Distribution kit

Distribution kit

The Kaspersky NGFW solution is delivered as a computer appliance or as a virtual machine image.

The distribution kit of the solution includes the following files:

• kngfw-plugin_cnab-1.1.0-.<build number>_en_US_ru-RU.tar is an archive containing the Kaspersky NGFW plug-in in CNAB format for XDR 1.4 or later.
• kngfw-plugin-1.1.0.-<build number>_en_US_ru-RU.zip is an archive containing the Kaspersky NGFW plug-in for Kaspersky Security Center.
• kngfw-plugin-1.1.0.-<build number>_en_US_ru-RU.signature.txt is the file with the signature of the Kaspersky NGFW plug-in for Kaspersky Security Center.
• license_NGFW_ru_1.1.rtf is the file with the text of the End User License Agreement in the Russian language, which sets forth the terms and conditions on which you agree to use the solution.
• license_NGFW_en_1.1.rtf is the file with the text of the End User License Agreement in the English language, which sets forth the terms and conditions on which you agree to use the solution.
• ksn_NGFW_ru_1.1.rtf is the file with the text of the Kaspersky Security Network Statement in the Russian language.
• ksn_NGFW_en_1.1.rtf is the file with the text of the Kaspersky Security Network Statement in the English language.
• Release_Notes_Kaspersky_NGFW_1_1_0_ru.txt is a file with Kaspersky NGFW Release Notes in the Russian language.
• Release_Notes_Kaspersky_NGFW_1_1_0_en.txt is a file with Kaspersky NGFW Release Notes in the English language.
• legal_notices.txt is the file with information about third-party code used in Kaspersky NGFW.
• AxiomJDK-17-licenses.pdf contains the text of the End User License Agreement for the Axiom JDK 17 components.
• Axiom-runtime-container-glibc-licenses.pdf contains the text of the End User License Agreement for the Axiom JDK 17 components with the glibc library.
• kuma-kngfw-1.1.0 contains instructions for importing settings into KUMA. For the full version, follow the link.
• zabbix-template-1.1.0.-<build number>.yaml contains a monitoring template for integration with the Zabbix system.
• UEFI_NGFW_ISK2025.auth is the public key for signing images, in particular grub.efi.
• UEFI_NGFW_KEK2025.auth is the public key for signing the database of EFI keys used when scanning applications.
• UEFI_NGFW_PK2025.auth is the public key that forms the basis of the Secure Boot trust chain.

Distribution kits of Kaspersky NGFW hardware platforms include archives containing firmware together with checksum files:

• kngfw-kx-100-1.1.0.-<build number>-en-US_ru-RU.tar.zst.
• kngfw-kx-400-1.1.0.-<build number>-en-US_ru-RU.tar.zst.
• kngfw-kx-1000-1.1.0.-<build number>-en-US_ru-RU.tar.zst.
• kngfw-kx-3500-1.1.0.-<build number>-en-US_ru-RU.tar.zst.

The distribution kit includes the following files for updating Kaspersky NGFW from version 1.0 to 1.1:

• kngfw-update-kx-400-kx-1000-kx-3500-kvm-1.1.0.-<build number>-en-US_ru-RU.tar.zst is an archive containing Kaspersky NGFW update files for hardware and virtual platforms.
• kngfw-update-kx-400-kx-1000-kx-3500-kvm-1.1.0.-<build number>-en-US_ru-RU.signature.txt is a signature file for the archive containing Kaspersky NGFW update files for hardware and virtual platforms.
• kngfw-update-kx-100-1.1.0.-<build number>-en-US_ru-RU.tar.zst is an archive with Kaspersky NGFW update files for the KX-100 hardware platform.
• kngfw-update-kx-100-1.1.0.-<build number>-en-US_ru-RU.signature.txt is a signature file for the archive with Kaspersky NGFW update files for the KX-100 hardware platform.
• kngfw-update-vmware-1.1.0.-<build number>-en-US_ru-RU.tar.zst is an archive containing Kaspersky NGFW update files for the VMware ESXi virtual platform.

The Kaspersky NGFW virtual machine for KVM is delivered as the kngfw-kvm_vKX8-1.0.0.<build version>_en-US.tar.zst archive containing the following files:

• The QCOW2 file (kngfw-kvm_vKX8-1.1.0.-<build number>-en-US.qcow2) file, which is the virtual machine disk image.
• The XML file (kngfw-kvm_vKX8-1.1.0.-<build version>-en-US.xml), which is the configuration file that describes the settings of the virtual machine.
• Files with the hashes of the QCOW2 file.
• Files with the hashes of the XML file.

The Kaspersky NGFW virtual machine for VMware ESXi is delivered as an OVA image and accompanying files:

• kngfw-vmware_vKX8-1.1.0.<build number>_en-US_ru-RU.ova is a virtual machine image in .OVA format (a TAR archive containing a virtual machine disk image in .VMDK format, an .OVF configuration description, and a manifest).
• kngfw-vmware_vKX8-1.1.0.-<build number>_en-US_ru-RU.ova.md5 is an MD5 hash file.
• kngfw-vmware_vKX8-1.1.0.-<build number>_en-US_ru-RU.ova.sha256 is an SHA256 hash file.
• kngfw-vmware_vKX8-1.1.0.-<build number>_en-US_ru-RU.ova.gost12 is a GOST R 34.11-2012 hash file.

