To increase the protection of devices and user data, Kaspersky Endpoint Security can use Kaspersky cloud-based knowledge base Kaspersky Security Network (KSN) to check the reputation of files, Internet resources, and software. Using Kaspersky Security Network data ensures a faster response to various threats, high protection component performance, and fewer false positives.
Use of Kaspersky Security Network is voluntary. Kaspersky Endpoint Security prompts you to enable KSN usage during the initial configuration of the application. You can start or stop using KSN at any time.
Kaspersky Security Network infrastructure solutions
Kaspersky Endpoint Security supports the following infrastructure solutions to work with Kaspersky reputation databases:
After changing the Kaspersky Endpoint Security license, submit the details of the new key to the service provider in order to be able to use KPSN. Otherwise, an authentication error will prevent data exchange with KPSN.
Kaspersky Security Network usage options:
There are two options for using KSN:
You can select a different Kaspersky Security Network usage option at any time.
No personal data is collected, processed, or stored. Detailed information about the storage, and destruction, and/or submission to Kaspersky of statistical information generated during participation in KSN is available in the Kaspersky Security Network Statement and on Kaspersky website. The file with the text of the Kaspersky Security Network Statement is included in the application distribution kit.
Cloud mode for Kaspersky Endpoint Security
If Kaspersky Endpoint Security is used in standalone mode and you are using KSN in the application, you can enable cloud mode. If cloud mode is enabled, Kaspersky Endpoint Security uses a lightweight version of the malware databases. This lets you reduce the load on device memory.
Kaspersky Endpoint Security switches to using a lightweight version of the malware databases after enabling cloud mode and performing the latest update of the application databases and modules. If cloud mode is disabled, Kaspersky Endpoint Security downloads the full version of the application databases from Kaspersky servers during the next update of application databases and modules.
Kaspersky Security Network facilitates the application's use of the lightweight malware databases. If you are not using KSN or cloud mode is disabled, Kaspersky Endpoint Security uses the full version of the application databases.
Cloud mode is disabled automatically if use of KSN is disabled.
If Kaspersky Endpoint Security is used in Light Agent mode for protecting virtual environments, use of the lightweight malware databases is not supported. Kaspersky Endpoint Security receives special databases necessary for the operation of the Light Agent from the Protection Server.
Using the KSN Proxy service
User devices managed by Kaspersky Security Center Administration Server can interact with KSN via the KSN Proxy service.
If Kaspersky Endpoint Security is used in Light Agent mode to protect virtual environments, the KSN Proxy service facilitates interaction with the KSN infrastructure. If the KSN proxy is not available, KSN is not used by the application.
A KSN proxy server provides the following capabilities:
KSN proxy server settings can be configured in the Kaspersky Security Center Administration Server properties. For details about the KSN proxy server, refer to the Kaspersky Security Center Help.