Change application components
During installation of the application, you can select the components that will be available. You can change the available application components in the following ways:
- Locally, by using the Setup Wizard.
Application components are changed by using the normal method for a Windows operating system, which is through the Control Panel. Run the Application Setup Wizard and select the option to change the application components that are available. Follow the instructions on the screen.
- Remotely using Kaspersky Security Center.
The Change application components task allows you to change the components of Kaspersky Endpoint Security after the application is installed.
Please take into account the following special considerations when changing the application components:
- On computers running Windows Server, you cannot install all components of Kaspersky Endpoint Security (for example, the Adaptive Anomaly Control component is not available).
- If the hard drives on your computer are protected by Full Disk Encryption (FDE), you cannot remove the Full Disk Encryption component. To remove the Full Disk Encryption component, decrypt all the hard drives of the computer.
- If the computer has encrypted files (FLE) or the user uses encrypted removable drives (FDE or FLE), it will be impossible to access the files and removable drives after the Data Encryption components are removed. You can access the files and removable drives by reinstalling the Data Encryption components.
How to add or remove application components in the Administration Console (MMC)
- In the Administration Console, go to the folder Administration Server → Tasks.
The list of tasks opens.
- Click the New task button.
The Task Wizard starts. Follow the instructions of the Wizard.
Step 1. Selecting task type
Select Kaspersky Endpoint Security for Windows (12.1) → Select components to install.
Step 2. Task settings for changing application components
Select the application components that will be available on the user's computer.
Configure the advanced settings for the task (see the table below).
Step 3. Selecting the devices to which the task will be assigned
Select the computers on which the task will be performed. The following options are available:
- Assign the task to an administration group. In this case, the task is assigned to computers included in a previously created administration group.
- Select computers detected by the Administration Server in the network: unassigned devices. The specific devices can include devices in administration groups as well as unassigned devices.
- Specify device addresses manually, or import addresses from a list. You can specify NetBIOS names, IP addresses, and IP subnets of devices to which you want to assign the task.
Step 4. Configuring a task start schedule
Configure a schedule for starting a task, for example, manually or when the computer is idle.
Step 5. Defining the task name
Enter a name for the task, for example, Add the Application Control component.
Step 6. Completing task creation
Exit the Wizard. If necessary, select the Run the task after the Wizard finishes check box. You can monitor the progress of the task in the task properties.
As a result, the set of Kaspersky Endpoint Security components on users' computers will be changed in silent mode. The settings of available components will be displayed in the local interface of the application. The components that were not included in the application are disabled, and the settings of these components are not available.
How to add or remove application components in the Web Console and Cloud Console
- In the main window of the Web Console, select Devices → Tasks.
The list of tasks opens.
- Click the Add button.
The Task Wizard starts. Follow the instructions of the Wizard.
Step 1. Configuring general task settings
Configure the general task settings:
- In the Application drop-down list, select Kaspersky Endpoint Security for Windows (12.1).
- In the Task type drop-down list, select Change application components.
- In the Task name field, enter a brief description, for example, Add the Application Control component.
- In the Select devices to which the task will be assigned block, select the task scope.
Step 2. Selecting the devices to which the task will be assigned
Select the computers on which the task will be performed. For example, select a separate administration group or build a selection.
Step 3. Completing task creation
Select the Open task details when creation is complete check box and finish the Wizard. In the task properties, select the Application Settings tab and select the application components that will be available. Configure the advanced settings for the task (see the table below).
Save the changes and run the task.
As a result, the set of Kaspersky Endpoint Security components on users' computers will be changed in silent mode. The settings of available components will be displayed in the local interface of the application. The components that were not included in the application are disabled, and the settings of these components are not available.
Advanced Settings of the task
Parameter
|
Description
|
Remove incompatible third-party applications
|
The list of incompatible applications can be viewed in incompatible.txt , which is included in the distribution kit. If incompatible applications are installed on the computer, installation of Kaspersky Endpoint Security ends with an error.
|
Use password for modifying the set of application components
|
Administrators typically enable Password protection to restrict access to Kaspersky Endpoint Security. That is, to modify the selection of application components, you must enter credentials of a user that has the Remove / modify / restore the application permission. For example, you can use the KLAdmin account.
|
Use Azure WVD compatibility mode
|
This feature allows correctly displaying the state of the Azure virtual machine in the Kaspersky Anti Targeted Attack Platform console. To monitor the performance of the computer, Kaspersky Endpoint Security sends telemetry to KATA servers. Telemetry includes an ID of the computer (Sensor ID). Azure WVD compatibility mode allows assigning a permanent unique Sensor ID to these virtual machines. If the compatibility mode is turned off, the Sensor ID can change after the computer is restarted because of how Azure virtual machines work. This can cause duplicates of virtual machines to appear on the console.
|
Use the password to uninstall Kaspersky Endpoint Agent and Kaspersky Security for Windows Server
|
Administrators typically enable Password protection in settings of these tasks to restrict access to Kaspersky Endpoint Agent (KEA) and Kaspersky Security for Windows Server (KSWS). That is, if you are migrating from the [KES+KEA] configuration to [KES+built-in agent], or if you are migrating from KSWS to KES, you must enter a password to remove these applications.
|
Page top