Updating Kaspersky Security databases and application modules

The update functionality (including anti-virus signature updates and code base updates) may not be available in the solution in the territory of the USA.

Updating the databases and application modules of the Kaspersky Security solution ensures up-to-date protection of virtual machines. New viruses and other types of malware appear worldwide on a daily basis. Kaspersky Security databases contain information about threats and ways of neutralizing them. Kaspersky Security databases include antivirus databases and other Kaspersky databases important for the security of the protected infrastructure. Updating Kaspersky Security application modules lets you promptly receive important updates to Kaspersky Security solution components. To enable the Kaspersky Security solution to promptly detect threats, you need to update the solution's databases and modules regularly.

If the Kaspersky Security databases have not been updated for a long time, a notification appears in Kaspersky Security Center in the SVM properties window (in the Events section, if you are working through Kaspersky Security Center Administration Console; on the Events tab, if you are working through Kaspersky Security Center Web Console).

Updating Kaspersky Security databases and application modules may change certain Kaspersky Security settings, for example, the heuristic analysis settings that improve the effectiveness of protection and scans.

Updates of Kaspersky Security databases and application modules require a current license to use the application.

Kaspersky Security databases and application modules are updated as follows:

  1. Kaspersky Security Center downloads an update package from its update source into the Administration Server repository. An update source is a resource that contains updates for databases and application modules of Kaspersky applications. The Kaspersky Security Center Administration Server repository is the source of updates for Kaspersky Security for Virtualization 6.0 Light Agent.

    To download updates to the Administration Server repository, use the Download updates to Administration Server repository task. The task is created automatically by the Kaspersky Security Center Initial Configuration Wizard. If the "Download updates to Administration Server repository" task is not in the list of tasks for the Administration Server, you need to create it. For details, please refer to the Kaspersky Security Center help.

  2. The Protection Server component downloads the update package from the Administration Server storage to a folder on the SVM. To download update packages to the SVM, use the Database update task for the Protection Server.

    You can use the Updating databases and solution modules task, which is created automatically in Kaspersky Security Center after installing the MMC plug-in or web plug-in for the Protection Server. The task is created for the Managed devices administration group and lets you download an update package to all SVMs included in the Managed devices group or to any nested administration group. The task is started every time an update package is downloaded to the Kaspersky Security Center Administration Server repository.

    If necessary, you can change the settings of the automatically created update task or delete it and create a new Database update task for the Protection Server.

    By default, the update package includes updates of application databases required for the operation of the Protection Server and Light Agent. You can also update software modules of Kaspersky Security components. To do so, it is necessary to add application module updates to the update package.

    For the Protection Server to successfully download an update package from the Administration Server storage, the SVM on which the Protection Server is installed must have access to the Kaspersky Security Center Administration Server. The SVM connection to the Administration Server is configured when SVMs are deployed or reconfigured.

    If Kaspersky Security databases and application modules have not been updated for a long time, the size of the update package may be large. Downloading this update package may generate additional network traffic (up to several dozen megabytes).

  3. After downloading a database update package, the updates are installed from a folder located on the SVM:
    • The Protection Server automatically installs on SVMs the database updates necessary for the operation of the Protection Server.
    • Light Agent checks the availability of an update package in the folder on the SVM to which it is connected.

      To receive updates to databases and application modules, the Light Agent must interact with the Protection Server via the HTTP protocol.

      If an update package is available, Light Agent installs the application database updates required for the operation of Light Agent on the protected virtual machine. Light Agent databases are updated using a predefined local Update task for Kaspersky Endpoint Security for Linux. If Kaspersky Endpoint Security for Linux is used in Light Agent mode, a special Update task is automatically created in the application to update Light Agent databases and application modules. In this task, a folder on the SVM is specified as the update source. The task starts automatically in the following cases:

      • when connecting the Light Agent to the SVM, if the Kaspersky Security databases on the Light Agent are missing or do not correspond to the databases installed on the Protection Server;
      • 120 minutes after the previous successful update or 20 minutes if the update fails.

      You can also run the Update task manually using the kesl-control --start-task Update command. For more details, see the Kaspersky Endpoint Security for Linux Help.

  4. Updates of Kaspersky Security application modules are installed from a folder on SVMs (if they have been included in the update package):
    • Protection Server module updates are installed on the SVM by executing a Solution module update on the SVM task for the Protection Server.

      You can view a list of installed application module updates on SVMs by using the command line script named patch_list.pl located in the /opt/kaspersky/la/patching/ folder.

    • Updates to Light Agent for Linux application modules are automatically installed on virtual machines as a result of running the local Update task for Kaspersky Endpoint Security for Linux.

    After updates of Kaspersky Security application modules are installed, the performance of Kaspersky Security is checked on each SVM and protected virtual machine. If problems are detected, the application module update is automatically rolled back.

    If Kaspersky Security encounters errors occur after you update Protection Server modules, you can manually roll back the module update on SVMs.

To ensure up-to-date protection of non-persistent virtual machines, you are advised to regularly update Light Agent databases and application modules on the virtual machine templates from which non-persistent virtual machines have been deployed.

If you enabled VDI protection mode during installation of Light Agent on the virtual machine template, updates that require restarting the protected virtual machine are not installed on non-persistent virtual machines. On receiving updates that require restarting the protected virtual machine, Light Agent installed on a temporary virtual machine sends a message to Kaspersky Security Center informing it that the protected virtual machine template needs to be updated.

In this Help section

Enabling and disabling application module updates

Creating a Database update task

Creating a Solution module update on the SVM task

Rolling back the last update of Kaspersky Security databases and application modules

Page top