Creating an installation package in the Web Console

In Kaspersky Security Center Web Console, you can create an installation package in one of the following ways:

• From an archive file that you have prepared previously.
• From a distribution kit hosted on Kaspersky servers.

If you plan to use Kaspersky Endpoint Security in Light Agent mode to protect virtual environments, you must perform the initial configuration of the application in the properties of the created installation package on the Settings tab. You can also perform the initial configuration of the application using the configuration file that is included in the installation package.

To prepare an archive for creating an installation package:

1. Download the kesl.zip archive from the application download page. It is located in the Kaspersky Endpoint Security for Linux (Additional distribution → Files for Product remote installation).
2. Unpack the kesl.zip archive to a folder accessible to Kaspersky Security Center Administration Server. Place the distribution files, that correspond to the type of operating system where you want to install the application and the type of its package manager, to the same folder:
   • To install Kaspersky Endpoint Security:
     • kesl-12.1.0-<build number>.i386.rpm (for 32-bit operating systems with rpm)
     • kesl_12.1.0-<build number>_i386.deb (for 32-bit operating systems with dpkg)
     • kesl-12.1.0-<build number>.x86_64.rpm (for 64-bit operating systems with rpm)
     • kesl_12.1.0-<build number>_amd64.deb (for 64-bit operating systems with dpkg)
     • kesl-12.1.0-<build number>.aarch64.rpm (for 64-bit operating systems with rpm for the Arm architecture)
     • kesl_12.1.0-<build number>_arm64.deb (for 64-bit operating systems with dpkg for the Arm architecture)
   • To install the graphical user interface of the application:
     • kesl-gui-12.1.0-<build number>.i386.rpm (for 32-bit operating systems with rpm)
     • kesl-gui_12.1.0-<build number>_i386.deb (for 32-bit operating systems with dpkg)
     • kesl-gui-12.1.0-<build number>.x86_64.rpm (for 64-bit operating systems with rpm)
     • kesl-gui_12.1.0-<build number>_amd64.deb (for 64-bit operating systems with dpkg)
     • kesl-gui-12.1.0-<build number>.aarch64.rpm (for 64-bit operating systems with rpm for the Arm architecture)
     • kesl-gui_12.1.0-<build number>_arm64.deb (for 64-bit operating systems with dpkg for the Arm architecture)

     If you do not want to install the graphical user interface, do not add these files to the folder; this will make the installation package smaller.

     If Kaspersky Endpoint Security is used in Light Agent mode to protect virtual environments, the graphical user interface is not supported.

   If you do not plan to install the graphical interface, disable it by editing the appropriate setting (USE_GUI=No) in the properties of the created installation package or in the autoinstall.ini configuration file. Otherwise, the installation will fail.

   If you want to use the created installation package with different operating systems or package managers, place the files for all the types of operating systems and package managers that you need in the directory.

3. If you plan to use the Kaspersky Endpoint Security application in standard mode and want to use pre-downloaded application databases:
   1. Place prepared archives with databases for all your operating system types into the folder.
   2. In initial configuration settings, disable the database update task after installing the application. You can configure the relevant setting in the properties of the created installation package or in the autoinstall.ini configuration file (UPDATE_EXECUTE=No). The autoinstall.ini file is located in the folder where you unpacked the kesl.zip archive.
4. If you want to perform the initial configuration of the application using a configuration file, open the autoinstall.ini configuration file and edit it as necessary.

   If you plan to use Kaspersky Endpoint Security in Light Agent mode to protect virtual environments, you need to set KSVLA_MODE=Yes in the autoinstall.ini configuration file.

   The setting values in the autoinstall.ini file are case sensitive.

   You can also perform the initial configuration of the application later in the properties of the created installation package on the Settings tab.

5. Place all prepared files in an archive in ZIP, CAB, TAR, or TAR.GZ format with any name.

To create an installation package for Kaspersky Endpoint Security in Kaspersky Security Center Web Console:

1. In the main Web Console window, select one of the following sections:
   • Device discovery and deployment → Deployment and assignment → Installation packages.
   • Operations → Repositories → Installation packages.

   A list of installation packages available on the Administration Server opens.

2. Click Add.

   The wizard for creating an installation package will start. Follow the instructions of the Wizard.

