.com contains a link to the eStore. There you can purchase or renew the application.
Application page on the Technical Support website (Knowledge Base)
Knowledge Base is a section on the Technical Support website that provides advice on using Kaspersky Lab
applications. Knowledge Base comprises reference articles that are grouped by topic.
On the page of the application in the Knowledge Base, you can read articles that provide useful information,
recommendations, and answers to frequently asked questions on how to purchase, install, and use Kaspersky Endpoint
Security for workstations http://support.kaspersky.com/kes8wks and for file servers http://support.kaspersky.com/kes8fs.
A D M I N I S T R A T O R G U I D E
14
Articles may provide answers to questions relating not just to Kaspersky Endpoint Security, but also to other Kaspersky
Lab applications. They also may contain news from Technical Support.
Online help
The online help of the application comprises help files.
Context help provides information about each window of the application, listing and describing the corresponding settings
and a list of tasks.
Full help provides detailed information about how to manage computer protection by using the application.
Administrator's Guide
You can download the Administrator Guide in PDF format from the Download section on the Kaspersky Lab website.
Consult this document for help with installing and activating the application on the computers of a local area network and
with configuring application settings. The document provides detailed information about how to manage computer
protection by using the application.
DISCUSSING KASPERSKY LAB APPLICATIONS ON THE FORUM
If your question does not require an urgent answer, you can discuss it with Kaspersky Lab specialists and other users on
our Forum (http://forum.kaspersky.com/index.php?showforum=5).
In this forum you can view existing topics, leave your comments, and create new discussion topics.
CONTACTING THE DOCUMENTATION DEVELOPMENT TEAM BY EMAIL
To contact the Documentation Development Team, send an email. In the email subject line, type "Kaspersky Help
Feedback: Kaspersky Endpoint Security 8 for Windows".
15
KASPERSKY ENDPOINT SECURITY 8 FOR
IN THIS SECTION:
What's new ...................................................................................................................................................................... 15
Distribution kit .................................................................................................................................................................. 16
Organizing computer protection ...................................................................................................................................... 16
Service for registered users ............................................................................................................................................ 19
Hardware and software requirements ............................................................................................................................. 19
WINDOWS
This section describes the features of the application and provides brief information about application functions and
components. You will learn what items are included in the distribution kit and what services are available for registered
users of the application. This section provides information about the software and hardware requirements that a
computer must meet to allow installation.
WHAT'S NEW
Kaspersky Endpoint Security 8 for Windows offers the following new features:
The Application Control functionality has been added, which lets you allow or block startup of individual
applications depending on the policy of the IT department of your company. Application Control comprises the
following components:
Application Startup Control, which operates on the basis of allow and block rules that are specified by the
administrator of the local area network. Rules can be created on the basis of software categories that are
provided by Kaspersky Lab or conditions that are specified by the administrator of the local area network.
Thanks to integration with Active Directory®, the rules that allow or block startup of applications are
specified for Active Directory users and user groups.
Application Privilege Control, which blocks application activity depending on the level of application
danger and reputation information. Information on the reputation of applications is provided by Kaspersky
Lab.
Vulnerability Monitor, which detects vulnerabilities both in applications that are started on the computer
and in all applications that are installed on the computer.
The Web Control component has been added, which lets you restrict or block user access to web resources
according to rules. Categories of web content, data types, and individual web addresses or their groups can be
specified as rule parameters. Thanks to integration with Active Directory, web access rules are defined for
Active Directory users and user groups.
New main application window interface: the main window shows statistics about the operation of control and
protection components and the performance of update and scan tasks.
Improvements:
Enhanced anti-virus protection, including through integration with Kaspersky Security Network. Integration with
Kaspersky Security Network provides information about file and web address reputations.
A D M I N I S T R A T O R G U I D E
16
Improved advanced disinfection technology.
Improved self-defense technology against changes to application files, memory processes, and system registry
values.
Improved proactive defense technology:
The System Watcher component logs application activity.
The BSS (Behavior Stream Signatures) proactive defense technology detects malicious behavior based on
regularly updated signatures.
You can now roll back malicious actions of applications during disinfection.
The Firewall component has been improved, letting you monitor inbound and outbound traffic across ports, IP
addresses, and applications that generate traffic.
The Intrusion Detection System (IDS) technology has been improved, with the addition of support for exclusions
that are specified by using IP addresses.
The Device Control component has been improved:
Sets of supported buses and device types have been expanded.
Device serial numbers can now be used as criteria.
It is now possible to restrict access to devices with file systems at the level of reading / writing.
It is now possible to set a schedule for users' access to devices.
Integration with Active Directory has been added.
Scanning of traffic over the IRC, Mail.ru, and AIM® protocols has been added.
