- Kaspersky Security Center 13 Linux Help
- About Kaspersky Security Center 13 Linux
- Basic concepts
- Administration Server
- Hierarchy of Administration Servers
- Virtual Administration Server
- Web Server
- Network Agent
- Administration groups
- Managed device
- Unassigned device
- Administrator's workstation
- Management web plug-in
- Policies
- Policy profiles
- Tasks
- Task scope
- How local application settings relate to policies
- Distribution point
- Connection gateway
- Licensing
- Architecture
- Deployment diagram of Kaspersky Security Center Administration Server and Kaspersky Security Center 13 Web Console
- Ports used by Kaspersky Security Center 13 Linux
- Ports used by Kaspersky Security Center 13 Web Console
- Installation
- Main installation scenario
- Installing a database management system
- Configuring the MariaDB x64 server for working with Kaspersky Security Center 13 Linux
- Installing Kaspersky Security Center
- Installing Kaspersky Security Center 13 Web Console
- Kaspersky Security Center 13 Web Console installation parameters
- Installing Network Agent for Linux in silent mode (with an answer file)
- Account for work with the DBMS
- About Kaspersky Security Center certificates
- Requirements for custom certificates used in Kaspersky Security Center
- Replacing certificate for Kaspersky Security Center 13 Web Console
- Reissuing the certificate for Kaspersky Security Center 13 Web Console
- Converting a PFX certificate to the PEM format
- Signing in to Kaspersky Security Center 13 Web Console and signing out
- Quick Start Wizard
- Protection Deployment Wizard
- Starting Protection Deployment Wizard
- Step 1. Selecting the installation package
- Step 2. Selecting a method for distribution of key file or activation code
- Step 3. Selecting Network Agent version
- Step 4. Selecting devices
- Step 5. Specifying the remote installation task settings
- Step 6. Removing incompatible applications before installation
- Step 7. Moving devices to Managed devices
- Step 8. Selecting accounts to access devices
- Step 9. Starting installation
- Configuring Administration Server
- Configuring the connection of Kaspersky Security Center 13 Web Console to Administration Server
- Viewing log of connections to the Administration Server
- Setting the maximum number of events in the event repository
- Backup copying and restoration of Administration Server data
- Moving Administration Server to another device
- Creating a virtual Administration Server
- A hierarchy of Administration Servers
- Creating a hierarchy of Administration Servers: adding a secondary Administration Server
- Viewing the list of secondary Administration Servers
- Enabling account protection from unauthorized modification
- Two-step verification
- Scenario: configuring two-step verification for all users
- About two-step verification for an account
- Enabling two-step verification for your own account
- Enabling two-step verification for all users
- Disabling two-step verification for a user account
- Disabling two-step verification for all users
- Excluding accounts from two-step verification
- Generating a new secret key
- Editing the name of a security code issuer
- Changing DBMS credentials
- Deleting a hierarchy of Administration Servers
- Discovering networked devices
- Scenario: Discovering networked devices
- IP range polling
- Adding and modifying an IP range
- Device tags
- About device tags
- Creating a device tag
- Renaming a device tag
- Deleting a device tag
- Viewing devices to which a tag is assigned
- Viewing tags assigned to a device
- Tagging a device manually
- Removing an assigned tag from a device
- Viewing rules for tagging devices automatically
- Editing a rule for tagging devices automatically
- Creating a rule for tagging devices automatically
- Running rules for auto-tagging devices
- Deleting a rule for tagging devices automatically
- Application tags
- Kaspersky applications deployment
- Scenario: Kaspersky applications deployment
- Adding management plug-ins for Kaspersky applications
- Creating installation packages from a file
- Creating stand-alone installation packages
- Viewing the list of stand-alone installation packages
- Specifying settings for remote installation on Unix devices
- Replacing third-party security applications
- Removing applications or software updates remotely
- Preparing a device running SUSE Linux Enterprise Server 15 for installation of Network Agent
- Kaspersky applications: licensing and activation
- Licensing of managed applications
- Adding a license key to the Administration Server repository
- Deploying a license key to client devices
- Automatic distribution of a license key
- Viewing information about license keys in use
- Deleting a license key from the repository
- Revoking consent with an End User License Agreement
- Renewing licenses for Kaspersky applications
- Configuring network protection
- Scenario: Configuring network protection
- About device-centric and user-centric security management approaches
- Policy setup and propagation: Device-centric approach
- Policy setup and propagation: User-centric approach
- Manual setup of the group update task for Kaspersky Endpoint Security
- Network Agent policy settings
- Tasks
- Managing client devices
- Settings of a managed device
- Creating administration groups
- Device moving rules
