Kaspersky Endpoint Security protects the device only after the application databases are updated.
Updating the databases and application modules of Kaspersky Endpoint Security ensures up-to-date protection on your device. New viruses, malware, and other types of threats appear worldwide on a daily basis. The application databases contain information about the threats and the ways to neutralize them. To detect threats quickly, you are urged to regularly update the application databases and modules.
Current application license is required for regular database updates. If there is no current license, you will only be able to perform one update.
The main application update sources are Kaspersky update servers.
If Kaspersky Endpoint Security is used in Light Agent mode to protect virtual environments, databases on protected virtual machines are updated using a special Update local task, where the directory on the SVM is specified as the update source. The update task starts automatically. You cannot delete this task or change its settings.
Your device must be connected to the Internet to successfully download the update package from Kaspersky update servers. By default, Internet connection settings are determined automatically. If you use a proxy server, you will need to adjust the connection settings. The update package is downloaded using the Update task.
During an update, the following objects are downloaded and installed on your device:
If the database update download is interrupted or finishes with an error, the application continues to use the previously installed database version. If application databases were not installed before, the application continues functioning in "without databases" mode. Database and application module updates are still available.
By default, the application logs the Databases are out of date event (BasesAreOutOfDate) if the last installed database updates were published on the Kaspersky server more than three but less than seven days ago. If the databases have not been updated for seven days, the application logs the Databases are extremely out of date (BasesAreTotallyOutOfDate) event. The database is up-to-date if it was downloaded less than three days ago.
The application module can be installed regardless of the state of the application (started or stopped, managed by a Kaspersky Security Center policy) and the update schedule. Kaspersky Endpoint Security continues protecting your device during the application update procedure. During the update, application settings and the application log file are migrated to the new version of the application. After the update, Kaspersky Endpoint Security needs to be restarted.
If the transfer of application settings fails for any reason, the application is set to the default values.
Changes to the application settings made after the update is complete and before the application restarts are not saved.
After updating the application using an autopatch, the mechanism for interacting with the operating system firewall changes: the rules are managed using the iptables and iptables-restore system utilities.
If the application does not work properly after the update, it automatically rolls back to the previous version. A message about the application rollback is displayed. It is recommended to contact Kaspersky Technical Support.
During an update, the application modules and databases on your device are compared with the up-to-date version at the update source. If your current databases and application modules differ from their respective up-to-date versions, the missing portions of the updates will be installed on your device.
If the databases are obsolete, the update package may be large, which may cause additional Internet traffic (up to several dozen MB). The amount of the disk space can be up to 3 GB.