DISTRIBUTION KIT
Kaspersky Endpoint Security is distributed through online stores of Kaspersky Lab (for example,
http://www.kaspersky.com, in the eStore section) or partner companies.
The distribution kit contains the following items:
Files that are required for installing the application in any of the available ways (see the section "About ways to
install the application" on page 21).
The file ksn.txt, in which you can read through the terms of participation in Kaspersky Security Network (see the
section "Participating in Kaspersky Security Network" on page 237).
The file license.txt, which you can view to look through the License Agreement. The License Agreement
specifies the terms of use of the application.
Information that is required for application activation is sent to you by email after payment.
For more details on purchase methods and the distribution kit, contact the Sales Department.
K A S P E R S K Y E N D P O I N T S E C U R I T Y 8 F O R W I N D O W S
17
ORGANIZING COMPUTER PROTECTION
Kaspersky Endpoint Security provides comprehensive computer protection against known and new threats, network and
phishing attacks, and other unwanted content.
Each type of threat is handled by a dedicated component. Components can be enabled or disabled independently of one
another, and their settings can be configured.
In addition to the real-time protection that the application components provide, we recommend that you regularly scan
the computer for viruses and other threats. This helps to rule out the possibility of spreading malware that is undetected
by protection components due to a low security level setting or for other reasons.
To keep Kaspersky Endpoint Security up to date, you must update the databases and modules that the application uses.
The application is updated automatically by default, but if necessary, you can update the databases and application
modules manually.
The following application components are control components:
Application Startup Control. This component keeps track of user attempts to start applications and regulates
the startup of applications.
Application Privilege Control. This component registers the actions of applications in the operating system
and regulates application activity depending on the trust group of a particular application. A set of rules is
specified for each group of applications. These rules regulate the access of applications to user data and to
resources of the operating system. Such data includes user files (My Documents folder, cookies, user activity
information) and files, folders, and registry keys that contain settings and important information from the most
frequently used applications.
Vulnerability Monitor. The Vulnerability Monitor component runs a real-time vulnerability scan of applications
that are started or are running on the user's computer.
Device Control. This component lets you set flexible restrictions on access to data storage devices (such as
hard drives, removable media, tape drives, and CDs and DVDs), data transmission equipment (such as
modems), equipment that converts information into hard copies (such as printers), or interfaces for connecting
devices to computers (such as USB, Bluetooth, and Infrared).
Web Control. This component lets you set flexible restrictions on access to web resources for different user
groups.
The operation of control components is based on the following rules:
Application Startup Control uses application startup control rules (see the section "About Application Startup
Control rules" on page 113).
Application Privilege Control uses application control rules (see the section "About Application Privilege Control"
on page 125).
Device Control uses device access rules and connection bus access rules (see the section "About device and
connection bus access rules" on page 139).
Web Control uses web resource access rules (see the section "About web resource access rules" on page 150).
The following application components are protection components:
File Anti-Virus. This component protects the file system of the computer from infection. File Anti-Virus starts
together with Kaspersky Endpoint Security, continuously remains active in computer memory, and scans all files
that are opened, saved, or started on the computer and on all connected drives. File Anti-Virus intercepts every
attempt to access a file and scans the file for viruses and other threats.
System Watcher. This component keeps a record of application activity on the computer and provides this
information to other components to ensure more effective protection.
A D M I N I S T R A T O R G U I D E
18
Mail Anti-Virus. This component scans incoming and outgoing email messages for viruses and other threats.
Web Anti-Virus. This component scans traffic that arrives on the user's computer via the HTTP and FTP
protocols, and checks whether URLs are listed as suspicious or phishing web addresses.
IM Anti-Virus. This component scans traffic that arrives on the computer via instant messaging protocols. It
ensures the safe operation of numerous instant messaging applications.
Firewall. This component protects personal data that is stored on the computer and blocks all kinds of threats to
the operating system while the computer is connected to the Internet or to a local area network. The component
filters all network activity according to two types of rules: application network rules and network packet rules
(see the section "About network rules" on page 85).
Network Monitor. This component lets you view network activity of the computer in real time.
Network Attack Blocker. This component inspects inbound network traffic for activity that is typical of network
attacks. On detecting an attempted network attack that targets your computer, Kaspersky Endpoint Security
blocks network activity from the attacking computer.
The following tasks are provided in Kaspersky Endpoint Security:
Full Scan. Kaspersky Endpoint Security thoroughly scans the operating system, including RAM, objects that are
loaded at startup, backup storage of the operating system, and all hard drives and removable drives.
Custom Scan. Kaspersky Endpoint Security scans the objects that are selected by the user.
