Kaspersky Secure Mobility Management


May 21, 2024

ID 95897

Activating the application

Switching the application to fully functional mode. Application activation is performed by the user during or after installation of the application. You should have an activation code or key file to activate the application.

Activation code

A code that you receive when purchasing a license for Kaspersky Endpoint Security. This code is required for activating the application.

The activation code is a unique sequence of twenty letters and numbers in the format xxxxx-xxxxx-xxxxx-xxxxx.

Administration group

A set of managed devices, such as mobile devices grouped according to the functions they perform and the set of apps installed on them. Managed devices are grouped so that they can be managed as a single whole. For example, mobile devices running the same operating system can be combined into an administration group. A group may include other administration groups. It is possible to create group policies and group tasks for group devices.

Administration Server

A component of Kaspersky Security Center that centrally stores information about all Kaspersky applications that are installed within the corporate network. It can also be used to manage these applications.

Administrator's workstation

The computer on which Kaspersky Security Center Administration Console has been deployed. If the application administration plug-in is installed on the administrator's workstation, the administrator can manage Kaspersky Endpoint Security mobile apps deployed on user devices.

Android work profile

A safe environment on the user's device in which the administrator can manage apps and user accounts without restricting the use of personal data by the user. When a work profile is created on the user's mobile device, the following corporate apps are automatically installed in the work profile: Google Play Market, Google Chrome, Downloads, Kaspersky Endpoint Security for Android, and others. Corporate apps installed in the work profile and notifications of these apps are marked with a red briefcase icon. You have to create a separate Google corporate account for the Google Play Market app. Apps installed in the work profile appear in the common list of apps.

Anti-malware databases

Databases that contain information about computer security threats known to Kaspersky as of when the anti-malware databases are released. Entries in anti-malware databases allow malicious code to be detected in scanned objects. Anti-malware databases are created by Kaspersky specialists and updated hourly.

Apple Push Notification service (APNs) certificate

Certificate signed by Apple, which allows you to use Apple Push Notification. Through Apple Push Notification, an iOS MDM Server can manage iOS devices.

Application management plug-in

A dedicated component that provides the interface for managing Kaspersky applications through Administration Console. Each application that can be managed through Kaspersky Security Center SPE has its own management plug-in. The management plug-in is included in all Kaspersky applications that can be managed via Kaspersky Security Center.

Certificate Signing Request

File with the settings of an Administration Server, which is approved by Kaspersky and then sent to Apple to obtain an APNs certificate.

Compliance control

Verification that the settings of a mobile device and Kaspersky Endpoint Security for Android comply with corporate security requirements. Corporate security requirements regulate the device usage. For example, real-time protection must be enabled on the device, the anti-malware databases must be up-to-date, and the device password must be strong enough. Compliance control is based on a list of rules. A compliance rule includes the following components:

  • Device check criterion (for example, absence of prohibited apps on the device)
  • Time interval allocated for the user to fix the noncompliance (for example, 24 hours)
  • Action that will be taken on the device if the user does not fix the noncompliance within the time set (for example, locking the device)
Device administrator

A set of app rights on an Android device that enables the app to use device management policies. It is necessary to implement full functionality of Kaspersky Endpoint Security on Android devices.

End User License Agreement

Binding agreement between you and AO Kaspersky Lab that stipulates the terms on which you may use the application.

Group task

A task intended for an administration group and performed on all managed devices included in the group.


Protocol for accessing email. In contrast to the POP3 protocol, IMAP provides extended capabilities for working with mailboxes, such as managing folders and handling messages without copying their contents from the mail server. The IMAP protocol uses port 134.

Installation package

A set of files created for remote installation of a Kaspersky application by using the remote administration system. An installation package is created on the basis of dedicated files included in the application distribution package. The installation package contains a range of settings needed to install the application and get it running immediately after installation. The values of settings in the distribution kit correspond to default values of application settings.

iOS MDM device

An iOS mobile device controlled by the iOS MDM Server.

iOS MDM profile

A profile that contains a set of settings for connecting iOS mobile devices to the Administration Server. An iOS MDM profile makes it possible to distribute iOS configuration profiles in background mode using the iOS MDM Server, and also receive extended diagnostic information about mobile devices. A link to the iOS MDM profile needs to be sent to a user in order to enable the iOS MDM Server to discover and connect the user's iOS mobile device.

iOS MDM Server

A component of Kaspersky Endpoint Security that is installed on a client device, allowing connection of iOS mobile devices to the Administration Server and management of iOS mobile devices through Apple Push Notifications (APNs).