An orchestrator is supplied with Kaspersky NGFW virtual machines as TGZ archives:

• knbe-1.1.0.-<build number>.cis.amd64_en-US_ru-RU.tgz.
• mongo-r5.0.7-astra-1.8.1-bin-x86_64.tgz, an archive with executable files and instructions for creating a MongoDB container for Docker. The archive also contains instructions for creating a MongoDB container for Ubuntu 24 and Astra Linux.

The right to use the components of the orchestrator is granted under the Kaspersky NGFW End User License Agreement.

The distribution kit of the user identity service is supplied with the Kaspersky NGFW virtual machine as three TGZ archives:

• uaws-mapapp-1.1.0.release.-<build number>.cis.amd64_en-US_ru-RU.tgz is an archive with the MapApp component. This component generates a map of user sessions, uses PostgreSQL and provides an API.
• uaws-collector-1.1.0.release.-<build number>.cis.amd64_en-US_ru-RU.tgz is an archive with the Collector component. The component receives events from domain controllers, filters the events in accordance with the configured rules and sends the events to MapApp.
• uaws-groupsapp-1.1.0.release.-<build number>.cis.amd64_en-US_ru-RU.tgz is an archive with the GroupApp component. The component analyzes the composition of groups via LDAP/LDAPS, saves the received data in PostgreSQL and provides an API.

The right to use the components of the user identity service is granted under the Kaspersky NGFW End User License Agreement.

Certified distribution kit

The Kaspersky NGFW solution is delivered as a software solution, computer appliance, or as a virtual machine image.

The distribution kit includes the following software solutions:

• <KSC> 15.4
• KUMA 3.2.1

The distribution kit of the solution includes the following files:

• kngfw-plugin-1.1.0.-<build number>-en-US_ru-RU.zip.
• kngfw-plugin-1.1.0.-<build number>-en-US_ru-RU.signature.txt.
• license_NGFW_ru.rtf is the file with the text of the End User License Agreement in the Russian language, which sets forth the terms and conditions on which you agree to use the solution.
• license_NGFW_en.rtf is the file with the text of the Kaspersky Security Network Statement in the English language.
• ksn_NGFW_ru.rtf is the file with the text of the Kaspersky Security Network Statement in the Russian language.
• ksn_NGFW_en.rtf is the file with the text of the Kaspersky Security Network Statement in the English language.
• Release_Notes_Kaspersky_NGFW_1_1_0_ru.txt is a file with Kaspersky NGFW Release Notes in the Russian language.
• Release_Notes_Kaspersky_NGFW_1_1_0_en.txt is a file with Kaspersky NGFW Release Notes in the English language.
• legal_notices.txt is the file with information about third-party code used in Kaspersky NGFW.
• AxiomJDK-17-licenses.pdf contains the text of the End User License Agreement for the Axiom JDK 17 components.
• Axiom-runtime-container-glibc-licenses.pdf contains the text of the End User License Agreement for the Axiom JDK 17 components with the glibc library.
• kuma-kngfw-1.1.0 contains instructions for importing settings into KUMA. For the full version, follow the link.
• UEFI_NGFW_ISK2025.auth is the public key for signing images, in particular grub.efi.
• UEFI_NGFW_KEK2025.auth is the public key for signing the database of EFI keys used when scanning applications.
• UEFI_NGFW_PK2025.auth is the public key that forms the basis of the Secure Boot trust chain.

Distribution kits of Kaspersky NGFW hardware platforms include archives containing firmware together with checksum files:

• kngfw-kx-100-1.1.0.-<build number>-en-US_ru-RU.tar.zst.
• kngfw-kx-400-1.1.0.-<build number>-en-US_ru-RU.tar.zst.
• kngfw-kx-1000-1.1.0.-<build number>-en-US_ru-RU.tar.zst.
• kngfw-kx-3500-1.1.0.-<build number>-en-US_ru-RU.tar.zst.

An orchestrator is supplied with Kaspersky NGFW as TGZ archives:

• knbe-1.1.0.-<build number>.crt.amd64_en-US_ru-RU.tgz.
• mongo-r5.0.7-astra-1.8.1-bin-x86_64.tgz, an archive with executable files and instructions for creating a MongoDB container for Docker. The archive also contains instructions for creating a MongoDB container for Ubuntu 24 and Astra Linux.

The right to use the components of the orchestrator is granted under the Kaspersky NGFW End User License Agreement.

The distribution kit of the user identity service is supplied with the Kaspersky NGFW virtual machine as three TGZ archives:

• uaws-mapapp-1.1.0.release.-<build number>.crt.amd64_en-US_ru-RU.tgz is an archive with the MapApp component. This component generates a map of user sessions, uses PostgreSQL and provides an API.
• uaws-collector-1.1.0.release.-<build number>.crt.amd64_en-US_ru-RU.tgz is an archive with the Collector component. The component receives events from domain controllers, filters the events in accordance with the configured rules and sends the events to MapApp.
• uaws-groupsapp-1.1.0.release.-<build number>.crt.amd64_en-US_ru-RU.tgz is an archive with the GroupApp component. The component analyzes the composition of groups via LDAP/LDAPS, saves the received data in PostgreSQL and provides an API.

The right to use the components of the user identity service is granted under the Kaspersky NGFW End User License Agreement.

Page top