Endpoint Detection and Response Agent

Starting with Kaspersky Endpoint Security 12.3 for Windows, the application includes the Endpoint Detection and Response Agent (EDR Agent) configuration. Endpoint Detection and Response Agent is an application that is installed on individual workstations and servers in the IT infrastructure of the organization to support the following Detection and Response solutions by Kaspersky:

EDR Agent continuously monitors processes running on these computers, open network connections, and files being modified. Protection and control components of the application are not available for EDR Agent.

EDR Agent is compatible with third-party EPP applications. This lets you use third-party infrastructure security tools alongside Detection and Response by Kaspersky.

To deploy EDR Agent, the computer must have the Network Agent installed, and the computer must be added in the Kaspersky Security Center console. To enable the interaction of EDR Agent with Kaspersky Security Center, you must install the Kaspersky Endpoint Security for Windows management plug-in. You can specify EDR Agent settings using a group policy. To integrate EDR Agent, you must configure the integration in appropriate policy sections.

The following Kaspersky applications must be installed on the infrastructure to support Kaspersky Detection and Response solutions:

  • Network Agent
  • EDR Agent

Endpoint

 

icon_ksc

Kaspersky Endpoint Security for Windows Management Plug-in

Kaspersky Security Center

 

 

Detection and Response solutions: MDR, KATA (EDR), KATA (NDR)

 

In this section

Installing EDR Agent

Integrating EDR Agent with MDR

Integrating EDR Agent with KATA (EDR)

Integrating EDR Agent with KATA (NDR)

Compatibility with third-party EPP applications

Page top