Appendix 6. Network settings for interaction with external services

Kaspersky Endpoint Security uses the following network settings for interacting with external services.

Network settings

Address

Description

activation-v2.kaspersky.com/activationservice/activationservice.svc

Protocol: HTTPS

Port: 443

Activating the application

s00.upd.kaspersky.com

s01.upd.kaspersky.com

s02.upd.kaspersky.com

s03.upd.kaspersky.com

s04.upd.kaspersky.com

s05.upd.kaspersky.com

s06.upd.kaspersky.com

s07.upd.kaspersky.com

s08.upd.kaspersky.com

s09.upd.kaspersky.com

s10.upd.kaspersky.com

s11.upd.kaspersky.com

s12.upd.kaspersky.com

s13.upd.kaspersky.com

s14.upd.kaspersky.com

s15.upd.kaspersky.com

s16.upd.kaspersky.com

s17.upd.kaspersky.com

s18.upd.kaspersky.com

s19.upd.kaspersky.com

cm.k.kaspersky-labs.com

Protocol: HTTPS

Port: 443

Updating databases and application modules

downloads.upd.kaspersky.com

Protocol: HTTPS

Port: 443

  • Updating databases and application modules
  • Checking if Kaspersky servers are accessible. If access to the servers using system DNS is not possible, the application uses public DNS. This is necessary to make sure anti-virus databases are updated and the level of security is maintained for the computer. Kaspersky Endpoint Security uses the following list of public DNS servers in the following order:
    1. Google Public DNS (8.8.8.8).
    2. Cloudflare DNS (1.1.1.1).
    3. Alibaba Cloud DNS (223.6.6.6).
    4. Quad9 DNS (9.9.9.9).
    5. CleanBrowsing (185.228.168.168).

Requests emitted by the application may contain addresses of domains and the public IP address of the user because the application establishes a TCP/UDP connection with the DNS server. This information is needed, for example, to validate the certificate of a web resource when using HTTPS. If Kaspersky Endpoint Security is using a public DNS server, data processing is governed by the privacy policy of the relevant service. If you want to prevent Kaspersky Endpoint Security from using a public DNS server, contact Technical Support for a private patch.

touch.kaspersky.com

Protocol: HTTP

  • Receiving the trusted time for checking the validity period of the certificate (TLS connection).
  • Warning about access denial to a web resource in the browser (Web Threat Protection and Web Control).

p00.upd.kaspersky.com

p01.upd.kaspersky.com

p02.upd.kaspersky.com

p03.upd.kaspersky.com

p04.upd.kaspersky.com

p05.upd.kaspersky.com

p06.upd.kaspersky.com

p07.upd.kaspersky.com

p08.upd.kaspersky.com

p09.upd.kaspersky.com

p10.upd.kaspersky.com

p11.upd.kaspersky.com

p12.upd.kaspersky.com

p13.upd.kaspersky.com

p14.upd.kaspersky.com

p15.upd.kaspersky.com

p16.upd.kaspersky.com

p17.upd.kaspersky.com

p18.upd.kaspersky.com

p19.upd.kaspersky.com

downloads.kaspersky-labs.com

cm.k.kaspersky-labs.com

Protocol: HTTP

Port: 80

Updating databases and application modules

ds.kaspersky.com

Protocol: HTTPS

Port: 443

Using Kaspersky Security Network.

ksn-a-stat-geo.kaspersky-labs.com

ksn-file-geo.kaspersky-labs.com

ksn-verdict-geo.kaspersky-labs.com

ksn-url-geo.kaspersky-labs.com

ksn-a-p2p-geo.kaspersky-labs.com

ksn-info-geo.kaspersky-labs.com

ksn-cinfo-geo.kaspersky-labs.com

Protocol: Any

Port: 443, 1443

Using Kaspersky Security Network.

click.kaspersky.com

redirect.kaspersky.com

Protocol: HTTPS

Follow links from the interface

crl.kaspersky.com

ocsp.kaspersky.com

Protocol: HTTP

Port: 80

Public Key Infrastructure (PKI)

Page top