Glossary
Account on Kaspersky Security Center Cloud Console
An account that you must have to configure Kaspersky Security Center Cloud Console by, for example, adding and removing user accounts, and configuring security profiles (security policies). This account lets you use the My Kaspersky service. You create this account when you start using Kaspersky Security Center Cloud Console.
Active key
A key that is currently used by the application.
Additional subscription key
A key that certifies the right to use the application but is not currently being used.
Administration group
A set of devices grouped by function and by installed Kaspersky applications. Devices are grouped as a single entity for the convenience of management. A group can include other groups. Group policies and group tasks can be created for each installed application in the group.
Administration Server
A component of Kaspersky Security Center Cloud Console that centrally stores information about all Kaspersky applications that are installed on the corporate network. It can also be used to manage these applications.
Amazon EC2 instance
A virtual machine created based on an AMI image using Amazon Web Services.
Amazon Machine Image (AMI)
The template containing the software configuration necessary for running the virtual machine. Multiple instances can be created based on a single AMI.
Anti-virus databases
Databases that contain information about computer security threats known to Kaspersky as of when the anti-virus databases are released. Entries in anti-virus databases allow malicious code to be detected in scanned objects. Anti-virus databases are created by Kaspersky specialists and updated hourly.
Application tag
A label for third-party applications that can be used for grouping or finding applications. A tag assigned to applications can serve as a condition in device selections.
Authentication Agent
Interface that lets you complete authentication to access encrypted hard drives and load the operating system after the bootable hard drive has been encrypted.
Available update
A set of updates for Kaspersky application modules, including critical updates accumulated over a certain period of time.
AWS Application Program Interface (AWS API)
The application programming interface of the AWS platform that is used by Kaspersky Security Center Cloud Console. Specifically, AWS API tools are used for cloud segment polling.
AWS IAM access key
A combination consisting of the key ID (which looks like "AKIAIOSFODNN7EXAMPLE") and secret key (which looks like "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"). This pair belongs to the IAM user and is used to obtain access to AWS services.
AWS Management Console
The web interface for viewing and managing AWS resources. AWS Management Console is available on the web at https://aws.amazon.com/console/.
Broadcast domain
A logical area of a network in which all nodes can exchange data using a broadcasting channel at the level of OSI (Open Systems Interconnection Basic Reference Model).
Centralized application management
Remote application management using the administration services provided in Kaspersky Security Center Cloud Console.
Connection gateway
A connection gateway is a Network Agent acting in a special mode. A connection gateway accepts connections from other Network Agents and tunnels them to the Administration Server through its own connection with the Server. Unlike an ordinary Network Agent, a connection gateway waits for connections from the Administration Server rather than establishes connections to the Administration Server.
Demilitarized zone (DMZ)
Demilitarized zone is a segment of a local network that contains servers, which respond to requests from the global Web. In order to ensure the security of an organization's local network, access to the LAN from the demilitarized zone is protected with a firewall.
Device owner
Device owner is a user whom the administrator can contact when the need arises to perform certain operations on a device.
Device tag
A label of a device that can be used for grouping, describing, or finding devices.
Direct application management
Application management through a local interface.
Distribution point
Computer that has Network Agent installed and is used for update distribution, network polling, remote installation of applications, getting information about computers in an administration group, and / or broadcasting domain. The administrator selects the appropriate devices and assigns them distribution points manually.
Event repository
A part of the Administration Server database dedicated to storage of information about events that occur in Kaspersky Security Center Cloud Console.
Event severity
Property of an event encountered during the operation of a Kaspersky application. There are the following severity levels:
- Critical event
- Functional failure
- Warning
- Info
Events of the same type can have different severity levels depending on the situation in which the event occurred.
Forced installation
Method for remote installation of Kaspersky applications that allows you to install software on specific client devices. For successful forced installation, the account used for the task must have sufficient rights to start applications remotely on client devices. This method is recommended for installing applications on devices that are running Microsoft Windows operating systems and that support this functionality.
Group task
A task defined for an administration group and performed on all client devices included in that administration group.
Home Administration Server
Home Administration Server is the Administration Server that was specified during Network Agent installation. The home Administration Server can be used in settings of Network Agent connection profiles.
HTTPS
Secure protocol for data transfer, using encryption, between a browser and a web server. HTTPS is used to gain access to restricted information, such as corporate or financial data.
IAM role
Set of rights for making requests to AWS-based services. IAM roles are not linked to a specific user or group; they provide access rights without AWS IAM access keys. You can assign an IAM role to IAM users, EC2 instances, and AWS-based applications or services.
IAM user
The user of AWS services. An IAM user may have the rights to perform cloud segment polling.
Identity and Access Management (IAM)
The AWS service that enables management of user access to other AWS services and resources.
Incompatible application
An anti-virus application from a third-party developer or a Kaspersky application that does not support management through Kaspersky Security Center Cloud Console.
Installation package
A set of files created for remote installation of a Kaspersky application by using the Kaspersky Security Center Cloud Console remote administration system. The installation package contains a range of settings needed to install the application and get it running immediately after installation. Settings correspond to application defaults. The installation package is created using files with the .kpd and .kud extensions included in the application distribution kit.
JavaScript
A programming language that expands the performance of web pages. Web pages created using JavaScript can perform functions (for example, change the view of interface elements or open additional windows) without refreshing the web page with new data from a web server. To view pages created by using JavaScript, enable JavaScript support in the configuration of your browser.
Kaspersky Private Security Network (KPSN)
Kaspersky Private Security Network is a solution that gives users of devices with Kaspersky applications installed access to reputation databases of Kaspersky Security Network and other statistical data—without sending data from their devices to Kaspersky Security Network. Kaspersky Private Security Network is designed for corporate customers who are unable to participate in Kaspersky Security Network for any of the following reasons:
- Devices are not connected to the internet.
