About updating Kaspersky databases, software modules, and applications

To be sure that the protection of your managed devices is up-to-date, you must provide timely updates of the following:

• Kaspersky databases and software modules

  Before downloading Kaspersky databases and software modules, Kaspersky Security Center Cloud Console checks if Kaspersky servers are accessible. If access to the servers using system DNS is not possible, the application uses public DNS servers. This is necessary to make sure anti-virus databases are updated and the level of security is maintained for the managed devices.

• Installed Kaspersky applications, including Kaspersky Security Center Cloud Console components and security applications

Depending on the configuration of your network, you can use the following schemes of downloading and distributing the required updates to the managed devices:

• Using the Download updates to the repositories of distribution points task
• Manually through a local folder, a shared folder, or an FTP server
• Directly from Kaspersky update servers to the security applications on the managed devices

Using the Download updates to the repositories of distribution points task

In this scheme, Kaspersky Security Center Cloud Console downloads updates through the Download updates to the repositories of distribution points task. The managed devices included in the scope of a distribution point download the updates from the repository of the distribution point (see figure below).

Distribution point devices running macOS cannot download updates from Kaspersky update servers.

If one or more devices running macOS are within the scope of the Download updates to the repositories of distribution points task, the task completes with the Failed status, even if it has successfully completed on all Windows devices.

Updating by using the Download updates to the repositories of distribution points task

When the Download updates to the repositories of distribution points task is complete, the following updates are downloaded to the distribution point repository:

• Kaspersky databases and software modules for the security applications on the managed devices

  These updates are installed through the Update task for Kaspersky Endpoint Security for Windows.

• Updates for the components of Kaspersky Security Center Cloud Console

  By default, these updates are installed automatically. You can change the settings in the Network Agent policy.

• Updates for the security applications

  By default, Kaspersky Endpoint Security for Windows installs only those updates that you approve. The updates are installed through the Update task and can be configured in the properties of this task.

Each Kaspersky application requests required updates from Administration Server. Administration Server aggregates these requests and downloads to the distribution point repositories only those updates that are requested by any application. This ensures that the same updates are not downloaded multiple times and that unnecessary updates are not downloaded at all. When running the Download updates to the repositories of distribution points task, Administration Server sends the following information to Kaspersky update servers automatically in order to ensure the downloading of relevant versions of Kaspersky databases and software modules:

• Application ID and version
• Application installation ID
• Active key ID
• Download task run ID

None of the transmitted information contains personal or other confidential data. AO Kaspersky Lab protects information in accordance with requirements established by law.

Manually through a local folder, a shared folder, or an FTP server

If the client devices do not have a connection to a distribution point, you can use a local folder or a shared resource as a source for updating Kaspersky databases, software modules, and applications. In this scheme, you have to copy required updates from a distribution point repository to a removable drive, and then copy the updates to the local folder or the shared resource specified as an update source in the settings of Kaspersky Endpoint Security for Windows (see figure below).

Updating through a local folder, a shared folder, or an FTP server

Directly from Kaspersky update servers to Kaspersky Endpoint Security for Windows on the managed devices

On the managed devices, you can configure Kaspersky Endpoint Security for Windows to receive updates directly from Kaspersky update servers (see figure below).

Updating security applications directly from Kaspersky update servers

In this scheme, the security application does not use the repositories provided by Kaspersky Security Center Cloud Console. To receive updates directly from Kaspersky update servers, specify Kaspersky update servers as an update source in the interface of the security application. For a full description of these settings, please refer to the Kaspersky Endpoint Security for Windows documentation.

See also: Scenario: Regular updating of Kaspersky databases and applications

Page top