- Creating device moving rules
- Copying device moving rules
- Adding devices to an administration group manually
- Moving devices to an administration group manually
- Changing the Administration Server for client devices
- Viewing and configuring the actions when devices show inactivity
- About device statuses
- Configuring the switching of device statuses
- Policies and policy profiles
- Users and user roles
- About user roles
- Configuring access rights to application features. Role-based access control
- Adding an account of an internal user
- Creating a user group
- Editing an account of an internal user
- Editing a user group
- Adding user accounts to an internal group
- Assigning a user as a device owner
- Deleting a user or a security group
- Creating a user role
- Editing a user role
- Editing the scope of a user role
- Deleting a user role
- Associating policy profiles with roles
- Managing object revisions
- Deletion of objects
- Updating Kaspersky databases and applications
- Scenario: Regular updating Kaspersky databases and applications
- About updating Kaspersky databases, software modules, and applications
- Creating the Download updates to the Administration Server repository task
- Updating Kaspersky databases and software modules on offline devices
- Adjustment of distribution points and connection gateways
- Standard configuration of distribution points: Single office
- Standard configuration of distribution points: Multiple small remote offices
- Calculating the number and configuration of distribution points
- Assigning distribution points automatically
- Assigning distribution points manually
- Modifying the list of distribution points for an administration group
- Managing third-party applications on client devices
- Monitoring and reporting
- Scenario: Monitoring and reporting
- About types of monitoring and reporting
- Dashboard and widgets
- Reports
- Events and event selections
- Using event selections
- Creating an event selection
- Editing an event selection
- Viewing a list of an event selection
- Viewing details of an event
- Exporting events to a file
- Viewing an object history from an event
- Deleting events
- Deleting event selections
- Setting the storage term for an event
- Event types
- Blocking frequent events
- Notifications and device statuses
- Kaspersky announcements
- Device selections
- API Reference Guide
- Integration between Kaspersky Security Center 13 Web Console and other Kaspersky solutions
- Contact Customer service
- Sources of information about the application
- Known issues
- Glossary
- Active key
- Additional subscription key
- Administration Console
- Administration group
- Administration Server
- Administration Server certificate
- Administration Server client (Client device)
- Administration Server data backup
- Administrator rights
- Administrator's workstation
- Anti-virus databases
- Anti-virus protection service provider
- Application Shop
- Authentication Agent
- Available update
- Backup folder
- Broadcast domain
- Centralized application management
- Client administrator
- Configuration profile
- Connection gateway
- Demilitarized zone (DMZ)
- Device owner
- Direct application management
- Distribution point
- Event repository
- Event severity
- Group task
- Home Administration Server
- HTTPS
- Incompatible application
- Installation package
- Internal users
- JavaScript
- Kaspersky Security Center Administrator
- Kaspersky Security Center Operator
- Kaspersky Security Center System Health Validator (SHV)
- Kaspersky Security Center Web Server
- Kaspersky update servers
- Key file
- License term
- Licensed applications group
- Local installation
- Local task
- Managed devices
- Manual installation
- Network Agent
- Network anti-virus protection
- Network protection status
- Policy
- Profile
- Program settings
- Protection status
- Provisioning profile
- Remote installation
- Restoration
- Restoration of Administration Server data
- Role group
- Service provider's administrator
- Shared certificate
- SSL
- Task
- Task for specific devices
- Task settings
- Update
- Virtual Administration Server
- Information about third-party code
- Trademark notices
Installing Network Agent for Linux in silent mode (with an answer file)
You can install Network Agent on Linux devices by using an answer file—a text file that contains a custom set of installation parameters: variables and their respective values. Using this answer file allows you to run an installation in the silent (non-interactive) mode, that is, without user participation.
To perform installation of Network Agent for Linux in silent mode:
- If you want to install Network Agent on devices with the SUSE Linux Enterprise Server 15 operating system, install the insserv-compat package first to configure Network Agent.
- Read the End User License Agreement. Follow the steps below only if you understand and accept the terms of the End User License Agreement.
- Set the value of the KLAUTOANSWERS environment variable by entering the full name of the answer file (including the path), for example, as follows:
export KLAUTOANSWERS=/tmp/nagent_install/answers.txt - Create the answer file (in TXT format) in the directory that you have specified in the environment variable. Add to the answer file a list of variables in the VARIABLE_NAME=variable_value format, each variable on a separate line.
