Kaspersky Endpoint Security for Windows 11.2.0 offers the following features and improvements:
Support for operating systems:
Support for Windows 10 operating system version 1909 (19H2).
Support for migrating an installed Kaspersky Endpoint Security for Windows 11.2.0 when upgrading Windows 7 / 8 / 8.1 to Windows 10. When the operating system is upgraded, the settings of Kaspersky Endpoint Security are retained. No additional configuration of the application is required after upgrading the operating system.
Support for AM-PPL (Antimalware Protected Process Light) technology for the Windows Server 2019 operating system. Support was previously added for AM-PPL technology for Windows 10 version 1703 (RS2) or later operating systems. AM-PPL technology protects services of Kaspersky Endpoint Security against malicious actions. AM-PPL technology is enabled by default. You can turn off the technology by using setup.ini file. For more details about AM-PPL technology, please visit the Microsoft website.
There is an automated procedure for upgrading the Windows 10 operating system through WSUS (Windows Server Update Services) on computers that are protected by Kaspersky Disk Encryption technology. You can upgrade the operating system by using the normal method. This feature is available for Windows 10 version 1607 (RS1) or later. Prior to upgrading earlier versions of the operating system, you need to copy the files necessary for encryption into a separate folder and use a special command to start the operating system upgrade. For more details about upgrading previous versions of the operating system on computers running Kaspersky Endpoint Security, please refer to the Technical Support Knowledge Base.
Support for Kaspersky Sandbox. Kaspersky Sandbox is a solution for detecting and blocking sophisticated threats. Virtual images of operating systems are deployed on Kaspersky Sandbox servers, and scanned objects are executed within these operating systems. Kaspersky Sandbox analyzes the behavior of these objects to identify malicious activity and signs of targeted attacks. To begin working with Kaspersky Sandbox, select the Endpoint Agent component during installation of the application. This will result in the installation of Kaspersky Endpoint Agent. Kaspersky Endpoint Agent is displayed separately in the list of installed applications of the operating system. For detailed information on the operation of Kaspersky Sandbox, please refer to Kaspersky Sandbox Help.
Support for managing the application using the Kaspersky Security Center Cloud Console. Kaspersky Security CenterCloud Console is the cloud version of Kaspersky Security Center. This means that the Administration Server and other components of Kaspersky Security Center are installed in the cloud infrastructure of Kaspersky. Using the Kaspersky Security Center Cloud Console, you can remotely install Kaspersky Endpoint Security and configure application settings. Not all Kaspersky Endpoint Security components are available in the Kaspersky Security Center Cloud Console. For example, Data Encryption is not available.
Capability to use a task to delete data on users' computers. The task allows you to delete data in the following modes: immediate data deletion and delayed data deletion. In immediate data deletion mode, you can, for example, delete outdated data to free up disk space. In delayed deletion mode, you can, for example, protect data on a laptop in case of loss or theft. To do so, you can configure automatic data deletion if the laptop goes outside the boundaries of the corporate network and has not been synchronized with Kaspersky Security Center in a long time. To delete data on users' computers, you need to create and run a special task of Kaspersky Endpoint Security.
Support for managing the application through the REST API. Using a third-party REST client, you can configure the settings of Kaspersky Endpoint Security, run a virus scan, update anti-virus databases, and perform other actions. To get started with the REST API, you need to enable the REST service when installing or upgrading the application. You can enable the REST service by using setup.ini file.
Notifications have been optimized for CD/DVD drives. Device Control does not display notifications if there is no disc in the CD/DVD drive or a disk image is not mounted for the virtual drive.
Anti-Bridging settings are highlighted in a separate Device Control block. You can use a separate "lock" attribute to prohibit changes in the Anti-Bridging settings block in the child policies and local settings of the application.
There is now the capability to monitor user activity on the Internet (Web Control). Kaspersky Endpoint Security logs data on user visits to all websites, including allowed websites. This enables you to obtain the complete history of browser views. To enable logging of events for visits to allowed websites in Kaspersky Endpoint Security, you need to configure Web Control.
User access to application uninstallation, modification, and recovery operations (Password Protection) has been optimized. These operations are available not only to the KLAdmin user, but also to other users, including the Everyone group. Access to other application functions has also been optimized.
There is now the capability to change the length of the encryption key (AES56 / AES256) through a Kaspersky Endpoint Security upgrade. However, there are limitations on changing the length of the encryption key through an application upgrade.