Support

Support for business applications

Kaspersky Endpoint Security 12 for Linux

Preparing to install the application

Kaspersky Endpoint Security 12 for Linux
Нет результатов
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

Preparing to install the application

January 23, 2024

ID 248502

General actions

Before starting installation of Kaspersky Endpoint Security, you need to perform the following actions:

  • Check that your device meets the hardware and software requirements of the application.
  • Be sure third-party anti-virus software is not installed on your device.
  • Be sure that Kaspersky Endpoint Agent for Linux is not installed on your device. If Kaspersky Endpoint Agent for Linux is installed, during the installation process you will see a message about the need to manually remote it.
  • Be sure that an interpreter for Perl version 5.10 or higher is installed on your device.
  • On devices with operating systems that do not support fanotify technology, make sure that the following are installed:
    • Packages for compiling applications and running tasks (gcc, binutils, glibc, glibc-devel, make);
    • Package with header files of the operating system kernel for compiling Kaspersky Endpoint Security modules.
  • Install one of the following packages on your device depending on the operating system:
    • On devices running the SUSE Linux Enterprise Server 15 operating system, the insserv-compat package must be installed.
    • On devices running the Red Hat Enterprise Linux 8 or RED OS operating system, install the perl-Getopt-Long package.
    • On devices running the Red Hat Enterprise Linux or RED OS operating systems, install the perl-File-Copy package. This package is required for the initial application configuration script to work, but may be absent by default.
  • By default, Astra Linux operating systems block ptrace (Disable ptrace capability), which may affect the operation of Kaspersky Endpoint Security. For Kaspersky Endpoint Security to work correctly, unblock ptrace when installing Astra Linux. If Astra Linux is already installed, see the Astra Linux Help Center website for instructions on how to enable/disable this mode (Configuring protection and blocking mechanisms in the Blocking ptrace section).
  • If your device uses a Linux kernel lower than 3.16, then in order for the Kaspersky Endpoint Detection and Response (KATA) Integration task to work correctly, you need to make sure the auditd service is not started and not installed.
  • For the Firewall Management, Web Threat Protection and Network Threat Protection tasks to work, the iptables utility needs to be installed on your device.
  • For the Kaspersky Endpoint Security administration plug-in to work, Microsoft Visual C++ 2015 Redistributable Update 3 RC (see https://www.microsoft.com/en-us/download/details.aspx?id=52685) must be installed on the Administration Server.
  • To run the application, make sure that the root account is the owner of the following directories and that only the owner has the right to write to them: /var, /var/opt, /var/opt/kaspersky, /var/log/kaspersky, /opt, /opt/kaspersky, /usr/bin, /usr/lib, /usr/lib64.

Additional actions before installing Kaspersky Endpoint Security in Light Agent mode

If you plan to use Kaspersky Endpoint Security in Light Agent mode to protect virtual environments (as part of Kaspersky Hybrid Cloud Security for Virtualization Light Agent), you must perform the following additional actions before starting the installation of Kaspersky Endpoint Security:

  • Make sure that the following packages are installed on the virtual machines that you want to protect, depending on the virtual infrastructure in which Kaspersky Hybrid Cloud Security for Virtualization Light Agent is deployed:
    • In a Microsoft Hyper-V infrastructure, the Integration Services package must be installed on the virtual machines.
    • In a VMware vSphere infrastructure, the VMware Tools package must be installed on the virtual machines.
    • In a Citrix Hypervisor infrastructure, XenTools must be installed on the virtual machines.
    • In a HUAWEI FusionSphere infrastructure, the HUAWEI Tools package must be installed on the virtual machines.
    • In an infrastructure based on KVM, TIONIX Cloud Platform, OpenStack, Astra Linux, or Viola Virtualization Server, QEMU Guest Agent must be installed on virtual machines.
  • Make sure that the settings of network equipment or software that monitor traffic between virtual machines allow network traffic to pass through the ports that are used for interaction between Kaspersky Endpoint Security in Light Agent mode and other components of Kaspersky Hybrid Cloud Security for Virtualization Light Agent. For more details about the solution components, please refer to the Help for Kaspersky Hybrid Cloud Security for Virtualization Light Agent.

    Ports used for operation of the Light Agent

    Port and protocol

    Direction

    Purpose and description

    7271 TCP

    From the Light Agent to the Integration Server.

    For interaction between the Light Agent and the Integration Server.

    8000 UDP

    From the SVM to the Light Agent.

    For transmitting information about available SVMs to Light Agents using a list of SVM addresses.

    8000 UDP

    From the Light Agent to SVMs.

    For the Light Agent to receive information about the status of the SVM.

    11111 TCP

    From the Light Agent to SVMs.

    For transmitting service requests (for example, to obtain license information) from the Light Agent to the Protection Server when the connection is unprotected.

    11112 TCP

    From the Light Agent to SVMs.

    For transmitting service requests (for example, to obtain license information) from the Light Agent to the Protection Server when the connection is protected.

    9876 TCP

    From the Light Agent to SVMs.

    For forwarding file scan requests from the Light Agent to the Protection Server when the connection is unprotected.

    9877 TCP

    From the Light Agent to SVMs.

    For transmitting file scan requests from the Light Agent to the Protection Server when the connection is protected.

    80 TCP

    From the Light Agent to SVMs.

    For updating databases and application modules of the solution on the Light Agent.

    15000 UDP

    From Kaspersky Security Center to SVMs.

    For managing the Protection Server via Kaspersky Security Center.

    15000 UDP

    From Kaspersky Security Center to Light Agents.

    For managing the Light Agent via Kaspersky Security Center.

    13000 TCP

    From the Light Agent to Kaspersky Security Center.

    For managing the Light Agent via Kaspersky Security Center when the connection is protected.

    14000 TCP

    From the Light Agent to Kaspersky Security Center.

    For managing Light Agent via Kaspersky Security Center when the connection is unprotected.

Kaspersky Endpoint Security for Linux: High protection without performance compromising
Detects and blocks advanced threats. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.