Critical Areas Scan. Kaspersky Endpoint Security scans objects that are loaded at operating system startup,
RAM, and objects that are targeted by rootkits.
Update. Kaspersky Endpoint Security downloads updated application databases and modules. Updating keeps
the computer protected against new viruses and other threats at all times.
Vulnerability Scan. Kaspersky Endpoint Security scans the operating system and installed software for
vulnerabilities. This scanning ensures timely detection and removal of potential problems that intruders can
exploit.
Remote administration through Kaspersky Security Center
Kaspersky Security Center makes it possible to remotely start and stop Kaspersky Endpoint Security on a client
computer, and to remotely manage and configure application settings.
Service functions and applications
Kaspersky Endpoint Security comes with a number of service functions. Service functions are meant to keep the
application up to date, expand its functionality, and assist the user with operating it.
Reports. In the course of its operation, the application keeps a report on each application component and task.
The report contains a list of Kaspersky Endpoint Security events and all operations that the application
performs. In case of an incident, you can send reports to Kaspersky Lab, where Technical Support specialists
can look into the issue in more detail.
Data storage. If the application detects infected or probably infected files while scanning the computer for
viruses and other threats, it blocks those files. Kaspersky Endpoint Security moves probably infected files to a
special storage called Quarantine. Kaspersky Endpoint Security stores copies of disinfected and deleted files in
Backup. Kaspersky Endpoint Security moves files that are not processed for any reason to the list of
unprocessed files. You can scan files, restore files to their original folders, manually move files to Quarantine,
and empty the data storage.
Notification service. The notification service keeps the user informed about the current protection status of the
computer and the operation of Kaspersky Endpoint Security. Notifications can be displayed on the screen or
sent by email.
K A S P E R S K Y E N D P O I N T S E C U R I T Y 8 F O R W I N D O W S
19
Kaspersky Security Network. User participation in Kaspersky Security Network enhances the effectiveness of
computer protection through real-time collection of information on the reputation of files, web resources, and
software from users worldwide.
License. Using a license unlocks full application functionality, provides access to application database and
module updates, detailed information about the application, and assistance from Kaspersky Lab Technical
Support.
Support. All registered users of Kaspersky Endpoint Security can contact Technical Support specialists for
assistance. You can send a request from Personal Cabinet on the Technical Support website or receive
assistance from support personnel over the phone.
SERVICE FOR REGISTERED USERS
By purchasing a user license for the application, you become a registered user of Kaspersky Lab applications and can
benefit from the following services during the entire validity term of the license:
Database updates and access to new versions of the application
Consultations by phone and by email on issues that are related to installation, configuration, and use of the
application
Notifications about the release of new applications by Kaspersky Lab and of new viruses. To use this service,
subscribe to news delivery from Kaspersky Lab on the Technical Support website.
No consultations are provided on issues that are related to the functioning of operating systems or third-party
software and technologies.
HARDWARE AND SOFTWARE REQUIREMENTS
To ensure proper operation of Kaspersky Endpoint Security, your computer must meet the following requirements:
General requirements:
1 GB of free disk space on the hard drive
CD/DVD-ROM (for installing the application from a retail installation CD)
Microsoft® Internet Explorer® 7.0 or later
Microsoft Windows Installer 3.0 or later
An Internet connection for activating the application and updating application databases and modules
Hardware requirements for computers with workstation operating systems installed:
Microsoft Windows XP Professional SP3, Microsoft Windows XP Professional x64 Edition SP2:
Intel® Pentium® 1 GHz or faster processor (or compatible equivalent)
256 MB of free RAM
Microsoft Windows 7 Professional / Enterprise / Ultimate (SP0 or later), Microsoft Windows 7 Professional /
Enterprise / Ultimate (x64 Edition SP0 or later), Microsoft Windows Vista® SP2, Microsoft Windows Vista x64
Edition SP2:
Intel Pentium 2 GHz processor or faster (or compatible equivalent)
A D M I N I S T R A T O R G U I D E
20
512 MB of free RAM
Microsoft Windows Embedded Standard 7 SP1, Microsoft Windows Embedded Standard 7 x64 Edition SP1,
Microsoft Windows Embedded POSReady 2009 latest SP:
Intel Pentium 800 GHz processor or faster (or compatible equivalent)
256 MB of free RAM
Hardware requirements for computers with file server operating systems installed:
Microsoft Windows Small Business Server 2008 Standard x64 Edition, Microsoft Windows Small Business Server
2011 Essentials / Standard (x64 Edition), Microsoft Windows Server® 2008 R2 Standard / Enterprise (x64 Edition
SP1), Microsoft Windows Server 2008 Standard / Enterprise SP2, Microsoft Windows Server 2008 Standard /
Enterprise SP2 (x64 Edition), Microsoft Windows Server 2003 R2 Standard / Enterprise SP2, Microsoft Windows
Server 2003 R2 Standard x64 Edition SP2, Microsoft Windows Server 2003 Standard SP2, Microsoft Windows
Server 2003 Standard x64 Edition SP2:
Intel Pentium 2 GHz processor or faster (or compatible equivalent)
512 MB of free RAM
21
INSTALLING AND REMOVING THE
IN THIS SECTION:
Installing the application .................................................................................................................................................. 21
Upgrading from a previous version of the application ..................................................................................................... 33
Removing the application ................................................................................................................................................ 35
IN THIS SECTION:
About ways to install the application ............................................................................................................................... 21
Installing the application by using the Setup Wizard ....................................................................................................... 22
Installing the application from the command line ............................................................................................................. 25
Installing the application through the Group Policy Object Editor snap-in ....................................................................... 27
Description of setup.ini file settings ................................................................................................................................. 27
Initial configuration of the application .............................................................................................................................. 30
APPLICATION
This section guides you through installing Kaspersky Endpoint Security on your computer, completing initial
configuration, upgrading from a previous version of the application, and removing the application from the computer.
