→Kaspersky Endpoint Security 10 for Windows (for workstations and file servers)→Installation and Removal

Kaspersky Endpoint Security 10 for Windows (for workstations and file servers)

How to install Kaspersky Endpoint Security 10 for Windows

Back to "Installation and Removal"

Latest update: 2019 Apr 12 ID: 10580

This article concerns Kaspersky Endpoint Security 10 for Windows:

Service Pack 2 Maintenance Release 3 (version 10.3.3.275)
Service Pack 2 Maintenance Release 2 (version 10.3.0.6294)
Service Pack 2 Maintenance Release 1 (version 10.3.0.6294)
Service Pack 2 (version 10.3.0.6294)

You can install Kaspersky Endpoint Security 10 for Windows:

Locally. On a user’s computer:
- Using the Setup Wizard
- Using the command line in the silent or interactive mode
Remotely. From the administrator’s computer:
- Using Kaspersky Security Center 10
- Using Active Directory group policies
- Using Active Directory group policies via Kaspersky Security Center 10

If you have a previous version of Kaspersky Endpoint Security 10 for Windows installed, you must decrypt any encrypted hard drives before updating the application.

How to install the application locally using the Setup Wizard

Download the installer from the Kaspersky Endpoint Security 10 for Windows downloads page.
Extract the application installation files.
Run the setup.exe file.
Follow the Wizard’s instructions.

Step 1: Checking software and hardware requirements

The Installation Wizard checks whether:

Software and hardware requirements are met.
The user has the rights to install the application.

If the PC meets all the requirements, the Setup Wizard searches for incompatible applications. If any are found, you can remove them manually.

If a previous version of Kaspersky Endpoint Security 10 for Windows is found, it is automatically removed. Information about activation and application settings are saved and applied during installation of the new version.

Step 2: The initial setup window

The initial setup window informs you that the installation of Kaspersky Endpoint Security 10 for Windows is about to begin. To continue the installation, click Next.

Step 3: End User License Agreement

Read the End User License Agreement. If you accept all the terms, check the box I accept the terms of the End User License Agreement.

Step 4: Select the installation type

Select an installation type:

Basic installation: The protection components Application Privilege Control and Vulnerability Monitor are installed.
Standard installation: Protection components and control components are installed.
Custom installation: Select the components to install and specify the directory in which to install the application.

Step 5: Custom installation

This screen only appears if you have selected Custom installation.

Select the Kaspersky Endpoint Security 10 for Windows protection components to be installed.

Image: Selecting the components when installing Kaspersky Endpoint Security 10 for Windows

By default, all components are selected for installation except:

BadUSB Attack Prevention
Drive Encryption
File Encryption
Microsoft Bitlocker Manager
KATA Endpoint Sensor

File Anti-Virus is a mandatory component for installation.

Step 6: Select the destination folder

This step is only available if you selected Custom installation.

In this step, you can specify the path to the folder where the application will be installed. To select the folder, click Browse.

By default, Kaspersky Endpoint Security 10 for Windows is installed in.

For 32-bit operating systems: Disk:\Program Files\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\
For 64-bit operating systems: Disk:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\

Step 7: Exclusions from the scan scope

This step is only available if you selected Custom installation.

Add recommended areas to the trusted zone so that Kaspersky Endpoint Security 10 for Windows does not scan them. To do so, select the checkbox:

Exclude areas that are recommended by Kaspersky Lab from virus scan scope
Exclude areas that are recommended by Microsoft from virus scan scope The checkbox is already selected when installing Kaspersky Endpoint Security 10 for Windows for file servers.

Step 8: Preparation for installation

If you are installing Kaspersky Endpoint Security 10 for Windows for file servers via Windows Remote Desktop, we recommend clearing the checkbox Protect the installation process .

If you are working with Citrix Provisioning Services and need to install drivers in Citrix PVS compatibility mode, select the checkbox Ensure compatibility with Citrix Provisioning Services.

So as not to add the path to the .exe file in the command line, select the checkbox Add the path to the file avp.com to the system variable %PATH%. If this option is enabled, to start Kaspersky Endpoint Security 10 for Windows from the command line you will only need to enter the name of the .exe file and the command to start the particular task.

Step 9: Application installation

Installing the application can take some time. Please wait for it to complete.

Using the Initial Configuration Wizard, activate Kaspersky Endpoint Security 10 for Windows and collect information about applications included in the operating system.

Local installation from the command line

You can install Kaspersky Endpoint Security 10 for Windows via the command line:

In the interactive mode that requires user’s participation.
In the silent mode.

