Hardware and software requirements

Required EPP applications and supported configurations

In order to use Kaspersky Managed Detection and Response, at least one of the following EPP applications must be deployed in your infrastructure:

Kaspersky Endpoint Security for Windows
Kaspersky Endpoint Security for Linux
Kaspersky Endpoint Security for Mac
Kaspersky Security for Windows Server with Kaspersky Endpoint Agent for Windows
To use the MDR functionality on your servers running OS Windows, we recommend using Kaspersky Endpoint Security for Windows on these servers, instead of Kaspersky Security for Windows Server with Kaspersky Endpoint Agent.
Kaspersky Security for Virtualization 5.2 Light Agent

Operating systems

Kaspersky Managed Detection and Response is compatible with the same operating systems as the EPP applications listed below. For details, please refer to the Hardware and software requirements section in the documentation of compatible EPP applications listed in the table below.

Compatible Kaspersky applications and solutions

Kaspersky Managed Detection and Response is compatible with the versions of Kaspersky applications and solutions listed in the table below.

Kaspersky application	Recommended versions and their term of support	Compatible versions and their term of support	Notes
Kaspersky Endpoint Security for Windows	12.8 or later	12.6 or later
Kaspersky Endpoint Security for Windows in Endpoint Detection and Response Agent (EDR Agent) configuration Starting with Kaspersky Endpoint Security for Windows version 12.3, the application includes the Endpoint Detection and Response Agent (EDR Agent) configuration. Endpoint Detection and Response Agent is an application that is installed on individual workstations and servers in the IT infrastructure of the organization to support the Kaspersky Managed Detection and Response and Kaspersky Anti Targeted Attack Platform (EDR) solutions. EDR Agent continuously monitors processes running on these computers, open network connections, and files being modified. Protection and control components are not available for EDR Agent. EDR Agent is compatible with third-party EPP applications. This lets you use third-party infrastructure security tools alongside Detection and Response by Kaspersky. For more details see Kaspersky Endpoint Security for Windows Online Help.	12.8 or later	12.6 or later	For assets with the Kaspersky Endpoint Security for Windows in the EDR Agent configuration, the Warning and Critical statuses for protection and control components are not displayed. You can not use Kaspersky Endpoint Detection and Response Optimum features for the assets with Kaspersky Endpoint Security for Windows in EDR Agent configuration. The list of third-party EPP applications that are compatible with EDR Agent is provided in the Kaspersky Endpoint Security for Windows online help.
Kaspersky Endpoint Security for Linux	12.2 or later	12.1 or later	If you use Kaspersky Endpoint Security for Linux and do not have the Linux Audit Daemon (also referred to as auditd) package installed, system audit events are logged to the `dmesg` kernel log. We recommend installing the auditd package for the convenience of Kaspersky Endpoint Security for Linux managing log rotation.
Kaspersky Endpoint Security for Mac	12.1 or later	12 or later
Kaspersky Security for Virtualization Light Agent	6.2 or later	5.2 or later	Kaspersky Security for Virtualization version 5.2 Light Agent is not supported if you use Kaspersky Security Center Linux.
Kaspersky Endpoint Agent	4.0 or later	3.15 or later	Kaspersky Endpoint Agent is only required if you use Kaspersky Security for Windows Server. Please note that the Kaspersky Managed Detection and Response solution is compatible with the Kaspersky Endpoint Agent versions 3.9, 3.10 and 3.11, but the technical support period for these versions is over. If you use Kaspersky Endpoint Agent versions 3.9, 3.10, and 3.11 as an agent for the Kaspersky Managed Detection and Response solution, Kaspersky recommends updating Kaspersky Endpoint Agent to version 3.15. Working with Kaspersky Security Center Cloud Console is only available for Kaspersky Endpoint Agent for Windows 3.12 or later.
Kaspersky Security for Windows Server	We recommend to use Kaspersky Endpoint Security for Windows 12 or later	11.x	To use the MDR functionality on your servers running Windows, we recommend using Kaspersky Endpoint Security for Windows on these servers, instead of Kaspersky Security for Windows Server with Kaspersky Endpoint Agent: MDR threat detection works better with Kaspersky Endpoint Security for Windows. MDR functionality for Kaspersky Security for Windows Server is not being developed, since Kaspersky Security for Windows Server limited support ends Jun 30, 2025.
Kaspersky Security Center Windows	15.1 or later	14.1 or later	With MDR Plug-in for Kaspersky Security Center.
Kaspersky Security Center Linux	15.1	15.1	With MDR Plug-in for Kaspersky Security Center.
Kaspersky Security Center Cloud Console	n/a	n/a	The latest version is always used in the cloud.
MDR Plug-in for Kaspersky Security Center	Latest version	Latest version	In Kaspersky Security Center 13 Windows, the latest version available is 2.1.13. In Kaspersky Security Center 14 Windows and Kaspersky Security Center 14.1 Windows, the latest version available is 2.1.14. MDR Plug-in 2.1.15 and later is available only in Kaspersky Security Center 15.1 Windows or later and Kaspersky Security Center 15.1 Linux or later.
Kaspersky Security Center Network Agent	The version provided with Kaspersky Security Center Windows installed	13 or later	When you update Kaspersky Security Center, you must also update Kaspersky Security Center Network Agent to the corresponding version.
Kaspersky Anti Targeted Attack Platform + Kaspersky Endpoint Detection and Response	6.1	6.0 or later	Please note that the cloud solution Kaspersky Endpoint Detection and Response Expert is not supported.
Kaspersky Endpoint Detection and Response Optimum	3.0 or later	2.3 or later	If you use Kaspersky Endpoint Security for Windows 11.7 or later, EDR Optimum must be used without Kaspersky Endpoint Agent. To activate Kaspersky Endpoint Detection and Response Optimum functions, you must add one of the following activation codes on your assets via Kaspersky Security Center: Kaspersky Endpoint Detection and Response Optimum Kaspersky Endpoint Detection and Response Optimum add-on

To learn more about the supported versions of Kaspersky applications and solutions, refer to the Product Support Lifecycle webpage.

MDR Web Console

MDR Web Console has the following hardware and software requirements:

Monitor that supports a display resolution of 1024x768 or higher
Any of the following browsers:
- Apple Safari—15 on macOS
- Google Chrome—100.0.4896.88 or later (official build)
- Microsoft Edge—100 or later
- Mozilla Firefox—91.8.0 or later

Network channel

The following table shows network channel throughput calculated from our statistical data.

Operating system	Estimated bandwidth for 1000 assets
Windows	4.3 Mbit/s
Windows server	5.2 Mbit/s
Linux (average for hosts and servers)	14.7 Mbit/s
macOS	8.5 Mbit/s

These bandwidth values are approximate, as the necessary bandwidth greatly depends on the type of asset load generating telemetry events. Peak throughput can be significantly higher. You will need to provide an accordingly higher network bandwidth if your infrastructure regularly operates at peak throughput. Various conditions may presume the load to be higher. For example:

program code compilation by developers
full system scan
high-load servers (for example, DNS and domain controllers)
multiple network connections

Article ID: 196546, Last review: Mar 9, 2025

Page top