A key that is currently used by the application.
A key that certifies the right to use the application but is not currently being used.
A component of Windows-based Kaspersky Security Center (also called MMC-based Administration Console). This component provides a user interface for the administrative services of Administration Server and Network Agent.
A set of devices grouped by function and by installed Kaspersky applications. Devices are grouped as a single entity for the convenience of management. A group can include other groups. Group policies and group tasks can be created for each installed application in the group.
A component of Kaspersky Security Center that centrally stores information about all Kaspersky applications that are installed on the corporate network. It can also be used to manage these applications.
The certificate that the Administration Server uses for the following purposes:
The certificate is created automatically when you install the Administration Server, and then stored on the Administration Server.
A device, server, or workstation on which Network Agent is installed and managed Kaspersky applications are running.
Copying of the Administration Server data for backup and subsequent restoration performed by using the backup utility. The utility can save:
The level of the user's rights and privileges required for administration of Exchange objects within an Exchange organization.
A device where Administration Console is installed or that you use to open Kaspersky Security Center Web Console. This component provides a Kaspersky Security Center management interface.
The administrator's workstation is used to configure and manage the server side of Kaspersky Security Center. Using the administrator's workstation, the administrator builds and manages a centralized anti-virus protection system for a corporate LAN based on Kaspersky applications.
A virtual machine created based on an AMI image using Amazon Web Services.
The template containing the software configuration necessary for running the virtual machine. Multiple instances can be created based on a single AMI.
Databases that contain information about computer security threats known to Kaspersky as of when the anti-virus databases are released. Entries in anti-virus databases allow malicious code to be detected in scanned objects. Anti-virus databases are created by Kaspersky specialists and updated hourly.
An organization that provides a client organization with anti-virus protection services based on Kaspersky solutions.
Component of Kaspersky Security Center. Application Shop is used for installing applications on Android devices owned by users. Application Shop allows you to publish the APK files of applications and links to applications in Google Play.
Interface that lets you complete authentication to access encrypted hard drives and load the operating system after the bootable hard drive has been encrypted.
A set of updates for Kaspersky application modules, including critical updates accumulated over a certain period of time and changes to the application's architecture.
The application programming interface of the AWS platform that is used by Kaspersky Security Center. Specifically, AWS API tools are used for cloud segment polling and installing Network Agent on instances.
A combination consisting of the key ID (which looks like "AKIAIOSFODNN7EXAMPLE") and secret key (which looks like "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"). This pair belongs to the IAM user and is used to obtain access to AWS services.
The web interface for viewing and managing AWS resources. AWS Management Console is available on the web at https://aws.amazon.com/console/.
Special folder for storage of Administration Server data copies created using the backup utility.
A logical area of a network in which all nodes can exchange data using a broadcasting channel at the level of OSI (Open Systems Interconnection Basic Reference Model).
Remote application management using the administration services provided in Kaspersky Security Center.
A staff member of a client organization who is responsible for monitoring the anti-virus protection status.
Cloud Discovery is a component of the Cloud Access Security Broker (CASB) solution that protects the cloud infrastructure of an organization. Cloud Discovery manages user access to cloud services. Cloud services include, for example, Microsoft Teams, Salesforce, Microsoft Office 365. Cloud services are grouped in categories, for example, Data exchange, Messengers, Email.
Virtual machines and other virtual resources that are based on a cloud platform and are combined into networks.
Policy that contains a collection of settings and restrictions for an iOS MDM mobile device.
A connection gateway is a Network Agent acting in a special mode. A connection gateway accepts connections from other Network Agents and tunnels them to the Administration Server through its own connection with the Server. Unlike an ordinary Network Agent, a connection gateway waits for connections from the Administration Server rather than establishes connections to the Administration Server.
Demilitarized zone is a segment of a local network that contains servers, which respond to requests from the global Web. In order to ensure the security of an organization's local network, access to the LAN from the demilitarized zone is protected with a firewall.
Device owner is a user whom the administrator can contact when the need arises to perform certain operations on a device.
Application management through a local interface.
Computer that has Network Agent installed and is used for update distribution, remote installation of applications, getting information about computers in an administration group and/or broadcasting domain. Distribution points are designed to reduce the load on the Administration Server during update distribution and to optimize network traffic. Distribution points can be assigned automatically, by the Administration Server, or manually, by the administrator. Distribution point was previously known as update agent.