Installation in the interactive mode

To install the application in the interactive mode:

Open the command line on the client device.
Run the following command:
- msiexec /i <package path>\<package name>
  
  Example:
  
  msiexec /i C:\KES10SP2\kes10winsp2.msi
- <path to setup.exe>\setup.exe
  
  Example:
  
  C:\KES10SP2\setup.exe

Installation in the silent mode

To install the application in the silent mode:

Open the command line on the client device.
Run the following command:
- msiexec /i <package path>\<package name> EULA=1 KSN=1 KLPASSWD=<password> KLPASSWDAREA=<protected area> ALLOWREBOOT=1 /qn
  
  Example:
  
  msiexec /i C:\KES10SP2\kes10winsp2.msi EULA=1 KSN=1 KLPASSWD=test KLPASSWDAREA=EXIT ALLOWREBOOT=0 /qn
- setup.exe /pEULA=1 /pKSN=1 /pKLPASSWD=<password> /pKLPASSWDAREA=<protected area> /pALLOWREBOOT=1 /s
  
  Example:
  
  C:\KES10SP2\setup.exe /pEULA=1 /pKSN=0 /pKLPASSWD=test /pKLPASSWDAREA=SET /pALLOWREBOOT=1 /s
Where:

EULA=1 means acceptance of the End User License Agreement. The installation will not proceed if EULA=0.

KSN=1 means you agree to participate in the Kaspersky Security Network (KSN). This is a mandatory parameter and has no default value.

KLPASSWD sets a password authorizing certain actions with the application and modification of application settings.

KLPASSWDAREA is used in combination with KLPASSWD and can be one of the following:
- SET — set a password to modify the application settings.
- EXIT — set a password to exit the application.
- DISPROTECT — set a password to disable protection components and stop scan tasks.
- DISPOLICY — set a password to disable the Kaspersky Security Center 10 policy.
- UNIST — set a password to remove the application from the device.
- DISCONTRL — set a password to disable control components (Application Startup Control, Application Privilege Control, Vulnerability Monitor, Device Control, Web Control).
- REMOVELIC — set a password to remove the license.
ALLOWREBOOT=1 — you agree to automatically reboot the computer if necessary. If the ALLOWREBOOT parameter is not included into the command, ALLOWREBOOT=0 is set by default.

To get a list of all parameters, run the following command:

Setup.exe /?

To install the application in silent mode from the command line, move the following files to a folder with the Kaspersky Endpoint Security 10 for Windows installer:

The setup.ini,, which contains application setup parameters
The install.cfg configuration file
Key file

Remote installation via Kaspersky Security Center 10

In Kaspersky Security Center 10, you can install Kaspersky Endpoint Security 10 for Windows on client devices using remote installation tasks:

Group tasks for managed devices located in the same administration group.
Tasks for selected devices which can be chosen from any group of managed devices.

For the remote installation task to run correctly on the client device on which Network Agent is not installed, the following ports must be opened: TCP 139 and 445, UDP 137 and 138. By default, these ports are opened on all client devices included in the domain. They are opened automatically by the remote deployment preparation utility, riprep.exe.

Installation through the group task

Open Kaspersky Security Center 10.
Select an administration group, e.g. Managed devices. Go to the Tasks tab and click Create a task.

Image: Creating a group task in Kaspersky Endpoint Security 10 for Windows

Select Kaspersky Security Center 10 Administration Server → Install application remotely.

Image: Select the task type.

Select the installation package or create a new one.
Select the check box Install Network Agent along with this application if necessary. Select the Network Agent version.

Image: Network Agent selection

Adjust the remote installation settings.
Select the operating system restart options.
Select the user account for running the task.
Configure the task schedule.
Enter a name for the task.
If necessary, select the checkbox Run task after Wizard finishes. Click Finish.
Run the task manually or wait until it runs according to the schedule.

The task of Kaspersky Endpoint Security 10 for Windows remote installation will be started. You can track its progress on the Tasks tab.

Remote installation task progress

Installation through the task for device selections

Open Kaspersky Security Center 10.
Go to Tasks. Click Create a task.

Image: adding a subnet Creating a task for a group of devices.

Select Kaspersky Security Center 10 Administration Server → Install application remotely.
Select the installation package or create a new one. For instructions, see this article.
Select the checkbox Install Network Agent along with this application if necessary.
Adjust the remote installation settings.
Select the operating system restart options.
Configure the relocation settings for device upon the installation of Network Agent.
Select the devices to which the task will be applied:
- Select networked devices discovered by Administration Server Select devices that the Administration Server has detected.
- Specify device addresses manually, or import addresses from list . Specify NetBIOS names, DNS names, IP addresses and ranges.
- Assign task for device selection . Specify the device selection.
- Assign task to an administration group . Assign the task to the existing group of managed computers.

