Dec 4, 2023
The first and main method of defining the installation settings of applications is all-purpose and thus suitable for all installation methods, both with Kaspersky Security Center tools, and with most third-party tools. This method consists of creating installation packages of applications in Kaspersky Security Center.
Installation packages are generated using the following methods:
- Automatically, from specified distribution packages, on the basis of included descriptors (files with the kud extension that contain rules for installation and results analysis, and other information)
- From the executable files of installers or from installers in Microsoft Windows Installer (MSI) format, for standard or supported applications
Generated installation packages are organized hierarchically as folders with subfolders and files. In addition to the original distribution package, an installation package contains editable settings (including the installer's settings and rules for processing such cases as necessity of restarting the operating system in order to complete installation), as well as minor auxiliary modules.
Values of installation settings that are specific for a selected application to be supported can be specified in the Administration Console user interface when creating an installation package (more settings can be found in the properties of an installation package that has already been created). When performing remote installation of applications through Kaspersky Security Center tools, installation packages are delivered to target devices so that running the installer of an application makes all administrator-defined settings available for it. When using third-party tools for installation of Kaspersky applications, you only have to ensure the availability of the entire installation package on the target device, that is, the availability of the distribution package and its settings. Installation packages are created and stored by Kaspersky Security Center in a dedicated subfolder of the shared data folder.
Do not specify any details of privileged accounts in the parameters of installation packages.
For instructions about using this configuration method for Kaspersky applications before deployment through third-party tools, see section "Deployment using group policies of Microsoft Windows."
Immediately after Kaspersky Security Center installation, a few installation packages are automatically generated; they are ready for installation and include Network Agent packages and security application packages for Microsoft Windows.
In some cases, using installation packages for deployment of applications on an MSP client network implies the need to create installation packages on virtual Servers that correspond to MSP clients. Creating installation packages on virtual Servers allows you to use different installation settings for different MSP clients. In the first instance, this is useful when handling Network Agent installation packages since Network Agents deployed on the networks of different MSP clients use different addresses to connect to the Administration Server. Actually, the connection address determines the Server to which Network Agent connects.
In addition to the possibility to create new installation packages immediately on a virtual Administration Server, the main operation mode for installation packages on virtual Administration Servers is the "distribution" of installation packages from the primary Administration Server to virtual ones. You can distribute selected (or all) installation packages to selected virtual Administration Servers (including all Servers within a selected administration group) using the corresponding Administration Server task. Also, you can select the list of installation packages of the primary Administration Server when creating a new virtual Administration Server. The packages that you have selected will be immediately distributed to a newly created virtual Administration Server.
When distributing an installation package, its contents are not copied entirely. The file repository on a virtual Administration Server, which corresponds to the installation package being distributed, only stores files of settings that are specific for that virtual Server. The main part of the installation package (including the distribution package of the application being installed) remains unchanged; it is stored only in the primary Administration Server repository. This allows you to increase the system performance dramatically and reduce the required disk volume. When handling installation packages distributed to virtual Administration Servers (i.e., when running remote installation tasks or creating stand-alone installation packages), the data from the original installation package of the primary Administration Server is "merged" with the settings files, which correspond to the distributed package on the virtual Administration Server.
Although the license key for an application can be set in the installation package properties, it is advisable to avoid this license distribution method because it is easy to accidentally obtain read access to files in the folder. You should use automatically distributed license keys or installation tasks for license keys.