Kaspersky Managed Detection and Response

Known issues

February 12, 2024

ID 252206

Kaspersky Managed Detection and Response has a number of limitations that are not critical to operation of the application:

  • If you clone a virtual or physical asset with Kaspersky Endpoint Security for Linux that is already connected to the MDR solution, telemetry data from the cloned assets is not transmitted correctly. For these cloned assets, remove Kaspersky Endpoint Security for Linux, delete install_id file in /var/opt/kaspersky/epagent/ folder, and then reinstall Kaspersky Endpoint Security for Linux.
  • For assets with the Kaspersky Endpoint Security for Windows in the Endpoint Detection and Response Agent (EDR Agent) configuration, the Warning and Critical statuses for protection and control components are not displayed.
  • You can not use Kaspersky Endpoint Detection and Response Optimum features for the assets with Kaspersky Endpoint Security for Windows in EDR Agent configuration.
  • The Kaspersky applications that work with MDR section of the asset card in MDR Web Console can contain outdated Endpoint Protection Platform (EPP) applications, that are no longer used to work with Kaspersky Managed Detection and Response. It occurs when an outdated EPP application was replaced with a new one on the asset. For these outdated applications, the Last seen field contains the old date, while for the new EPP application, the Last seen field contains the newer date.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.