Support

Support for business applications

Kaspersky Security Center 14

Best Practices for Service Providers

Planning Kaspersky Security Center deployment

About distribution points

Kaspersky Security Center
Нет результатов
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

About distribution points

April 17, 2024

ID 155206

Get as PDF

Device with Network Agent installed can be used as distribution point. In this mode, Network Agent can perform the following functions:

  • Distribute updates (these can be retrieved either from the Administration Server or from Kaspersky servers). In the latter case, the Download updates to the repositories of distribution points task must be created for the device serving as the distribution point.
  • Install software (including initial deployment of Network Agents) on other devices.
  • Poll the network to detect new devices and update information about existing ones. A distribution point can apply the same device discovery methods as the Administration Server.

Deployment of distribution points on an organization's network pursues the following objectives:

  • Reduce the load on the Administration Server if it functions as the update source.
  • Optimize internet traffic since, in this case, each device on the MSP client network does not have to access Kaspersky servers or the Administration Server for updates.
  • Provide the Administration Server access to devices behind the NAT (relative to the Administration Server) of the MSP client network, which allows the Administration Server to perform the following actions:
    • Send notifications to devices over UDP on the IPv4 or IPv6 network
    • Poll the IPv4 or IPv6 network
    • Perform initial deployment
    • Act as a push server

A distribution point is assigned for an administration group. In this case, the distribution point's scope includes all devices within the administration group and all of its subgroups. However, the device acting as the distribution point does not have to be included in the administration group to which it has been assigned.

You can make a distribution point function as a connection gateway. In this case, devices in the scope of this distribution point will be connected to the Administration Server through the gateway, not directly. You can use this mode in scenarios that do not allow the establishment of a direct connection between devices with Network Agent and an Administration Server.

Devices functioning as distribution points must be protected, including physical protection, against any unauthorized access.

See also:

Internet access: Network Agent as connection gateway in DMZ

Standard configuration: Multiple small remote offices

Adjustment of distribution points and connection gateways

Connection gateway

Kaspersky Security Center: Optimization of daily routine tasks
A powerful administration console, with an additional flexible web-based interface that’s available wherever you are. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.