After deploying Kaspersky Endpoint Security through Kaspersky Security Center, you must prepare the application for operation. The actions to be performed depend on the mode in which you plan to use Kaspersky Endpoint Security.
Standard mode
If you plan to use Kaspersky Endpoint Security in Standard mode, after deploying the application, you need to do the following:
Update application databases and modules using the Administration Console or Kaspersky Security Center Web Console. You can use the Update task, which is created automatically by the initial configuration wizard of Kaspersky Security Center after installing the MMC administration plug-in or the Kaspersky Endpoint Security web administration plug-in.
Kaspersky Endpoint Security protects the device only after the application databases are updated.
Configure a policy for centralized management of the application using Kaspersky Security Center Administration Console or Web Console. You can use a policy that is created automatically by the initial configuration wizard of Kaspersky Security Center after installing the MMC administration plug-in or the Kaspersky Endpoint Security web administration plug-in.
A policy determines the application settings and manages the access to configuration of an application installed on devices within an administration group. An individual policy must be created for each application. You can create an unlimited number of various policies for applications installed on the devices in each administration group, but only one policy can be applied to each application at a time within an administration group.
If you plan to use Kaspersky Endpoint Security in Light Agent mode to protect virtual environments, after deploying the application, perform the following actions:
Configure SVM detection settings for Light Agents. To do this, you need to create and configure a policy for centralized application management on client devices. You can use the Administration Console or the Web Console to work with policies.
You need to configure the following settings in the policy properties:
Settings for connecting Light Agents to the Integration Server.
Settings for connecting Light Agents to SVMs.
Make sure that a connection is established between Light Agents and the SVMs and the Integration Server.
You can get information about the connection by using Kaspersky Endpoint Security commands on the protected virtual machine:
You can view information about connecting to SVMs using the kesl-control [-V] --svm-info command.
You can view information about connecting to the Integration Server using the kesl-control [-V] --viis-info command.
Make sure that Kaspersky Endpoint Security used as a Light Agent receives information about the license under which Kaspersky Hybrid Cloud Security for Virtualization Light Agent is activated.
After activating the solution on SVMs and connecting Light Agents to the SVMs, the Protection Server component sends license information to Light Agents. Information about the license used by Kaspersky Endpoint Security as part of the solution can be viewed on the protected virtual machine using the kesl-control -L --query command.
Make sure that database updates required for Light Agent to operate are installed on the protected virtual machines.
Databases on protected virtual machines are updated using a special Update task, in which a folder on the SVM is specified as the update source. The update task starts automatically.
You can check how up-to-date the databases are on a protected virtual machine with Light Agent by using the kesl-control --app-info command.