INSTALLING THE APPLICATION
This section describes how to install Kaspersky Endpoint Security on your computer and complete initial configuration of
the application.
ABOUT WAYS TO INSTALL THE APPLICATION
There are several ways to install Kaspersky Endpoint Security 8 for Windows on a computer:
Local installation – the application is installed on an individual computer. Starting and completing a local
installation requires direct access to the computer. A local installation can be performed in one of two modes:
Interactive, by using the Setup Wizard (see the section "Installing the application by using the Setup
Wizard" on page 22). This mode requires your involvement in the setup process.
Silent, in which case application installation is started from the command line and does not require your
involvement in the setup process (see the section "Installing the application from the command line" on
page 25).
Remote installation – installation on a computer within a network, performed remotely from the administrator's
workstation by using:
A D M I N I S T R A T O R G U I D E
22
Kaspersky Security Center software complex (see "Kaspersky Security Center Deployment Guide")
IN THIS SECTION:
Step 1. Making sure that the computer meets installation requirements ......................................................................... 22
Step 2. Welcome page of the installation procedure ....................................................................................................... 23
Step 3. Reviewing the License Agreement...................................................................................................................... 23
Step 4. Kaspersky Security Network Data Collection Statement ..................................................................................... 23
Step 5. Selecting the installation type ............................................................................................................................. 23
Step 6. Selecting application components to install ........................................................................................................ 24
Step 7. Selecting the destination folder ........................................................................................................................... 24
Step 8. Adding exclusions from virus scanning ............................................................................................................... 24
Step 9. Preparing for application installation ................................................................................................................... 25
Step 10. Installing the application .................................................................................................................................... 25
group domain policies of Microsoft Windows Server (see the section "Installing the application through the
Group Policy Object Editor snap-in" on page 27).
We recommend closing all active applications before starting the installation of Kaspersky Endpoint Security (including
remote installation).
INSTALLING THE APPLICATION BY USING THE SETUP WIZARD
The interface of the Setup Wizard consists of a sequence of pages (steps). You can navigate between the Setup Wizard
pages by using the Back and Next buttons. To close the Setup Wizard after it completes its task, click the Finish button.
To stop the Setup Wizard at any stage, click the Cancel button.
To install the application or upgrade the application from a previous version by using the Setup Wizard:
1. Start the setup.exe file.
The Setup Wizard starts.
2. Follow the instructions of the Setup Wizard.
STEP 1. MAKING SURE THAT THE COMPUTER MEETS INSTALLATION
REQUIREMENTS
Before installing Kaspersky Endpoint Security 8 for Windows on a computer or updating a previous version of the
application, the following conditions are checked:
Whether the operating system and the Service Pack meet the software requirements for installation (see the
section "Hardware and software requirements" on page 19).
Whether the hardware and software requirements are met (see the section "Hardware and software
requirements" on page 19).
I N S T A L L I N G A N D R E M O V I N G T H E A P P L I C A T I O N
23
Whether the user has the rights to install the software product
If any one of the previous requirements is not met, a relevant notification is displayed on the screen.
If the computer meets the above-listed requirements, the Setup Wizard searches for Kaspersky Lab applications that
may lead to conflicts when running at the same time as Kaspersky Endpoint Security. If such applications are found, you
are prompted to remove them manually.
