Support

Support for business applications

Kaspersky Security Center 15 Linux

Managing applications and executable files on client devices

Fixing vulnerabilities in an isolated network

Disabling transmission of patches and installation of updates in an isolated network

Kaspersky Security Center
Нет результатов
Нет результатов
Online Help
FAQ Download Buy Renew Forum Contact support Recovery tools Product videos

Disabling transmission of patches and installation of updates in an isolated network

July 1, 2024

ID 230869

Get as PDF

You can disable the transmission of patches to isolated Administration Servers, for example, if you decide to take one or more Administration Servers out of an isolated network. Thus, you can reduce the number of patches and the time to download them.

To disable transmission of patches to isolated Administration Servers:

  1. If you want to remove all Administration Servers from isolation, in the properties of the Administration Server with internet access, delete the paths to the folders intended for patches and the list of required updates. If you want to keep specific Administration Servers within an isolated network, skip this step.

    Run the command line, and then change your current directory to the directory with the klscflag utility. The klscflag utility is located in the directory where the Administration Server is installed. The default installation path is /opt/kaspersky/ksc64/sbin.

    Run the following commands in the command line:

    • To delete the path to the folder for patches:

      klscflag -fset -pv klserver -n VAPM_DATA_EXPORT_PATH -t s -v ""

    • To delete the path to the folder for the list of required updates:

      klscflag -fset -pv klserver -n VAPM_REQ_IMPORT_PATH -t s -v ""

  2. Restart service on the Administration Server with internet access if you deleted the paths to the folders.
  3. In the properties of each isolated Administration Server that you want to remove from the isolated network, delete the paths to the folders for patches and the list of required updates.

    Run the following commands in the command line under an account with root privileges:

    • To delete the path to the folder for patches:

      klscflag -fset -pv klserver -n VAPM_DATA_IMPORT_PATH -t s -v ""

    • To delete the path to the folder for the list of required updates:

      klscflag -fset -pv klserver -n VAPM_REQ_EXPORT_PATH -t s -v ""

  4. Restart the service of each Administration Server on which you deleted the paths to the folders.

If you reconfigured the Administration Server with internet access, patches will no longer be transmitted via Kaspersky Security Center Linux.

If you reconfigured only specific Administration Servers and removed them from the isolated network, they will no longer receive patches via Kaspersky Security Center Linux. Only those Administration Servers that remain within the isolated network will continue to receive patches.

If you want to start fixing vulnerabilities on disabled isolated Administration Servers in the future, you have to configure these Administration Servers and the Administration Server with internet access once again.

See also:

Scenario: Fixing third-party software vulnerabilities in an isolated network

About fixing third-party software vulnerabilities in an isolated network

Kaspersky Endpoint Security for Linux: High protection without performance compromising
Detects and blocks advanced threats. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.