A part of the Administration Server database dedicated to storage of information about events that occur in Kaspersky Security Center.
Property of an event encountered during the operation of a Kaspersky application. There are the following severity levels:
Events of the same type can have different severity levels depending on the situation in which the event occurred.
Method for remote installation of Kaspersky applications that allows you to install software on specific client devices. For successful forced installation, the account used for the task must have sufficient rights to start applications remotely on client devices. This method is recommended for installing applications on devices that are running Microsoft Windows operating systems and that support this functionality.
A task defined for an administration group and performed on all client devices included in that administration group.
A set of recommendations and features for configuring Kaspersky Security Center and its components, aimed to reduce the risks of its compromise.
Home Administration Server is the Administration Server that was specified during Network Agent installation. The home Administration Server can be used in settings of Network Agent connection profiles.
Secure protocol for data transfer, using encryption, between a browser and a web server. HTTPS is used to gain access to restricted information, such as corporate or financial data.
Set of rights for making requests to AWS-based services. IAM roles are not linked to a specific user or group; they provide access rights without AWS IAM access keys. You can assign an IAM role to IAM users, EC2 instances, and AWS-based applications or services.
The user of AWS services. An IAM user may have the rights to perform cloud segment polling.
The AWS service that enables management of user access to other AWS services and resources.
An anti-virus application from a third-party developer or a Kaspersky application that does not support management through Kaspersky Security Center.
A set of files created for remote installation of a Kaspersky application by using the Kaspersky Security Center remote administration system. The installation package contains a range of settings needed to install the application and get it running immediately after installation. Settings correspond to application defaults. The installation package is created using files with the .kpd and .kud extensions included in the application distribution kit.
The accounts of internal users are used to work with virtual Administration Servers. Kaspersky Security Center grants the rights of real users to internal users of the application.
The accounts of internal users are created and used only within Kaspersky Security Center. No data on internal users is transferred to the operating system. Kaspersky Security Center authenticates internal users.
A mobile device that is connected to the iOS MDM Server by using the iOS MDM protocol. Devices running the iOS operating system can be connected and managed by means of the iOS MDM protocol.
Collection of settings for connecting iOS mobile devices to Administration Server. The user installs an iOS MDM profile to a mobile device, after which this mobile device connects to Administration Server.
A component of Kaspersky Security Center that is installed on a client device, allowing connection of iOS mobile devices to the Administration Server and management of iOS mobile devices through Apple Push Notifications (APNs).
A programming language that expands the performance of web pages. Web pages created using JavaScript can perform functions (for example, change the view of interface elements or open additional windows) without refreshing the web page with new data from a web server. To view pages created by using JavaScript, enable JavaScript support in the configuration of your browser.
Kaspersky Private Security Network is a solution that gives users of devices with Kaspersky applications installed access to reputation databases of Kaspersky Security Network and other statistical data—without sending data from their devices to Kaspersky Security Network. Kaspersky Private Security Network is designed for corporate customers who are unable to participate in Kaspersky Security Network for any of the following reasons:
The person managing application operations through the Kaspersky Security Center remote centralized administration system.
A user who monitors the status and operation of a protection system managed with Kaspersky Security Center.
A component of Kaspersky Security Center designed for checking the operating system's operability in case of concurrent operation of Kaspersky Security Center and Microsoft NAP.
A component of Kaspersky Security Center that is installed together with Administration Server. Web Server is designed for transmission, over a network, of stand-alone installation packages, iOS MDM profiles, and files from a shared folder.
An infrastructure of cloud services that provides access to the Kaspersky database with constantly updated information about the reputation of files, web resources, and software. Kaspersky Security Network ensures faster responses by Kaspersky applications to threats, improves the performance of some protection components, and reduces the likelihood of false positives.
HTTP(S) servers at Kaspersky from which Kaspersky applications download database and application module updates.
A mobile device that is connected to Kaspersky Security Center Administration Server and managed through the Kaspersky Endpoint Security for Android app.
A file in xxxxxxxx.key format that makes it possible to use a Kaspersky application under a trial or commercial license.
A time period during which you have access to the application features and rights to use additional services. The services you can use depend on the type of the license.
A group of applications created on the basis of criteria set by the administrator (for example, by vendor), for which statistics of installations on client devices are maintained.