If the detected applications include Kaspersky Anti-Virus 6.0 for Windows Workstations® MP3 / MP4 or Kaspersky AntiVirus 6.0 for Windows Servers MP3 / MP4, all data that can be migrated (such as activation details and application
settings) is preserved and used during the installation of Kaspersky Endpoint Security 8 for Windows. However,
Kaspersky Anti-Virus 6.0 for Windows Workstations MP3 / MP4 or Kaspersky Anti-Virus 6.0 for Windows Servers
MP3 / MP4 is removed automatically.
STEP 2. WELCOME PAGE OF THE INSTALLATION PROCEDURE
If the operating system on which you are installing Kaspersky Endpoint Security 8 for Windows fully meets the
requirements, a welcome page appears after you start the installation package. The welcome page notifies you of the
beginning of installation of Kaspersky Endpoint Security 8 for Windows on the computer.
To proceed with the Setup Wizard, click the Next button. To stop the Setup Wizard, click the Cancel button.
STEP 3. REVIEWING THE LICENSE AGREEMENT
During this step, you are advised to review the license agreement between you and Kaspersky Lab.
Carefully review the agreement and, if you agree with all of its terms, select the I accept the terms of the License
Agreement check box.
To return to the previous step of the Setup Wizard, click the Back button. To proceed with the Setup Wizard, click the
Next button. To stop the Setup Wizard, click the Cancel button.
STEP 4. KASPERSKY SECURITY NETWORK DATA COLLECTION STATEMENT
During this step, you are invited to participate in Kaspersky Security Network.
Review the Kaspersky Security Network Data Collection Statement:
If you accept all of the terms, on the Setup Wizard page, select the option I agree to participate in Kaspersky
Security Network.
If you do not accept the conditions of participation in Kaspersky Security Network, on the Setup Wizard page,
select the option I do not agree to participate in Kaspersky Security Network.
To return to the previous step of the Setup Wizard, click the Back button. To proceed with the Setup Wizard, click the
Next button. To stop the Setup Wizard, click the Cancel button.
STEP 5. SELECTING THE INSTALLATION TYPE
During this step, you can select the most suitable installation type of Kaspersky Endpoint Security 8 for Windows:
Full installation. If you select this type of installation, the application is installed in its entirety, with the protection
settings that are recommended by Kaspersky Lab.
Custom installation. If you select this type of installation, you are offered to select the components to be installed
(see the section "Step 6. Selecting application components to install" on page 24) and specify the destination
folder for installing the application (see the section "Step 7. Selecting the destination folder" on page 24).
A D M I N I S T R A T O R G U I D E
24
To return to the previous step of the Setup Wizard, click the Back button. To proceed with the Setup Wizard, click the
Next button. To stop the Setup Wizard, click the Cancel button.
STEP 6. SELECTING APPLICATION COMPONENTS TO INSTALL
This step is performed if you select Custom installation of the application.
During this step, you can select the Kaspersky Endpoint Security 8 for Windows components that you want to install. All
application components are selected for installation by default.
To select a component that you want to install, click the icon next to the component name to bring up the context menu.
Then select Component will be installed on the local hard drive. For more details on what tasks are performed by the
selected component and how much disk space is required to install the component, refer to the lower part of the current
Setup Wizard page.
To view detailed information about the available space on local hard drives, click the Disk button. Information is shown in
the Available disk space window that opens.
To cancel component installation, in the context menu, select the Component will be unavailable option.
To return to the list of default components, click the Reset button.
To return to the previous step of the Setup Wizard, click the Back button. To proceed with the Setup Wizard, click the
Next button. To stop the Setup Wizard, click the Cancel button.
STEP 7. SELECTING THE DESTINATION FOLDER
This step is available if you select Custom installation of the application.
During this step, you can specify the path to the destination folder where the application will be installed. To select the
destination folder for the application, click the Browse button.
To view information about available space on local hard drives, click the Disk button. Information is shown in the
Available disk space window that opens.
To return to the previous step of the Setup Wizard, click the Back button. To proceed with the Setup Wizard, click the
Next button. To stop the Setup Wizard, click the Cancel button.
STEP 8. ADDING EXCLUSIONS FROM VIRUS SCANNING
This step is available if you select Custom installation of the application.
At this stage you can specify which exclusions from virus scanning you want to add to the application settings.
The Exclude areas that are recommended by Microsoft from virus scan scope / Exclude areas that are
recommended by Kaspersky Lab from virus scan scope check boxes exclude, respectively, areas that are
recommended by Microsoft or Kaspersky Lab from the trusted zone or includes them.
If one of these check boxes is selected, Kaspersky Endpoint Security includes, respectively, the areas that
Microsoft or Kaspersky Lab recommends in the trusted zone. Kaspersky Endpoint Security does not scan such areas for
viruses and other threats.
The Exclude areas recommended by Microsoft / Kaspersky Lab from virus scanning check box is available when
Kaspersky Endpoint Security is installed on a computer that runs on Microsoft Windows for file servers.