- Transmission of any data outside the country or the corporate LAN is prohibited by law or corporate security policies.
Kaspersky Security Center Cloud Console Administrator
The person managing application operations through the Kaspersky Security Center Cloud Console remote centralized administration system.
Kaspersky Security Center Cloud Console Operator
A user who monitors the status and operation of a protection system managed with Kaspersky Security Center Cloud Console.
Kaspersky Security Network (KSN)
An infrastructure of cloud services that provides access to the Kaspersky database with constantly updated information about the reputation of files, web resources, and software. Kaspersky Security Network ensures faster responses by Kaspersky applications to threats, improves the performance of some protection components, and reduces the likelihood of false positives.
Kaspersky update servers
HTTP(S) servers at Kaspersky from which Kaspersky applications download database and application module updates.
Key file
A file in xxxxxxxx.key format that makes it possible to use a Kaspersky application under a trial or commercial license.
License term
A time period during which you have access to the application features and rights to use additional services. The services you can use depend on the type of the license.
Local installation
Installation of a security application on a device on a corporate network that presumes manual installation startup from the distribution package of the security application or manual startup of a published installation package that was pre-downloaded to the device.
Local task
A task defined and running on a single client computer.
Managed device
A computer with Network Agent installed or a mobile device with a Kaspersky security application installed.
Management web plug-in
A special component that is used for remote administration of Kaspersky software by means of Kaspersky Security Center Cloud Console. A management plug-in is an interface between Kaspersky Security Center Cloud Console and a specific Kaspersky application. With a management plug-in, you can configure tasks and policies for the application.
Network Agent
A Kaspersky Security Center Cloud Console component that enables interaction between the Administration Server and Kaspersky applications that are installed on a specific network node (workstation or server). This component is common to all of the company's applications for Microsoft Windows. Separate versions of Network Agent exist for Kaspersky applications developed for Unix-like OS and macOS.
Network anti-virus protection
A set of technical and organizational measures that lower the risk of allowing viruses and spam to penetrate the network of an organization, and that prevent network attacks, phishing, and other threats. Network security increases when you use security applications and services and when you apply and adhere to the corporate data security policy.
Network protection status
Current protection status, which defines the safety of corporate networked devices. The network protection status includes such factors as installed security applications, usage of license keys, and number and types of threats detected.
Patch importance level
Attribute of the patch. There are five importance levels for Microsoft patches and third-party patches:
- Critical
- High
- Medium
- Low
- Unknown
The importance level of a third-party patch or Microsoft patch is determined by the least favorable severity level among the vulnerabilities that the patches should fix.
Policy
A policy determines an application's settings and manages the ability to configure that application on computers within an administration group. An individual policy must be created for each application. You can create multiple policies for applications installed on computers in each administration group, but only one policy can be applied at a time to each application within an administration group.
Policy profile
A named subset of policy settings. This subset is distributed on target devices together with the policy, supplementing it under a specific condition called the profile activation condition.
Program settings
Application settings that are common to all types of tasks and govern the overall operation of the application, such as application performance settings, report settings, and backup settings.
Protection status
Current protection status, which reflects the level of computer security.
Quarantine
A special repository for storing files that are probably infected with viruses and files that cannot be disinfected at the time when they are detected.
Remote installation
Installation of Kaspersky applications by using the services provided by Kaspersky Security Center Cloud Console.
Restoration
Relocation of the original object from Quarantine or Backup to its original folder where the object had been stored before it was quarantined, disinfected or deleted, or to a user-defined folder.
SSL
A data encryption protocol used on the internet and local networks. The Secure Sockets Layer (SSL) protocol is used in web applications to create a secure connection between a client and server.
Task
Functions performed by the Kaspersky application are implemented as tasks, such as: Real-time file protection, Full computer scan, and Database update.
Task for specific devices
A task assigned to a set of client devices from arbitrary administration groups and performed on those devices.
Task settings
Application settings that are specific for each task type.
UEFI protection device
Device with Kaspersky Anti-Virus for UEFI integrated at the BIOS level. Integrated protection ensures device security from the moment the system starts, while protection on devices without integrated software begins functioning only after the security application starts.
Update
The procedure of replacing or adding new files (databases or application modules) retrieved from the Kaspersky update servers.
Virtual Administration Server
A component of Kaspersky Security Center Cloud Console, designed for management of the protection system of a client organization's network.
Virtual Administration Server is a particular case of a secondary Administration Server and has the following restrictions as compared with a physical Administration Server:
- Virtual Administration Servers can work only as secondary Administration Servers.
- Virtual Administration Server does not support creation of secondary Administration Servers (including virtual Servers).
Virus activity threshold
Maximum allowed number of events of the specified type within a limited time; when this number is exceeded, it is interpreted as increased virus activity and as a threat of a virus outbreak. This feature is important during periods of virus outbreaks because it enables administrators to respond in a timely manner to virus attack threats.
Virus outbreak
A series of deliberate attempts to infect a device with a virus.
Vulnerability
A flaw in an operating system or an application that may be exploited by malware makers to penetrate the operating system or application, and corrupt its integrity. The presence of a large number of vulnerabilities in an operating system makes it unreliable, because viruses that penetrate the operating system may cause disruptions in the operating system itself and in installed applications.
Workspace
An instance of Kaspersky Security Center Cloud Console created for a specific company. When a customer creates a workspace, Kaspersky creates and configures the infrastructure and cloud-based Administration Console that are required to manage security applications installed on the devices of the company.
