Migrating [KSVLA Light Agent+KEA] configuration to [KES Light Agent+built-in agent] configuration

To support using Kaspersky Endpoint Security for Windows as part of EDR (KATA), EDR Optimum, Kaspersky Sandbox, a built-in agent has been added to the application. You no longer need a separate Kaspersky Endpoint Agent application to work with these solutions.

When migrating from KSVLA Light Agent to KES Light Agent, the EDR (KATA), EDR Optimum, Kaspersky Sandbox solutions continue to work with Kaspersky Endpoint Security built-in agents. In addition, Kaspersky Endpoint Agent will be removed from the computer.

Before migrating from KSVLA Light Agent to KES Light Agent, you must update all components of Kaspersky Security for Virtualization to version 6.2, including the Protection server and the Integration server. For details about updating the version of the Kaspersky Security for Virtualization Light Agent solution, see the Kaspersky Security for Virtualization Light Agent Help.

Migrating the [KSVLA Light Agent+KEA] configuration to [KES Light Agent+built-in agent] configuration involves the following steps:

  1. Migrating the policy and tasks

    Migrating the [KSVLA Light Agent+KEA] policies and tasks to [KES Light Agent+built-in agent] involves the following steps:

    1. Migrating policies and tasks from KSVLA Light Agent to KES Light Agent using the Policies and Tasks Batch Conversion Wizard (only available on the Administration Console (MMC)).

      As a result, a new policy is created with the name <Policy> (converted). New KES tasks are also created with <Task name> (converted) names.

    2. Migrating policies and tasks from KEA to KES using the wizard for migration from Kaspersky Endpoint Agent (only available in Web Console and Cloud Console).

      As a result, a new policy is created with the name <Name of the Kaspersky Endpoint Security policy> & <Name of the Kaspersky Endpoint Agent policy>. New tasks and KES tasks are also created.

  2. Migrating from KSVLA Light Agent to KES Light Agent

    Migrating from KSVLA Light Agent to KES Light Agent involves installing KES Light Agent instead of KSVLA Light Agent.

    Administrators typically enable Password protection to restrict access to KSVLA Light Agent and KEA. You can only enter the KEA uninstallation password in the properties of the Install application remotely task. For migration, you must disable Password protection for KSVLA Light Agent.

    To carry out the migration, you must select the components needed to support Detection and Response solutions as part of Kaspersky Endpoint Security. After installing the application, Kaspersky Endpoint Security switches to using the built-in agent and removes Kaspersky Endpoint Agent.

  3. Licensing functionality

    If the application is being used in Light Agent mode, you do not need to activate the application. To activate the application, you must add a license key to the SVM. You must also add the license key for activating additional functionality (for example, EDR Optimum) to the SVM. That is, as part of the migration, functionality licensing happens automatically.

  4. Checking the health of Kaspersky Endpoint Detection and Response Optimum and Kaspersky Sandbox

    If after the upgrade, the computer has the Critical status in the Kaspersky Security Center console:

    • Make sure that the computer has Network Agent version 13.2 or higher installed.
    • Check the operating status of the built-in agent by viewing the Report on status of application components. If a component has the Not installed status, install the component using the Change application components task.
    • Make sure you accept the Kaspersky Security Network Statement in the new policy of Kaspersky Endpoint Security for Windows.
    • Make sure EDR Optimum functionality is activated using the Report on status of application components. If a component has the Not covered by license status, make sure that the automatic license key distribution functionality of EDR Optimum is turned on.
    • Check the status of the connection of the virtual machine to the SVM. You can get information about the status of the Light Agent's connection to the SVM in the Kaspersky Endpoint Security or using the application command.
Page top