KEA to KES Migration Guide for EDR Optimum
Kaspersky Endpoint Security for Windows includes a built-in agent for the Kaspersky Endpoint Detection and Response Optimum solution. You no longer need a separate Kaspersky Endpoint Agent application to work with EDR Optimum. All functions of Kaspersky Endpoint Agent will be performed by Kaspersky Endpoint Security.
When you deploy Kaspersky Endpoint Security on computers that have Kaspersky Endpoint Agent installed, Kaspersky Endpoint Detection and Response Optimum solution will continue working with Kaspersky Endpoint Security. In addition, Kaspersky Endpoint Agent will be removed from the computer. The same behavior in the system will occur when you update Kaspersky Endpoint Security to version 11.7.0 or higher.
Kaspersky Endpoint Security is not compatible with Kaspersky Endpoint Agent. You cannot install both of these applications on the same computer.
The following conditions must be met for Kaspersky Endpoint Security to work as part of Kaspersky Endpoint Detection and Response Optimum:
- Kaspersky Endpoint Detection and Response Optimum version 2.0 or higher
- Kaspersky Security Center version 13.2 or higher (including Network Agent). In earlier versions of Kaspersky Security Center, it is impossible to activate the EDR Optimum feature.
- EDR Optimum can be managed only using the Kaspersky Security Center Web Console.
- Data transfer to Administration Server is enabled. The data are required to obtain information about files quarantined on a computer through Web Console.
- A background connection between Kaspersky Security Center Web Console and Administration Server is established. For EDR Optimum to work with Administration Server via Kaspersky Security Center Web Console, you must establish a new secure connection, a background connection.
Steps for migrating [KES+KEA] configuration to [KES+built-in agent] for EDR Optimum
- Upgrading the Kaspersky Endpoint Security web plug-in
EDR Optimum component can be managed using the Kaspersky Endpoint Security Web Plug-in version 11.7.0 or higher.
- Migrating policies and tasks
Transfer Kaspersky Endpoint Agent settings to Kaspersky Endpoint Security for Windows. To do this, use the wizard for migrating from Kaspersky Endpoint Agent in the Web Console.
- Licensing the EDR Optimum functionality
If you use a common Kaspersky Endpoint Detection and Response Optimum or Kaspersky Optimum Security license to activate Kaspersky Endpoint Security for Windows and Kaspersky Endpoint Agent, EDR Optimum functionality will be activated automatically after upgrading the application to version 11.7.0 or higher. You do not need to do anything else.
If you use a stand-alone Kaspersky Endpoint Detection and Response Optimum Add-on license to activate EDR Optimum functionality, you must make sure that the EDR Optimum key is added to the Kaspersky Security Center repository and the automatic license key distribution functionality is enabled. After you upgrade the application to version 11.7.0 or higher, EDR Optimum functionality is activated automatically.
If you use a Kaspersky Endpoint Detection and Response Optimum or Kaspersky Optimum Security license to activate Kaspersky Endpoint Agent, and a different license to activate Kaspersky Endpoint Security for Windows, you must replace the Kaspersky Endpoint Security for Windows key with the common Kaspersky Endpoint Detection and Response Optimum or Kaspersky Optimum Security key. You can replace the key using the Add key task.
- Installing / Upgrading the Kaspersky Endpoint Security application
To migrate EDR Optimum functionality during an application installation or upgrade, it is recommended to use the remote installation task. When creating a remote installation task, you need to select EDR Optimum component in the installation package settings.
You can also upgrade the application using the following methods:
- Using the Kaspersky update service.
- Locally, by using the Setup Wizard.
Kaspersky Endpoint Security supports automatically selecting components when upgrading the application on a computer with the Kaspersky Endpoint Agent application installed. The automatic selection of components depends on the permissions of the user account that is upgrading the application.
If you are upgrading Kaspersky Endpoint Security using the EXE or MSI file under the system account (SYSTEM), Kaspersky Endpoint Security gains access to current licenses of Kaspersky solutions. Therefore, if the computer has, for example, Kaspersky Endpoint Agent installed and the EDR Optimum solution activated, the Kaspersky Endpoint Security installer automatically configures the set of components and selects the EDR Optimum component. This makes Kaspersky Endpoint Security switch to using the built-in agent and removes Kaspersky Endpoint Agent. Running the MSI installer under the system account (SYSTEM) is usually performed when upgrading via the Kaspersky update service or when deploying an installation package via Kaspersky Security Center.
If you are upgrading Kaspersky Endpoint Security using an MSI file under a non-privileged user account, Kaspersky Endpoint Security lacks access to current licenses of Kaspersky solutions. In this case, Kaspersky Endpoint Security automatically selects components based on Kaspersky Endpoint Agent configuration. After that Kaspersky Endpoint Security switches to using the built-in agent and removes Kaspersky Endpoint Agent.
Kaspersky Endpoint Security supports upgrading without computer restart. You can select the application upgrade mode in policy properties.
- Checking the application operation
If after application installation or upgrade, the computer has the Critical status in the Kaspersky Security Center console:
- Make sure that the computer has Network Agent version 13.2 or higher installed.
- Check the operating status of the built-in agent by viewing the Application components status report. If a component has the Not installed status, install the component using the Change application components task. If a component has the Not covered by license status, make sure that you have activated the built-in agent functionality.
- Make sure you accept the Kaspersky Security Network Statement in the new policy of Kaspersky Endpoint Security for Windows.