I N S T A L L I N G A N D R E M O V I N G T H E A P P L I C A T I O N
25
To return to the previous step of the Setup Wizard, click the Back button. To proceed with the Setup Wizard, click the
Next button. To stop the Setup Wizard, click the Cancel button.
STEP 9. PREPARING FOR APPLICATION INSTALLATION
Because your computer may be infected with malicious programs that could interfere with installation of Kaspersky
Endpoint Security 8 for Windows, you are advised to protect the installation process.
Installation process protection is enabled by default.
If the application cannot be installed (for example, when performing remote installation with the help of Windows Remote
Desktop), you are advised to disable protection of the installation process. The inability to install may be because
protection of application installation is enabled. If this happens, abort the installation, and quit and start the Setup Wizard
from the beginning. At step 8 (Preparing for application installation), clear the Secure installation process check box.
The Add path to avp.com file to %PATH% system variable check box enables / disables an option that adds the path
to the avp.com file to the %PATH% system variable.
If the check box is selected, starting Kaspersky Endpoint Security or any of its tasks from the command line does not
require entering the path to the executable file. It is enough to enter the name of the executable file and the command to
start a particular task.
To return to the previous step of the Setup Wizard, click the Back button. To install the program, click the Install button.
To stop the Setup Wizard, click the Cancel button.
Current network connections may be terminated while the application is being installed on the computer. Most terminated
connections are restored after a short time.
STEP 10. INSTALLING THE APPLICATION
Installation of the application can take some time. Wait for it to complete.
If you are updating a previous version of the application, this step also includes settings migration and removal of the
previous version of the application.
After installation of Kaspersky Endpoint Security 8 for Windows is completed, the Initial Configuration Wizard starts (see
the section "Initial configuration of the application" on page 30).
INSTALLING THE APPLICATION FROM THE COMMAND LINE
To start the Setup Wizard from the command line,
type the following string in the command line: setup.exe or msiexec /i <installation package name>.
To install the application or upgrade from a previous version of the application in non-interactive mode (without
starting the Setup Wizard),
type the following string in the command line: setup.exe /pEULA=1 /pKSN=1|0 /pALLOWREBOOT=1|0 /s or
msiexec /i <installation package name> EULA=1 KSN=1|0 ALLOWREBOOT=1|0 /qn,
where:
EULA=1 means that you accept the terms of the license agreement. The text of the License Agreement is
included in the distribution kit of Kaspersky Endpoint Security 8 for Windows (see the section "Distribution kit"
on page 16). Accepting the terms of the License Agreement is necessary for installing the application or
updating a previous version of the application.
A D M I N I S T R A T O R G U I D E
26
KSN=1|0 signifies agreement or refusal to participate in Kaspersky Security Network (also referred to as KSN).
This parameter is not required. If the value of the KSN parameter is not specified in the command string, it is
assumed by default that you refuse to participate in KSN. The text of the KSN participation policy is included in
the distribution kit of Kaspersky Endpoint Security 8 for Windows (see the section "Distribution kit" on page 16).
ALLOWREBOOT=1|0 signifies agreement or refusal to allow an automatic restart of the computer, if this is
required, after installation of the application or an upgrade from a previous version of the application. This
parameter is not required. If no value of the ALLOWREBOOT parameter is specified in the command string, it is
assumed by default that you do not allow automatic restart of the computer after installation of the application or
an upgrade from a previous version of the application.
A restart of the computer may be required after an upgrade from a previous version of the application, or when
Kaspersky Endpoint Security detects and removes third-party anti-virus software during installation.
The computer can be restarted automatically only in non-interactive installation mode (with the /qn key).
To install the application or upgrade from a previous version of the application with a password that authorizes
changes to application settings and operations with the application,
type the following string in the command line:
setup.exe /pKLPASSWD=***** /pKLPASSWDAREA=<password scope> or
msiexec /i <installation package name> KLPASSWD=***** KLPASSWDAREA=<password
scope> to install the application or upgrade from a previous version of the application in interactive mode.
setup.exe /pEULA=1 /pKSN=1|0 /pKLPASSWD=***** /pKLPASSWDAREA=<password scope> /s or
msiexec /i <installer package name> EULA=1 KSN=1|0 KLPASSWD=*****
KLPASSWDAREA=<password scope> ALLOWREBOOT=1|0/qn to install the application or upgrade from a
previous version of the application in non-interactive mode.
In this command string, one or more of the following values of the KLPASSWDAREA parameter can be specified
instead of <password area>, separated with a ";":
SET. Set a password for editing application settings.
EXIT. Set a password for exiting the application.