Image: Device selection

Select the user account for running the task.
Configure the task schedule.
Enter the name for the task.
If necessary, select the checkbox Run task after Wizard finishes. Click Finish.
Run the task manually or wait until it runs according to the schedule.

The task of Kaspersky Endpoint Security 10 for Windows remote installation will be started. You can track its progress on the Tasks tab.

Remote installation task progress

Remote installation using Active Directory group policies

Remote installation Using Active Directory group policies via Kaspersky Security Center 10

It is simpler to install Kaspersky Endpoint Security 10 for Windows and Network Agent using Active Directory group policies via Kaspersky Security Center 10.

To install the application:

Create an installation package.
A Kaspersky Endpoint Security 10 for Windows installation package is created automatically when installing the full version of Kaspersky Security Center 10.
Go to Tasks. Click Create a task.
Select Kaspersky Security Center 10 Administration Server → Install application remotely.
Choose Kaspersky Endpoint Security 10 for Windows.
Select the check box Install Network Agent along with this application. Select the Network Agent version.
Clear the check boxes Using Network Agent and Using operating system resources by means of Administration Server.
Select the check box Assign Network Agent installation in the Active Directory group policies.

Image: Settings window

Follow the remaining steps of the task wizard.
At the step Selecting an account to run the task, specify an account that has permissions for creating group policies.
Run the task manually or want until it runs according to the schedule.

After the task has run, the following are created in each domain the client devices belong to:

A group policy with the name Kaspersky_AK{GUID}
A security group, Kaspersky_AK{GUID} This group includes computers you selected when creating the remote installation task. The content of the security group defines the scope of the group policy.

Special considerations

Kaspersky Endpoint Security 10 for Windows is installed on client devices from the shared network folder, KL Share. In the Kaspersky Security Center 10. Installation folder, another folder is created containing the .msi file for the application being installed.
New devices will be added to the security after the task is run the next time. If the Run missed tasks check box is selected in the task schedule, the devices are added to the security group immediately.
Devices are deleted from the security group after the task is run the next time.
When a task is deleted from Active Directory, the respective policy, the respective link to the policy, and the respective security group are also deleted.

If you want to employ another installation scheme using Active Directory, you can configure the required settings manually. This may be necessary in the following cases:

When the administrator does not have permissions to make changes to the Active Directory of certain domains.
When the original installation package is stored on a separate network resource.
When it is necessary to link a group policy to specific Active Directory units.

There are some optional schemes for installation via Active Directory:

If installation is to be performed directly from the Kaspersky Security Center 10 shared folder, in the Active Directory group policy properties you must specify the .msi file located in the exec subfolder of the installation package folder for the required application.
If the installation package has to be located on another network resource, copy the contents of the exec subfolder to it.

Was this information helpful?

Yes No

Useful references

How to install and remove Kaspersky Endpoint Security 10 for Windows via the command prompt. Silent installation.
How to install Kaspersky Endpoint Security 10 for Windows bypassing a search for incompatible software
How to migrate from Kaspersky Anti-Virus 6.0 for Windows Workstations to Kaspersky Endpoint Security 10 Maintenance Release 1 with encryption

Back to "Installation and Removal"

Kaspersky Endpoint Security 10 for Windows (for workstations and file servers)

Version 10.3.3.304: Hardware and Software Requirements

For Kaspersky Endpoint Security 10 for Windows to work properly, the computer must meet the following requirements:

General requirements:

1 GHz or faster processor (with support of the SSE2 instruction set).
RAM:
- 1 GB (for 32-bit operating systems)
- 2 GB (for 64-bit operating systems)
2 GB of free hard disk space

Operating systems

Microsoft Windows 10 Home / Professional / Education / Enterprise x86 / х64

For details about support for Microsoft Windows 10, please refer to this article.

Microsoft Windows 8.1 Professional / Enterprise x86 / х64
Microsoft Windows 8 Professional / Enterprise x86 / х64
Microsoft Windows 7 Home / Professional / Enterprise x86 / х64 SP1 and later
Microsoft Windows Server 2019 Essentials / Standard / Datacenter х64
Microsoft Windows Server 2016 Essentials / Standard / Datacenter х64

For details about support for Microsoft Windows Server 2019 and Microsoft Windows Server 2016, please refer to this article.

