Kaspersky Endpoint Security 10 for Windows Workstations: Service Pack 1 (version 10.2.2.10535)

Kaspersky Endpoint Security 10 for Windows Workstations: Service Pack 1 (version 10.2.2.10535)

25 Feb 2015
Product news

Kaspersky Endpoint Security 10 for Windows Workstations: Service Pack 1 commercial release has been announced on February 25, 2015. Full version number 10.2.2.10535.


  • Anti-virus technologies:
    It is now possible to restore files that have been encrypted by cryptors.
  • Licensing:
    Subscription, a new type of licensing, has been added. 
    The subscription service provides partners with the option of selling application licenses according to a plan, which allows renewing the license and change the number of computers protected under that license without replacing the activation code; it also allows paying for the license renewal upon a regular schedule.
  • Full Disk Encryption:
    • Support of full disk encryption on UEFI systems has been implemented. 
    • Support of full disk encryption on devices with GUID Partition Table has been implemented. 
    • Authentication agent authorization using tokens and smart-cards is now supported. 
      List of supported devices:
      • SafeNet eToken PRO 64K (4.2b) (USB),
      • SafeNet eToken PRO 72K Java (USB),
      • SafeNet eToken PRO 72K Java (Smart Card),
      • SafeNet eToken 5100 (USB),
      • SafeNet eToken 5105 (USB),
      • SafeNet eToken 7300 (USB),
      • EMC RSA SID 800 (USB),
      • ruToken dongle (USB),
      • Aladdin-RD JaCarta PKI (USB),
      • Aladdin-RD JaCarta PKI (Smart Card),
      • Athena IDProtect Laser (USB),
      • Gemalto IDPrime 510 (SmartCard),
      • Gemalto IDBridge CT40 (Reader).
        Important: Authentication by means of tokens and smart cards is possible only if a strong encryption module is installed. 
    • Support has been added in the authentication agent for entering user names and passwords that contain characters in the following languages: English, Arabic, Spanish, Italian, German, Portuguese, Turkish, and French. 
    • More keyboard layouts are now supported by authentication agent. Keyboard layouts are available for the following languages: English (UK), English (USA), Arabic (Algeria, Morocco, Tunis, AZERTY layout), Spanish (Latin America), Italian, German (Germany and Austria), German (Switzerland), Portuguese (Brazil, ABNT2 layout), Turkish (QWERTY layout), French (France), French (Switzerland). 
    • A new GUI with mouse support has been developed for the authentication agent. 
    • The operating system on a computer with an encrypted system hard drive now loads faster. 
    • A new setting remembers the name of the authentication agent account under which the previous authentication was performed successfully. This setting can be configured in the Kaspersky Security Center policy.
  • A new application module update mechanism has been implemented (a dedicated service called avpsus). It offers the following functionality:
    • Updates are installed / rolled back without shutting down the application or interrupting computer protection. 
    • Both critical fixes and new functionality can be installed. 
    • Application status is monitored after updates are installed. Application functionality is restored after crashes. 
    • Integration with Kaspersky Security Center: notifications about available updates, management of update installation, support of phased installation of updates, possibility to apply critical fixes automatically.
  • Centralized administration of the application through Kaspersky Security Center:
    • Settings profiles are now supported. Settings profiles let you modify the values of policy settings for individual computers that are covered by the specific policy and match the conditions specified in the profile. 
    • Different access rights can now be assigned to specific functional areas of application settings (Kaspersky Security Center functionality). 
    • The list of events that are relayed to Kaspersky Security Center by default has been shortened. If necessary, users can manually edit the list of events to be relayed to Kaspersky Security Center.
    • When a new policy of Kaspersky Endpoint Security 10 Service Pack 1 for Windows is created, Application Startup Control is disabled in the policy.
  • Device Control:
    • When a rule that blocks the operation of WiFi modules is applied, the component terminates the established WiFi connections. 
    • The interface for managing trusted devices has been improved: the "Device ID" and "Comment" fields have been added. 
    • It is now possible to create rules for trusted devices based on a device ID mask. Possible masks: the "*" symbol represents any number of symbols; the "?" symbol represents any one symbol.
  • Application Startup Control:
    • The logic of processing Application Control rules has changed: by default, the application denies application startup only to users that are expressly included in the deny list. The "Deny for other users" setting has been added to Application Startup Control rules to support the logic implemented in previous versions of the application. 
    • The option of generating a test verdict for the "Block by default" implicit rule.
  • Firewall:
    By default, 172.16.0.0/12, 192.168.0.0/16, 10.0.0.0/8 LANs are added in the Kaspersky Security Center policy for Firewall functionality.
  • Writing of application dumps and trace files:
    • If writing of application dumps and trace files is disabled, the application removes the dumps and trace files from the computer automatically. 
    • The list of installed patches is now recorded in trace files.
  • The following changes have been made to the application installer:
    • To install file level encryption (FLE) functionality and/or full disk encryption (FDE) functionality, these components have to be selected specifically after choosing the "Custom installation" option (the "Full installation" option is no longer available). 
    • For convenient deployment of encryption functionality, the distribution kit of the AES encryption module is included in the distribution kit of Kaspersky Endpoint Security 10 Service Pack 1 for Windows. The encryption module is installed only if file level encryption (FLE) functionality and/or full disk encryption (FDE) functionality is installed. 
    • Network drivers are installed only if one of the following components is installed: Mail Anti-Virus, Web Anti-Virus, or IM Anti-Virus, Firewall, Network Attack Blocker, Web Control, or Device Control. 
    • To optimize the load on the Kaspersky Security Center server, Application Startup Control functionality is disabled by default.
  • Application performance and RAM usage have been optimized.

 
 

How can we improve this article?

Your feedback will be used for content improvement purposes only. If you need assistance, please contact technical support.

Submit Submit

Thank you for your feedback!

Your suggestions will help improve this article.

OK