DISPROTECT. Set a password for disabling protection components and stopping scan tasks.
DISPOLICY. Set a password for disabling the Kaspersky Security Center policy.
UNINST. Set a password for removing the application from the computer.
DISCTRL. Set a password for disabling control components (Application Startup Control, Application Privilege
Control, Vulnerability Monitor, Device Control, Web Control).
REMOVELIC. Set a password for deleting the application license.
The use of the following files is supported when you install the application or upgrade from a previous version of the
application:
setup.ini (see the section "Description of setup.ini file settings" on page 27), which contains general application
setup settings
install.cfg configuration file
setup.reg
I N S T A L L I N G A N D R E M O V I N G T H E A P P L I C A T I O N
27
The setup.ini, install.cfg, and setup.reg files must be located in the same folder as the Kaspersky Endpoint Security 8 for
Windows installation package.
INSTALLING THE APPLICATION THROUGH THE GROUP POLICY OBJECT EDITOR SNAP-IN
The Group Policy Object Editor snap-in lets you install Kaspersky Endpoint Security on enterprise workstations that
belong to a domain, without using Kaspersky Security Center.
To install Kaspersky Endpoint Security through the Group Policy Object Editor snap-in:
1. Create a shared network folder on a computer that acts as domain controller.
2. Place the MSI installation package for the new version of Kaspersky Endpoint Security in the shared network
folder that you created during the previous step.
In addition, you can copy the setup.ini file to this shared network folder (see the section "Description of setup.ini
file settings" on page 27), which contains general Kaspersky Endpoint Security setup settings, along with the
install.cfg configuration file and the key file.
3. Open the Group Policy Object Editor snap-in through the ММС console (see the Microsoft Windows Server help
files for detailed instructions on using the Editor).
4. Create a new installation package of the Group Policy Object Editor snap-in. To do so:
a. In the console tree, select Group Policy Object Computer Configuration Software
Settings Software installation.
b. Right-click to bring up the context menu of the Software installation node.
c. In the context menu, select New Package.
The standard Open window of Microsoft Windows Server opens.
d. In the standard Open window of Microsoft Windows Server, specify the path to the MSI installation package
of Kaspersky Endpoint Security.
e. In the Deploy Software window, select Assigned.
f. Click OK.
The group policy is enforced on each workstation the next time that the computer is registered in the domain.
Kaspersky Endpoint Security is then installed on all computers within the domain.
DESCRIPTION OF SETUP.INI FILE SETTINGS
The setup.ini file is used when installing the application from the command line or from the Group Policy Object Editor
snap-in. The setup.ini file is located in the folder of the Kaspersky Endpoint Security installation package.
The setup.ini file contains the following settings:
[Setup] – general application installation settings:
InstallDir – path to the application installation folder
ActivationCode – Kaspersky Endpoint Security activation code
A D M I N I S T R A T O R G U I D E
28
Eula – acceptance or rejection of the terms of the End User License Agreement. Possible values of the Eula
parameter:
1. Specifying this value signifies acceptance of the terms of the License Agreement.
0. Specifying this value signifies rejection of the terms of the License Agreement.
KSN – agreement or refusal to participate in Kaspersky Security Network. Possible values of the KSN
parameter:
1. Specifying this value signifies agreement to participate in Kaspersky Security Network.
0. Specifying this value signifies refusal to participate in Kaspersky Security Network.
Password – set password for accessing the administration of Kaspersky Endpoint Security options and
settings
PasswordArea – specify the area that is covered by the password for accessing the administration of
Kaspersky Endpoint Security options and settings Possible values of the PasswordArea parameter:
SET. Set a password for editing application settings.
EXIT. Set a password for exiting the application.
DISPROTECT. Set a password for disabling protection components and stopping scan tasks.
DISPOLICY. Set a password for disabling the Kaspersky Security Center policy.
UNINST. Set a password for removing the application from the computer.
DISCTRL. Set a password for disabling control components (Application Startup Control, Application
Privilege Control, Vulnerability Monitor, Device Control, Web Control).
REMOVELIC. Set a password for deleting the application license.
SelfProtection – enable or disable Kaspersky Endpoint Security Self-Defense during installation. Possible
values of the SelfProtection parameter:
1. Specifying this value signifies that Self-Defense will be enabled.
0. Specifying this value signifies that Self-Defense will be disabled.
Reboot – whether to restart the computer after installation of the application, if a restart is required. Possible
values of the Reboot parameter:
1. Specifying this value signifies that the computer will be restarted, if necessary, after the application is
installed.
