To ensure timely delivery of commands to KES devices managed by the Android operating system, Kaspersky Security Center uses the mechanism of push notifications. Push notifications are exchanged between KES devices and Administration Server through Firebase Cloud Messaging (hereinafter referred to as FCM). In Kaspersky Security Center Administration Console, you can specify the Firebase Cloud Messaging settings to connect KES devices to the service.
To retrieve the settings of Firebase Cloud Messaging, you must have a Google account.
To enable the use of FCM:
In Administration Console, select the Mobile Device Management node, and the Mobile devices folder.
In the context menu of the Mobile devices folder, select Properties.
In the folder properties, select the Google Firebase Cloud Messaging settings section.
In the Sender ID field, specify the FCM Sender ID.
In the Private key file (in JSON format) field, select the private key file.
At the next synchronization with Administration Server, KES devices managed by Android operating systems will be connected to Firebase Cloud Messaging.
You can edit the Firebase Cloud Messaging settings by clicking the Reset settings button.
When you switch to a different Firebase project, you need to wait 10 minutes for FCM to resume.
FCM service runs in the following address ranges:
From the KES device's side, access is required to ports 443 (HTTPS), 5228 (HTTPS), 5229 (HTTPS), and 5230 (HTTPS) of the following addresses:
google.com
fcm.googleapis.com
android.apis.google.com
All of the IP addresses listed in Google's ASN of 15169
From the Administration Server side, access is required to port 443 (HTTPS) of the following addresses:
fcm.googleapis.com
All of the IP addresses listed in Google's ASN of 15169
If the proxy server settings (Advanced / Configuring Internet access) have been specified in the Administration Server properties in Administration Console, they will be used for interaction with FCM.
Configuring FCM: getting the Sender ID and private key file