Endpoint Detection and Response Agent

Starting with Kaspersky Endpoint Security 12.3 for Windows, the application includes the Endpoint Detection and Response Agent (EDR Agent) configuration. Endpoint Detection and Response Agent is an application that is installed on individual workstations and servers in the IT infrastructure of the organization to support the Kaspersky Managed Detection and Response and Kaspersky Anti Targeted Attack Platform (EDR) solutions. EDR Agent continuously monitors processes running on these computers, open network connections, and files being modified. Protection and control components are not available for EDR Agent.

EDR Agent is compatible with third-party EPP applications. This lets you use third-party infrastructure security tools alongside Detection and Response by Kaspersky.

To deploy EDR Agent, the computer must have the Network Agent installed, and the computer must be added in the Kaspersky Security Center console. To enable the interaction of EDR Agent with Kaspersky Security Center, you must install the Kaspersky Endpoint Security for Windows management plug-in. You can specify EDR Agent settings using a group policy. To integrate EDR Agent, you must configure the integration in appropriate policy sections.

The following Kaspersky applications should be installed on the infrastructure to support operation of MDR / KATA (EDR):

  • Network Agent
  • EDR Agent

Endpoint

 

icon_ksc

Kaspersky Endpoint Security for Windows Management Plug-in

Kaspersky Security Center

 

 

MDR / KATA (EDR)

 

In this section

Installing EDR Agent

Integrating EDR Agent with MDR

Integrating EDR Agent with KATA (EDR)

Compatibility with third-party EPP applications

Page top