To enhance the protection of virtual machines, Kaspersky Security can use data received from Kaspersky users all over the world. Kaspersky Security Network is designed for getting such data.
Kaspersky Security Network (KSN) is an infrastructure of cloud services providing access to Kaspersky online knowledge base with information about the reputation of files, web resources, and software. Using data from Kaspersky Security Network ensures faster response of Kaspersky Security to unknown threats, improves performance of some protection components, and reduces risk of false positives.
If you are participating in Kaspersky Security Network, KSN services provide Kaspersky Security with information about the category and reputation of scanned files, as well as information about the reputation of scanned web addresses.
The types of KSN are distinguished by the location of their infrastructure:
Information about which type of KSN is used by Kaspersky Security can be viewed in the Protection Server policy properties, in the local interface of Light Agent for Windows, and in the command line of Light Agent for Linux.
The interaction between SVMs managed by Kaspersky Security Center and the KSN infrastructure is facilitated by the KSN Proxy service. To use KSN in Kaspersky Security operations, the KSN Proxy service must be enabled in Kaspersky Security Center.
To use Local KSN, it must be enabled and configured in Kaspersky Security Center.
You can select the type of KSN used by Kaspersky Security and configure the KSN proxy server service and Private KSN in Kaspersky Security Center Administration Server properties (in the KSN proxy server section in the Administration Console; in the KSN proxy server settings section in the Web Console). See Kaspersky Security Center documentation for more information.
You can configure the use of KSN by Kaspersky Security in the properties of the Protection Server policy.
If the KSN Proxy service is disabled in Kaspersky Security Center, no data is exchanged between SVMs and KSN. If use of KSN is nonetheless enabled in the Kaspersky Security policy, this could reduce the performance of Kaspersky Security. It is recommended to disable the use of KSN in the Kaspersky Security policy if the KSN Proxy service is disabled in Kaspersky Security Center.
Kaspersky Security sends information to Kaspersky depending on the KSN mode you selected (standard KSN or extended KSN). The KSN mode affects the amount of data that is transmitted to Kaspersky when KSN is being used.
Your participation in Kaspersky Security Network when using extended KSN helps Kaspersky promptly receive information about the types and sources of new threats and develop solutions for neutralizing them.
Participation in Kaspersky Security Network is voluntary. The decision to participate in KSN is made during the creation of a Protection Server policy, and this decision can be changed at any time.