3. On the first page of the wizard, select the method for creating an installation package:
   • Create an installation package from a file. The installation package will be created from an archive that you have prepared in advance. You need to select this option if you plan to use Kaspersky Endpoint Security in Light Agent mode to protect virtual environments.
   • Create installation package for a Kaspersky application. The installation package will be created from a distribution package located on Kaspersky servers.

   Kaspersky Security Center Cloud Console does not allow creation of installation packages from a file.

4. Depending on the selected package creation method:
   • Specify the package name, click the Browse button, and specify the path to the archive that you have prepared for creating the installation package.
   • Select Kaspersky Endpoint Security distribution package. In the window on the right, read the information about the distribution package and click the Download and create installation package button. The installation package creation process starts.
5. During creation of the installation package, accept the terms of the End User License Agreement and Privacy Policy. When prompted by the Wizard, read the License Agreement between you and Kaspersky and the Privacy Policy that describes the processing and transmission of data. To continue creating the installation package, you must confirm that you have read and accept the full terms of the End User License Agreement and the Privacy Policy.
6. Complete the wizard.

   The installation package will be created and added to the list of installation packages. Using the installation package, you can install the application on devices in the corporate network or update the application version.

7. If necessary, edit initial configuration settings (see the table below). To do this, open the properties of the installation package and go to Settings tab.

   Kaspersky Security Center Web Console versions earlier than 14.2 do not support providing initial configuration settings in the properties of the Kaspersky Endpoint Security installation package. Use the autoinstall.ini configuration file to configure settings.

   Installation package settings

   Section	Description
   Specify the locale.	Select this check box to specify the locale used during the application operation. In the displayed field, enter the locale in the RFC 3066 format. If this setting is not specified, the default locale is used.
   Activate the application	Select this check box if you want to activate the application during installation. In the displayed field, enter the activation code. You can also activate the application after installation. This setting applies only if the application is used in Standard mode.
   Select the update source.	Select the update source for databases and application modules: Update servers for databases and application modules. Kaspersky Security Center. Other source in the local or global network. If you select this option, enter the address of the update source in the field that opens. This setting applies only if the application is used in Standard mode.
   Run database update task after installation	Select this check box if you want to run the databases and application modules update task after installing the application. This setting applies only if the application is used in Standard mode.
   Use the specified proxy server settings	Select this check box if you use a proxy server for internet access. In the displayed field, enter the proxy server address in one of the following formats: <connection protocol>://<IP address of the proxy server>:<port number> if the proxy server connection does not require authentication <connection protocol>://<user name>:<password>@<IP address of the proxy server>:<port number> if the proxy server connection requires authentication Connecting to a proxy server over HTTPS is not supported.   This setting applies only if the application is used in Standard mode.
   Install kernel source	Select this check box to automatically start of kernel module compilation.
   Use the graphical user interface	Select this check box if you plan to install the graphical user interface of the application (the files for installing the graphical interface are included in the installation package). This setting applies only if the application is used in Standard mode.
   Specify a user with the admin role	Select the check box to specify the user to be assigned the administrator (admin) role. In the displayed field, enter the user name.
   Configure SELinux automatically	Select the check box to automatically configure SELinux to work with Kaspersky Endpoint Security.
   Remove users from privileged groups	Select this check box to remove users from the 'kesladmin' and 'keslaudit' privileged groups before installing the application. If the check box is selected and the 'nogroup' group does not exist, the installation fails and you are prompted to manually remove users from privileged groups.
   Disable protection components and scan tasks when the application is started for the first time after installation	Select this check box to start the application with protection components and scan tasks disabled after installation. An installation with protection components disabled can be convenient, for example, in order to reproduce a problem in the operation of the application and create a trace file. If you enable the necessary components and tasks, the enabled components and tasks will continue to work after the application is restarted.
   Use the application in Light Agent mode	Select the check box if you want to use the application in Light Agent mode to protect virtual environments (as part of Kaspersky Security for Virtualization Light Agent). If this check box is cleared, the application is used in Standard mode.
   Enable VDI protection mode	Select this check box to enable VDI protection mode. This is recommended if you are installing the application on a virtual machine template that will be used to create temporary virtual machines. The setting is applied only if the application is used in Light Agent mode.
   The protected virtual machine is used as a server	Select this check box if the virtual machine on which you are installing the application is used in the virtual infrastructure as a server. The setting is applied only if the application is used in Light Agent mode.

Page top