Installing KES on top of KSWS
The procedure for installing Kaspersky Endpoint Security for Windows on servers is the same as for workstations. If the server is in Core Mode, you can install the application using the command line.
Prior to the installation, Kaspersky Endpoint Security (KES) checks the computer for the presence of Kaspersky applications. If Kaspersky Security for Windows Server is installed on the computer, KES detect the set of KSWS components that are installed and selects the same components for installation. KSWS settings and tasks are not migrated when Kaspersky Endpoint Security for Windows is installed.
Before installing KES, it is recommended to turn off the KSWS Password Protection. After migrating from KSWS to KES, enable Password Protection in the application settings.
Minimum software requirements for migrating KSWS components:
- Kaspersky Endpoint Security 11.8.0 for Windows.
- Kaspersky Security 11.0.1 for Windows Server.
You can also migrate from older versions of Kaspersky Security for Windows Server. In this case, Kaspersky Endpoint Security removes the application without migrating the set of components.
- Kaspersky Security Center 13.2.
The correspondence of KSWS and KES components is listed below. KES components that KSWS does not have are installed as follows:
- AMSI Protection, Host Intrusion Prevention, Remediation Engine are installed with default settings.
- BadUSB Attack Prevention, Adaptive Anomaly Control, Data Encryption, Detection and Response components are ignored.
You can check the list of installed components in the Security section of the application interface, using the status command, or in the Kaspersky Security Center console in computer properties. You can change the set of components of an installed application by using the Change application components task.
Correspondence of Kaspersky Security for Windows Server and Kaspersky Endpoint Security for Windows components
Kaspersky Security for Windows Server component | Kaspersky Endpoint Security for Windows component |
|---|---|
Basic functionality | Application kernel, including scan tasks |
Log Inspection | Log Inspection |
Device Control | Device Control |
Firewall Management | (not supported) KSWS Firewall functions are performed by the system-level Firewall. |
File Integrity Monitor | File Integrity Monitor |
Exploit Prevention | Exploit Prevention |
System Tray Icon | (not supported) You can configure user interaction in the application interface settings. |
Integration with Kaspersky Security Center | Network Agent Connector |
Endpoint Agent | Endpoint Agent |
Network Threat Protection | Network Threat Protection |
Anti-Cryptor | Behavior Detection |
Anti-Cryptor for NetApp | (not supported) |
Traffic Security | Web Threat Protection Mail Threat Protection Web Control |
On-Demand Scan | Application kernel, including scan tasks |
ICAP Network Storage Protection | (not supported) Network storage protection is provided by other application components, for example, Network Threat Protection. |
RPC Network Storage Protection | (not supported) Network storage protection is provided by other application components, for example, Network Threat Protection. |
Real-Time File Protection | File Threat Protection |
Script Monitoring | (not supported) Script Monitoring is handled by other components, for example, AMSI Protection. |
KSN Usage | Kaspersky Security Network |
Applications Launch Control | Application Control |
Performance counters | (not supported) |
