To be sure that the protection of your managed devices is up-to-date, you must provide timely updates of the following:
Before downloading Kaspersky databases and software modules, Kaspersky Security Center Cloud Console checks if Kaspersky servers are accessible. If access to the servers using system DNS is not possible, the application uses public DNS servers. This is necessary to make sure anti-virus databases are updated and the level of security is maintained for the managed devices.
Depending on the configuration of your network, you can use the following schemes of downloading and distributing the required updates to the managed devices:
Using the Download updates to the repositories of distribution points task
In this scheme, Kaspersky Security Center Cloud Console downloads updates through the Download updates to the repositories of distribution points task. The managed devices included in the scope of a distribution point download the updates from the repository of the distribution point (see figure below).
Distribution point devices running macOS cannot download updates from Kaspersky update servers.
If one or more devices running macOS are within the scope of the Download updates to the repositories of distribution points task, the task completes with the Failed status, even if it has successfully completed on all Windows devices.
Updating by using the Download updates to the repositories of distribution points task
When the Download updates to the repositories of distribution points task is complete, the following updates are downloaded to the distribution point repository:
These updates are installed through the Update task for Kaspersky Endpoint Security for Windows.
By default, these updates are installed automatically. You can change the settings in the Network Agent policy.
By default, Kaspersky Endpoint Security for Windows installs only those updates that you approve. The updates are installed through the Update task and can be configured in the properties of this task.
Each Kaspersky application requests required updates from Administration Server. Administration Server aggregates these requests and downloads to the distribution point repositories only those updates that are requested by any application. This ensures that the same updates are not downloaded multiple times and that unnecessary updates are not downloaded at all. When running the Download updates to the repositories of distribution points task, Administration Server sends the following information to Kaspersky update servers automatically in order to ensure the downloading of relevant versions of Kaspersky databases and software modules:
None of the transmitted information contains personal or other confidential data. AO Kaspersky Lab protects information in accordance with requirements established by law.
Manually through a local folder, a shared folder, or an FTP server
If the client devices do not have a connection to a distribution point, you can use a local folder or a shared resource as a source for updating Kaspersky databases, software modules, and applications. In this scheme, you have to copy required updates from a distribution point repository to a removable drive, and then copy the updates to the local folder or the shared resource specified as an update source in the settings of Kaspersky Endpoint Security for Windows (see figure below).
Updating through a local folder, a shared folder, or an FTP server
Directly from Kaspersky update servers to Kaspersky Endpoint Security for Windows on the managed devices
On the managed devices, you can configure Kaspersky Endpoint Security for Windows to receive updates directly from Kaspersky update servers (see figure below).
Updating security applications directly from Kaspersky update servers
In this scheme, the security application does not use the repositories provided by Kaspersky Security Center Cloud Console. To receive updates directly from Kaspersky update servers, specify Kaspersky update servers as an update source in the interface of the security application. For a full description of these settings, please refer to the Kaspersky Endpoint Security for Windows documentation.