Kaspersky Managed Detection and Response has a number of limitations that are not critical to operation of the application:
If you clone a virtual or physical asset with Kaspersky Endpoint Security for Linux that is already connected to the MDR solution, telemetry data from the cloned assets is not transmitted correctly. For these cloned assets, remove Kaspersky Endpoint Security for Linux, delete install_id file in /var/opt/kaspersky/epagent/ folder, and then reinstall Kaspersky Endpoint Security for Linux.
For assets with the Kaspersky Endpoint Security for Windows in the Endpoint Detection and Response Agent (EDR Agent) configuration, theWarning and Critical statuses for protection and control components are not displayed.
The Kaspersky applications that work with MDR section of the asset card in MDR Web Console can contain outdated Endpoint Protection Platform (EPP) applications, that are no longer used to work with Kaspersky Managed Detection and Response. It occurs when an outdated EPP application was replaced with a new one on the asset. For these outdated applications, the Last seen field contains the old date, while for the new EPP application, the Last seen field contains the newer date.
The MDR solution that uses KPSN configuration does not support a hierarchy of Kaspersky Security Center Administration Servers if only the primary Server in the hierarchy has internet access.