For correct usage of the answer file, you must include in it a minimum set of the three required variables:
- KLNAGENT_SERVER
- KLNAGENT_AUTOINSTALL
- EULA_ACCEPTED
You can also add any optional variables to use more specific parameters of your remote installation. The following table lists all of the variables that can be included in the answer file:
Variables of the answer file used as parameters of Network Agent for Linux installation in silent mode
Variable name
Required
Description
Possible values
KLNAGENT_SERVER
Yes
Contains the Administration Server name presented as fully qualified domain name (FQDN) or IP address.
DNS name or IP address.
KLNAGENT_AUTOINSTALL
Yes
Defines whether silent (non-interactive) installation mode is enabled.
1—Silent mode is enabled; the user is not prompted for any actions during installation.
Other—Silent mode is disabled; the user may be prompted for actions during installation.
EULA_ACCEPTED
Yes
Defines whether the user accepts the End User License Agreement (EULA) of Network Agent; when missing, can be interpreted as non-acceptance of the EULA.
1—I confirm that I have fully read, understand, and accept the terms and conditions of this End User License Agreement.
Other or not specified—I do not accept the terms of the License Agreement (installation is not performed).
KLNAGENT_PROXY_USE
No
Defines whether connection with the Administration Server will use proxy settings. The default value is 0.
1—Proxy settings are used.
Other—Proxy settings are not used.
KLNAGENT_PROXY_ADDR
No
Defines the address of the proxy server used for connection with the Administration Server.
DNS name or IP address.
KLNAGENT_PROXY_LOGIN
No
Defines the user name used for login to the proxy server.
Any existing user name.
KLNAGENT_PROXY_PASSWORD
No
Defines the user password used for login to the proxy server.
Any set of alphanumeric characters allowed by the password format in the operating system.
KLNAGENT_VM_VDI
No
Defines whether Network Agent is installed on an image for creation of dynamic virtual machines.
1—Network Agent is installed on an image, which is subsequently used for creation of dynamic virtual machines.
Other—No image is used during installation.
KLNAGENT_VM_OPTIMIZE
No
Defines whether the Network Agent settings are optimal for hypervisor.
1—The default local settings of Network Agent are modified so that they allow optimized usage on hypervisor.
KLNAGENT_TAGS
No
Lists the tags assigned to the Network Agent instance.
One or multiple tag names separated with semicolon.
KLNAGENT_UDP_PORT
No
Defines the UDP port used by Network Agent. The default value is 15000.
Any existing port number.
KLNAGENT_PORT
No
Defines the non-TLS port used by Network Agent. The default value is 14000.
Any existing port number.
KLNAGENT_SSLPORT
No
Defines the TLS port used by Network Agent. The default value is 13000.
Any existing port number.
KLNAGENT_USESSL
No
Defines whether Transport Layer Security (TLS) is used for connection.
1 (default)—TLS is used.
Other—TLS is not used.
KLNAGENT_GW_MODE
No
Defines whether connection gateway is used.
1 (default)—The current settings are not modified (at the first call, no connection gateway is specified).
2—No connection gateway is used.
3—Connection gateway is used.
4—The Network Agent instance is used as connection gateway in demilitarized zone (DMZ).
KLNAGENT_GW_ADDRESS
No
Defines the address of the connection gateway. The value is applicable only if KLNAGENT_GW_MODE=3.
DNS name or IP address.
- Install Network Agent:
- To install Network Agent from an RPM package to a 32-bit operating system, execute the following command:
# rpm -i klnagent-<build number>.i386.rpm - To install Network Agent from an RPM package to a 64-bit operating system, execute the following command:
# rpm -i klnagent64-<build number>.x86_64.rpm - To install Network Agent from an RPM package on a 64-bit operating system for the Arm architecture, execute the following command:
# rpm -i klnagent64-<build number>.aarch64.rpm - To install Network Agent from a DEB package to a 32-bit operating system, execute the following command:
# apt-get install ./klnagent_<build number>_i386.deb - To install Network Agent from a DEB package to a 64-bit operating system, execute the following command:
# apt-get install ./klnagent64_<build number>_amd64.deb - To install Network Agent from a DEB package on a 64-bit operating system for the Arm architecture, execute the following command:
# apt-get install ./klnagent64_<build number>_arm64.deb
- To install Network Agent from an RPM package to a 32-bit operating system, execute the following command:
Installation of Network Agent for Linux starts in silent mode; the user is not prompted for any actions during the process.