Kaspersky Security Center licensing options

Kaspersky Security Center can work in the following modes:

Basic functionality of Administration Console
Kaspersky Security Center works in this mode before the application is activated or after the commercial license expires. Kaspersky Security Center with support of the basic functionality of Administration Console is delivered as a part of Kaspersky applications for protection of corporate networks. You can also download it from Kaspersky website.

Commercial license

If you need additional functionality which is not included in the basic functionality of Administration Console, you must purchase a commercial license.

When adding a license key in the Administration Server properties window, ensure that you add a license key that lets you use Kaspersky Security Center Linux. You can find this information at the Kaspersky website. Each solution webpage contains the list of applications included in this solution. Administration Server may accept unsupported license keys, for example a license key for Kaspersky Endpoint Security Cloud, but such license keys provide no new features in addition to the basic functionality of Administration Console.

Feature or property	Kaspersky Security Center Linux operation mode

	No license	Commercial license
Basic functionality of Administration Console The following functions are available: Creation of virtual Administration Servers that are used to administer a network of remote offices or client organizations. Creation of a hierarchy of administration groups to manage specific devices as a single entity. Remote installation of applications. Centralized configuration of applications installed on client devices. Control of the anti-virus security status of an organization. Management of user roles. Statistics and reports on the application's operation, as well as notifications about critical events. Centralized operations with files that were moved to Quarantine or Backup and files whose processing was postponed. Encryption and data protection management. Viewing and manual editing of the list of hardware components detected by polling the network. Viewing the list of operating system images available for remote installation.
Vulnerability and patch management: basic functionality The following tasks do not require a commercial license: The Find vulnerabilities and required updates task Through this task, Kaspersky Security Center Linux receives the lists of detected vulnerabilities and required updates for the third-party software installed on the managed devices. The Fix vulnerabilities task The Fix vulnerabilities task uses recommended fixes for Microsoft software and user fixes for third-party software. To use this task, you must manually specify user fixes for vulnerabilities in the task settings.
Vulnerability and patch management: advanced functionality You can define the rules for automatic remote installation of software updates and fixing of vulnerabilities automatically.
Systems management The following functions are available: Remote permission of connection to client devices through a component of Microsoft® Windows® named Remote Desktop Connection. Remote connection to client devices through Windows Desktop Sharing.
Exporting events to SIEM systems: using the Syslog protocol Using the Syslog protocol, you can relay any events that occur on the Kaspersky Security Center Administration Server and in Kaspersky applications that are installed on managed devices. The Syslog protocol is a standard message-logging protocol. You can use it to export events to any SIEM system.
Exporting events to SIEM systems: QRadar by IBM and ArcSight by Micro Focus Event export can be used within centralized systems that deal with security issues on an organizational and technical level, provide security monitoring services, and consolidate information from different solutions. These are SIEM systems, which provide real-time analysis of security alerts and events generated by network hardware and applications, or Security Operation Centers (SOCs). Under a special license, you can use the CEF and LEEF protocols to export to SIEM systems general events, as well as the events transferred by Kaspersky applications to the Administration Server. LEEF (Log Event Extended Format) is a customized event format for IBM Security QRadar SIEM. QRadar can integrate, identify, and process LEEF events. LEEF events must use UTF-8 character encoding. You can find detailed information on LEEF protocol in IBM Knowledge Center. CEF (Common Event Format) is an open log management standard that improves the interoperability of security-related information from different security and network devices and applications. CEF enables you to use a common event log format so that data can easily be integrated and aggregated for analysis by an enterprise management system. ArcSight and Splunk SIEM systems use this protocol.

Page top