Kaspersky categories

Predefined data categories developed by Kaspersky experts. Categories can be updated during application database updates. A security officer cannot modify or delete predefined categories.

Kaspersky Private Security Network (KPSN)

Kaspersky Private Security Network is a solution that gives users of devices with Kaspersky applications installed access to reputation databases of Kaspersky Security Network and other statistical data—without sending data from their devices to Kaspersky Security Network. Kaspersky Private Security Network is designed for corporate customers who are unable to participate in Kaspersky Security Network for any of the following reasons:

  • Devices are not connected to the internet.
  • Transmission of any data outside the country or the corporate LAN is prohibited by law or corporate security policies.

Kaspersky Security Center Administrator

The person managing application operations through the Kaspersky Security Center remote centralized administration system.

Kaspersky Security Center Web Server

A component of Kaspersky Security Center that is installed together with Administration Server. Web Server is designed for transmission, over a network, of stand-alone installation packages, iOS MDM profiles, and files from a shared folder.

Kaspersky Security Network (KSN)

An infrastructure of cloud services that provides access to the Kaspersky database with constantly updated information about the reputation of files, web resources, and software. Kaspersky Security Network ensures faster responses by Kaspersky applications to threats, improves the performance of some protection components, and reduces the likelihood of false positives.

Kaspersky update servers

HTTP(S) servers at Kaspersky from which Kaspersky applications download database and application module updates.

KES device

A mobile device that is connected to Kaspersky Security Center Administration Server and managed through the Kaspersky Endpoint Security for Android app.

Key file

A file in xxxxxxxx.key format that makes it possible to use a Kaspersky application under a trial or commercial license. The application generates the key file based on the activation code. You may use the application only when you have a key file.


A time-limited right to use the app, granted under the End User License Agreement.

License term

A time period during which you have access to the application features and rights to use additional services. The services you can use depend on the type of the license.


A program that infects other ones, by adding its code to them in order to gain control when infected files are run. This simple definition allows identifying the main action performed by any malware: infection.

Manifest file

A file in PLIST format containing a link to the app file (ipa file) located on a web server. It is used by iOS devices to locate, download, and install apps from a web server.

Network Agent

A Kaspersky Security Center component that enables interaction between the Administration Server and Kaspersky applications that are installed on a specific network node (workstation or server).


A type of internet fraud aimed at obtaining unauthorized access to users' confidential data.


A set of settings of the application and Kaspersky Endpoint Security mobile apps applied to devices in administration groups or to individual devices. Different policies can be applied to different administration groups. A policy includes the configured settings of all functions of Kaspersky Endpoint Security mobile apps.


Network protocol used by a mail client to receive messages from a mail server.

Provisioning profile

Collection of settings for applications' operation on iOS mobile devices. A provisioning profile contains information about the license; it is linked to a specific application.

Proxy server

A computer network service which allows users to make indirect requests to other network services. First, a user connects to a proxy server and requests a resource (e.g., a file) located on another server. Then the proxy server either connects to the specified server and obtains the resource from it or returns the resource from its own cache (if the proxy has its own cache). In some cases, a user's request or a server's response can be modified by the proxy server for certain purposes.


The folder to which the Kaspersky application moves probably infected objects that have been detected. Objects are stored in Quarantine in encrypted form in order to avoid any impact on the computer.


A data encryption protocol used on the internet and local networks. The Secure Sockets Layer (SSL) protocol is used in web applications to create a secure connection between a client and server.

Standalone installation package

An installation file of Kaspersky Endpoint Security for the Android operating system, which contains the settings of application connection to the Administration Server. It is created on the basis of the installation package of this application and is a particular case of mobile app package.


Enables use of the application within the selected parameters (expiration date and number of devices). You can pause or resume your subscription, renew it automatically, or cancel it.

Supervised device

iOS device whose settings are monitored by Apple Configurator, a program for group configuration of iOS devices. A supervised device has the supervised status in Apple Configurator. Every time a supervised device connects to the computer, Apple Configurator checks the device configuration against the specified reference settings, and then redefines them if necessary. A supervised device cannot be synchronized with Apple Configurator installed on a different computer.

Every supervised device provides more settings to redefine through the Kaspersky Device Management for iOS policy than a non-supervised device. For example, you can configure an HTTP proxy server to monitor internet traffic on a device within the corporate network. By default, all mobile devices are non-supervised.

Unlock code

A code that you can get in Kaspersky Security Center. It is needed to unlock a device after the Lock & Locate, Alarm, or Mugshot commands have been executed, and when Self-Defense is triggered.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.