Settings in the configuration file for initial setup

In the post-installation configuration file, you can specify the settings shown in the table below. The set of applicable settings depends on the application usage mode.

Settings in the configuration file for initial setup

Setting

Description

Values

KSVLA_MODE

Kaspersky Endpoint Security usage mode.

yes - Kaspersky Endpoint Security is used in Light Agent mode to protect virtual environments (as part of Kaspersky Hybrid Cloud Security for Virtualization Light Agent).

no - Kaspersky Endpoint Security is used in Standard mode.

SERVER_MODE

The role of the protected virtual machine (server or workstation).

The setting is applied only if the application is used in Light Agent mode.

yes - the protected virtual machine is used as a server.

no - the protected virtual machine is used as a workstation.

VDI_MODE

Enabling VDI protection mode to optimize application performance on temporary virtual machines.

The setting is applied only if the application is used in Light Agent mode.

yes – enable VDI protection mode. This is recommended if you are installing Kaspersky Endpoint Security on a virtual machine template that will be used to create temporary virtual machines.

no – do not enable VDI protection mode.

EULA_AGREED

Required setting.

Acceptance of the terms of the End User License Agreement.

yes: accept the terms of the End User License Agreement to continue the application installation.

no – do not accept the End User License Agreement. The application installation will be terminated.

PRIVACY_POLICY_AGREED

Required setting.

Acceptance of the terms of the Privacy Policy.

yes: accept the Privacy Policy to continue installing the application.

no: do not accept the Privacy Policy. The application installation will be terminated.

USE_KSN

Required setting.

Enabling Kaspersky Security Network usage: To enable the use of KSN, the terms of the Kaspersky Security Network Statement must be accepted.

yes – accept the terms of the Kaspersky Security Network Statement and enable the use of KSN.

no – do not accept the Kaspersky Security Network Statement.

If Kaspersky Endpoint Security is used in Standard mode and you have enabled the use of KSN, the application's cloud mode is automatically enabled. In this mode, Kaspersky Endpoint Security uses a lightweight version of the malware databases.

GROUP_CLEAN

Required setting.

Removing users from the kesladmin and keslaudit privileged groups.

yes - Remove users from the privileged groups. If the value is yes and there is no nogroup group, the installation will fail and you will be prompted to manually remove users from privileged groups.

no - Do not remove users from the privileged groups.

LOCALE

Optional setting.

The locale used for the texts of the End User License Agreement, the Privacy Policy and the Kaspersky Security Network Statement, as well as application events sent to Kaspersky Security Center.

The locale in the format specified by RFC 3066.

If the Locale setting is not specified, the operating system locale is used. If the application fails to determine the operating system localization language or the operating system localization is not supported, the default value will be used – en_US.utf8.

The locale of the graphical interface and the application command line depends on the value of the LANG environment variable. If the locale that is not supported by Kaspersky Endpoint Security is specified as the value of the LANG environment variable, the graphical interface and the command line are displayed in English.

INSTALL_LICENSE

Activation code or key file.

This setting applies only if the application is used in Standard mode.

 

UPDATER_SOURCE

Update source.

This setting applies only if the application is used in Standard mode.

SCServer – use the Kaspersky Security Center Administration Server as the update source.

KLServers – use Kaspersky servers as the update source.

Update source address

PROXY_SERVER

Address of the proxy server used to connect to the Internet.

This setting applies only if the application is used in Standard mode.

Proxy server address

UPDATE_EXECUTE

Start application database update task during setup.

This setting applies only if the application is used in Standard mode.

yes – start update task.

no – do not start update task.

KERNEL_SRCS_INSTALL

Automatic start of kernel module compilation.

yes – compile kernel module.

no – do not compile kernel module.

ADMIN_USER

A user assigned the administrator role (admin).

 

CONFIGURE_SELINUX

Automatic configuration of SELinux for working with Kaspersky Endpoint Security.

yes – automatically configure SELinux to work with Kaspersky Endpoint Security.

no – do not automatically configure SELinux to work with Kaspersky Endpoint Security.

DISABLE_PROTECTION

Disable protection components and scan tasks after the application is installed.

An installation with protection components disabled can be convenient, for example, in order to reproduce a problem in the operation of the application and create a trace file.

If you enable the necessary components and tasks after installing the application with the DISABLE_PROTECTION=yes parameter, the enabled components and tasks will continue to work after the application is restarted.

yes - Disable protection components and scan tasks when the application is started after installation.

no - Do not disable protection components and scan tasks when the application is started after installation.

DISABLE_FILEAV_ACTIONS

Disables the disinfection and file deletion functions for application components after its installation.

If the disinfection and file deletion functions are disabled and a threat is detected, the application does not attempt to disinfect or delete the files in which a threat was detected, but only informs the user about a threat detection.

After installing the application, you can enable the file disinfection and deletion functionality using the DisableFileAvActions parameter in the kesl.ini configuration file.

yes: disables the disinfection and file deletion functions when the application is started after the installation.

no (default value): does not disable the disinfection and file deletion functions when the application is started after the installation.

If you want to change the settings in the configuration file for initial setup of the application, specify the values of settings in the following format: <setting_name>=<setting_value> (the application does not process spaces between the name of a setting and its value).

Page top