0. Specifying this value signifies that the computer will not be restarted after the application is installed.
MSExclusions – add applications recommended by Microsoft to exclusions from scanning. This setting is
available only for file servers that run on Microsoft Windows Server (see the section "Hardware and software
requirements" on page 19). Possible values of the MSExclusions parameter:
1. Specifying this value signifies that applications recommended by Microsoft will be added to exclusions
from scanning.
0. Specifying this value signifies that applications recommended by Microsoft will not be added to
exclusions from scanning.
I N S T A L L I N G A N D R E M O V I N G T H E A P P L I C A T I O N
29
KLExclusions – add applications recommended by Kaspersky Lab to exclusions from scanning. Possible
values of the KLExclusions parameter:
1. Specifying this value signifies that applications recommended by Kaspersky Lab will be added to
exclusions from scanning.
0. Specifying this value signifies that applications recommended by Kaspersky Lab will not be added to
exclusions from scanning.
NoKLIM5 – whether to enable the installation of Kaspersky Endpoint Security network drivers during installation
of the application. The network drivers are installed by default. Kaspersky Endpoint Security network drivers,
which belong to the group of NDIS drivers and are responsible for intercepting network traffic for such
application components as Device Control, Web Control, Mail Anti-Virus, Web Anti-Virus, Firewall, and Network
Attack Blocker, may cause conflicts with other applications or equipment that is installed on the computer. To
prevent possible conflicts, you may choose not to install network drivers on computers that run on Microsoft
Windows XP Professional x86 or on Microsoft Windows Server 2003 x86. Possible values of the NoKLIM5
parameter:
1. Specifying this value disables installation of Kaspersky Endpoint Security network drivers during
application installation.
0. Specifying this value enables installation of Kaspersky Endpoint Security network drivers during
application installation.
AddEnviroment – whether to supplement the %PATH% system variable with the path to executable files that
are located in the Kaspersky Endpoint Security setup folder. Possible values of the AddEnviroment
parameter:
1. Specifying this value signifies that the %PATH% system variable will be supplemented with the path to
executable files that are located in the Kaspersky Endpoint Security setup folder.
0. Specifying this value signifies that the %PATH% system variable will not be supplemented with the path
to executable files that are located in the Kaspersky Endpoint Security setup folder.
[Components] – selection of application components to be installed. If none of the components are specified, all
components that are available for the operating system are installed.
ALL – installation of all components.
MailAntiVirus – installation of the Mail Anti-Virus component.
FileAntiVirus – installation of the File Anti-Virus component.
IMAntiVirus – installation of the IM Anti-Virus component.
WebAntiVirus – installation of the Web Anti-Virus component.
ApplicationPrivilegeControl – installation of the Application Privilege Control component.
SystemWatcher – installation of the System Watcher component.
Firewall – installation of the Firewall component.
NetworkAttackBlocker – installation of the Network Attack Blocker component.
WebControl – installation of the Web Control component.
DeviceControl – installation of the Device Control component.
ApplicationStartupControl – installation of the Application Startup Control component.
A D M I N I S T R A T O R G U I D E
30
VulnerabilityAssessment – installation of vulnerability scan functionality.
AdminKitConnector – installation of Administration Kit Connector for remote administration of the application
through Kaspersky Security Center.
Possible parameter values:
1. Specifying this value signifies that the component will be installed.
0. Specifying this value signifies that the component will not be installed.
[Tasks] – selection of tasks to be included in the list of Kaspersky Endpoint Security tasks. If no task is specified, all tasks
are included in the task list of Kaspersky Endpoint Security.
ScanMyComputer – Full Scan task.
ScanCritical – Critical Areas Scan task.
Updater – Update task.
Possible parameter values:
1. Specifying this value signifies that the update task will be included in the list of Kaspersky Endpoint Security
tasks.
0. Specifying this value signifies that the update task will not be included in the list of Kaspersky Endpoint
Security tasks.
The alternatives to the value 1 are the values yes, on, enable, and enabled. The alternatives to the value 0 are the
values no, off, disable, and disabled.
INITIAL CONFIGURATION OF THE APPLICATION
The Initial Configuration Wizard of Kaspersky Endpoint Security starts at the end of the application setup procedure. The
Initial Configuration Wizard lets you activate the application and gather information about the applications that are
included in the operating system. These applications are added to the list of trusted applications whose actions within the
operating system are not subject to any restrictions.
The interface of the Initial Configuration Wizard consists of a sequence of pages (steps). You can navigate between the
Initial Configuration Wizard pages by using the Back and Next buttons. To complete the Initial Configuration Wizard
procedure, click the Finish button. To stop the Initial Configuration Wizard procedure at any stage, click Cancel.
If the Initial Configuration Wizard is interrupted for some reason, the already specified settings are not saved. When you
start using the application the next time, the Initial Configuration Wizard starts again, and you need to configure the
settings again.
Loading...