Required EPP applications and supported configurations
In order to use Kaspersky Managed Detection and Response, at least one of the following EPP applications must be deployed in your infrastructure:
To use the MDR functionality on your servers running OS Windows, we recommend using Kaspersky Endpoint Security for Windows on these servers, instead of Kaspersky Security for Windows Server with Kaspersky Endpoint Agent.
Operating systems
Kaspersky Managed Detection and Response is compatible with the same operating systems as the EPP applications listed below. For details, please refer to the Hardware and software requirements section in the documentation of compatible EPP applications listed in the table below.
Compatible Kaspersky applications and solutions
Kaspersky Managed Detection and Response is compatible with the versions of Kaspersky applications and solutions listed in the table below.
Kaspersky application |
Recommended versions |
Compatible versions |
Notes |
---|---|---|---|
Kaspersky Endpoint Security for Windows |
|
||
|
|||
Kaspersky Endpoint Security for Linux |
If you use Kaspersky Endpoint Security for Linux and do not have the Linux Audit Daemon (also referred to as auditd) package installed, system audit events are logged to the |
||
Kaspersky Endpoint Security for Mac |
|
||
Kaspersky Security for Virtualization Light Agent |
|
||
Kaspersky Endpoint Agent |
Kaspersky Endpoint Agent is only required if you use Kaspersky Security for Windows Server.
Please note that the Kaspersky Managed Detection and Response solution is compatible with the Kaspersky Endpoint Agent versions 3.9, 3.10 and 3.11, but the technical support period for these versions is over. If you use Kaspersky Endpoint Agent versions 3.9, 3.10, and 3.11 as an agent for the Kaspersky Managed Detection and Response solution, Kaspersky recommends updating Kaspersky Endpoint Agent to version 3.15. Working with Kaspersky Security Center Cloud Console is only available for Kaspersky Endpoint Agent for Windows 3.12 or later. |
||
Kaspersky Security for Windows Server |
We recommend to use Kaspersky Endpoint Security for Windows 12 or later |
To use the MDR functionality on your servers running Windows, we recommend using Kaspersky Endpoint Security for Windows on these servers, instead of Kaspersky Security for Windows Server with Kaspersky Endpoint Agent:
|
|
Kaspersky Security Center Windows |
|||
Kaspersky Security Center Linux |
|||
Kaspersky Security Center Cloud Console |
n/a |
n/a |
The latest version is always used in the cloud. |
MDR Plug-in for Kaspersky Security Center |
Latest version |
Latest version |
In Kaspersky Security Center 13 Windows, the latest version available is 2.1.13. MDR Plug-in 2.1.14 and later is available only in Kaspersky Security Center 14 Windows or later. |
Kaspersky Security Center Network Agent |
The version provided with Kaspersky Security Center Windows installed |
When you update Kaspersky Security Center, you must also update Kaspersky Security Center Network Agent to the corresponding version. |
|
Kaspersky Anti Targeted Attack Platform + Kaspersky Endpoint Detection and Response |
Please note that the cloud solution Kaspersky Endpoint Detection and Response Expert is not supported. |
||
Kaspersky Endpoint Detection and Response Optimum |
If you use Kaspersky Endpoint Security for Windows 11.7 or later, EDR Optimum must be used without Kaspersky Endpoint Agent.
To activate Kaspersky Endpoint Detection and Response Optimum functions, you must add one of the following license keys on your assets via Kaspersky Security Center:
|
To learn more about the supported versions of Kaspersky applications and solutions, refer to the Product Support Lifecycle webpage.
Kaspersky Managed Detection and Response Web Console
Kaspersky Managed Detection and Response Web Console has the following hardware and software requirements:
Network channel
Based on our statistical data, for the stable operation of Kaspersky Managed Detection and Response, we recommend providing the following network channel throughput:
These bandwidth values are approximate, as the necessary bandwidth greatly depends on the type of asset load generating telemetry events.
Page top