Support

Support for business applications

Kaspersky Security Center 14

Kaspersky Security Center 14.2

Managing third-party applications on client devices

Fixing third-party software vulnerabilities

Fixing vulnerabilities in an isolated network

Configuring the Administration Server with internet access to fix vulnerabilities in an isolated network

Kaspersky Security Center
Нет результатов
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

Configuring the Administration Server with internet access to fix vulnerabilities in an isolated network

April 17, 2024

ID 230729

Get as PDF

To prepare for fixing vulnerabilities and transmitting patches in an isolated network, first configure an Administration Server with internet access, and then configure the isolated Administration Servers.

To configure an Administration Server with internet access:

  1. Create two folders on a disk where Administration Server is installed:
    • Folder for the list of required updates
    • Folder for patches

    You can name these folders whatever you like.

  2. Grant the Modify access rights to the KLAdmins group in the created folders, by using the standard administrative tools of the operating system.
  3. Use the klscflag utility to write the paths to the folders in the Administration Server properties.

    Run the Windows command prompt by using administrator rights, and then change your current directory to the directory with the klscflag utility. The klscflag utility is located in the folder where Administration Server is installed. The default installation path is <Disk>:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Center.

  4. Enter the following commands at the Windows command prompt:
    • To set the path to the folder for patches:

      klscflag -fset -pv klserver -n VAPM_DATA_EXPORT_PATH -t s -v "<path to the folder>"

    • To set the path to the folder for the list of required updates:

      klscflag -fset -pv klserver -n VAPM_REQ_IMPORT_PATH -t s -v "<path to the folder>"

    Example: klscflag -fset -pv klserver -n VAPM_DATA_EXPORT_PATH -t s -v "C:\FolderForPatches"

  5. [Optional] Use the klscflag utility to specify how often the Administration Server should check for new patch requests:

    klscflag -fset -pv klserver -n VAPM_DATA_EXPORT_PERIOD_SEC -t d -v <value in seconds>

    The default value is 120 seconds.

    Example: klscflag -fset -pv klserver -n VAPM_DATA_EXPORT_PERIOD_SEC -t d -v 150

  6. Restart the Administration Server service.

Now, the Administration Server with internet access is ready to download and transmit updates to isolated Administration Servers. Before you start fixing vulnerabilities, configure the isolated Administration Servers.

See also:

Scenario: Fixing third-party software vulnerabilities in an isolated network

About fixing third-party software vulnerabilities in an isolated network

Kaspersky Security Center: Optimization of daily routine tasks
A powerful administration console, with an additional flexible web-based interface that’s available wherever you are. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.