Installation of a security application on a device on a corporate network that presumes manual installation startup from the distribution package of the security application or manual startup of a published installation package that was pre-downloaded to the device.
A task defined and running on a single client computer.
Corporate networked devices that are included in an administration group.
A specialized component that provides the interface for application management through Administration Console. Each application has its own plug-in. It is included in all Kaspersky applications that can be managed by using Kaspersky Security Center.
Installation of a security application on a device in the corporate network from the distribution package. Manual installation requires the involvement of an administrator or another IT specialist. Usually manual installation is done if remote installation has completed with an error.
Man in The Middle. An attack on the IT infrastructure of an organization in which a hacker hijacks the communication link between two access points, relays it, and modifies the connection between these access points if necessary.
A component of Kaspersky Security Center that provides access to mobile devices and allows you to manage them through Administration Console.
A Kaspersky Security Center component that enables interaction between the Administration Server and Kaspersky applications that are installed on a specific network node (workstation or server). This component is common to all of the company's applications for Microsoft® Windows®. Separate versions of Network Agent exist for Kaspersky applications developed for Unix-like OS and macOS.
A set of technical and organizational measures that lower the risk of allowing viruses and spam to penetrate the network of an organization, and that prevent network attacks, phishing, and other threats. Network security increases when you use security applications and services and when you apply and adhere to the corporate data security policy.
Current protection status, which defines the safety of corporate networked devices. The network protection status includes such factors as installed security applications, usage of license keys, and number and types of threats detected.
Attribute of the patch. There are five importance levels for Microsoft patches and third-party patches:
The importance level of a third-party patch or Microsoft patch is determined by the least favorable severity level among the vulnerabilities that the patches should fix.
A policy determines an application's settings and manages the ability to configure that application on computers within an administration group. An individual policy must be created for each application. You can create multiple policies for applications installed on computers in each administration group, but only one policy can be applied at a time to each application within an administration group.
Application settings that are common to all types of tasks and govern the overall operation of the application, such as application performance settings, report settings, and backup settings.
Current protection status, which reflects the level of computer security.
Collection of settings for applications' operation on iOS mobile devices. A provisioning profile contains information about the license; it is linked to a specific application.
Installation of Kaspersky applications by using the services provided by Kaspersky Security Center.
Relocation of the original object from Quarantine or Backup to its original folder where the object had been stored before it was quarantined, disinfected or deleted, or to a user-defined folder.
Restoration of Administration Server data from the information saved in Backup by using the backup utility. The utility can restore:
A staff member at an anti-virus protection service provider. This administrator performs installation and maintenance jobs for anti-virus protection systems based on Kaspersky anti-virus products and also provides technical support to customers.
A certificate intended for identifying the user's mobile device.
A data encryption protocol used on the internet and local networks. The Secure Sockets Layer (SSL) protocol is used in web applications to create a secure connection between a client and server.
Functions performed by the Kaspersky application are implemented as tasks, such as: Real-time file protection, Full computer scan, and Database update.
A task assigned to a set of client devices from arbitrary administration groups and performed on those devices.
Application settings that are specific for each task type.
Device with a Kaspersky solution or application for UEFI integrated at the BIOS level. Integrated protection ensures device security from the moment the system starts, while protection on devices without integrated software begins functioning only after the security application starts.
The procedure of replacing or adding new files (databases or application modules) retrieved from the Kaspersky update servers.
The procedure of installing a newer version of Kaspersky Security Center on a device that has an earlier version of this application installed.
A component of Kaspersky Security Center, designed for management of the protection system of a client organization's network.
Virtual Administration Server is a particular case of a secondary Administration Server and has the following restrictions as compared with a physical Administration Server:
Maximum allowed number of events of the specified type within a limited time; when this number is exceeded, it is interpreted as increased virus activity and as a threat of a virus outbreak. This feature is important during periods of virus outbreaks because it enables administrators to respond in a timely manner to virus attack threats.
A series of deliberate attempts to infect a device with a virus.
A flaw in an operating system or an application that may be exploited by malware makers to penetrate the operating system or application, and corrupt its integrity. The presence of a large number of vulnerabilities in an operating system makes it unreliable, because viruses that penetrate the operating system may cause disruptions in the operating system itself and in installed applications.
An application used for distribution of updates for Microsoft applications on users' computers in an organization's network.
Page top