Microsoft Windows Server 2012 R2 Foundation / Essentials / Standard / Datacenter х64
Microsoft Windows Server 2012 Foundation / Essentials / Standard / Datacenter х64
Microsoft Small Business Server 2011 Essentials / Standard х64
Windows MultiPoint Server 2011 x64
Microsoft Windows Server 2008 R2 Foundation / Standard / Enterprise / Datacenter х64 SP1
Microsoft Windows Server 2008 Standard / Enterprise / Datacenter х64 SP2
Microsoft Small Business Server 2008 Standard / Premium х64

Server platform support limitations

The ReFS file system is supported with limitations.
The Server Core and Cluster Mode configurations are not supported.
Disk encryption (Kaspersky FDE) and encryption of files on server platforms are not supported.

For other details regarding support for server platforms, please refer to this article.

Supported virtual platforms

VMWare ESXi 6.0.0 3620759
Microsoft Hyper-V 3.0
Citrix XenServer 7.0
Citrix XenDesktop 7.13
Citrix Provisioning Services 7.13

Issues and limitations:

Full disk encryption (FDE) on Hyper-V virtual machines is not supported.
Full disk encryption (FDE) and encryption of files and folders (FLE) are not supported on Citrix virtual platforms.
For Kaspersky Endpoint Security for Windows to be compatible with Citrix PVS, the Ensure compatibility with Citrix PVS option must be enabled during installation. This option can be enabled in the Setup Wizard or using the command line parameter /pCITRIXCOMPATIBILITY=1. In case of remote installation, you must add the /pCITRIXCOMPATIBILITY=1 key to the kud file.

For other details regarding support for virtual platforms, please refer to this article.

Version 10.3.3.275: Hardware and Software Requirements

For Kaspersky Endpoint Security 10 for Windows to work properly, the computer must meet the following requirements:

General requirements:

1 GHz or faster processor (with support of the SSE2 instruction set).
RAM:
- 1 GB (for 32-bit operating systems)
- 2 GB (for 64-bit operating systems)
2 GB of free hard disk space

Operating systems:

Microsoft Windows 10 Pro / Enterprise x86 / х64

For details about support for Microsoft Windows 10, please refer to this article.

Microsoft Windows 8.1 Pro / Enterprise x86 / х64
Microsoft Windows 8 Pro / Enterprise x86 / х64
Microsoft Windows 7 Professional / Enterprise / Ultimate x86 / х64 SP1 or later
Microsoft Windows Server 2019 х64
Microsoft Windows Server 2016 х64

For details about support for Microsoft Windows Server 2019 and Microsoft Windows Server 2016, please refer to this article.

Microsoft Windows Server 2012 R2 Standard х64
Microsoft Windows Server 2012 Foundation / Standard х64
Microsoft Small Business Server 2011 Standard х64
Microsoft Windows Server 2008 R2 Standard / Enterprise х64 SP1
Microsoft Windows Server 2008 Standard / Enterprise х64 SP2

Server platform support limitations

The ReFS file system is supported with limitations.
The Server Core and Cluster Mode configurations are not supported.
Disk encryption (Kaspersky FDE) and encryption of files on server platforms are not supported.

For other details regarding support for server platforms, please refer to this article.

Supported virtual platforms

VMWare ESXi 6.0.0 3620759
Microsoft Hyper-V 3.0
Citrix XenServer 7.0
Citrix XenDesktop 7.13
Citrix Provisioning Services 7.13

Issues and limitations:

Full disk encryption (FDE) on Hyper-V virtual machines is not supported.
Full disk encryption (FDE) and encryption of files and folders (FLE) are not supported on Citrix virtual platforms.
For Kaspersky Endpoint Security for Windows to be compatible with Citrix PVS, the Ensure compatibility with Citrix PVS option must be enabled during installation. This option can be enabled in the Setup Wizard or using the command line parameter /pCITRIXCOMPATIBILITY=1. In case of remote installation, you must add the /pCITRIXCOMPATIBILITY=1 key to the kud file.

For other details regarding support for virtual platforms, please refer to this article.

Version 10.3.0.6294MR2: Hardware and Software Requirements

For correct functioning of Kaspersky Endpoint Security 10 for Windows, your computer must meet the following requirements:

General requirements:

1 GHz processor or faster (with support of the SSE2 instruction set)
RAM:
- 1 GB (for 32-bit operating systems)
- 2 GB (for 64-bit operating systems)
2 GB of free space of the hard drive

Operating systems:

Microsoft Windows 10 Pro x86 / х64
Microsoft Windows 10 Enterprise x86 / х64

For details about support for Microsoft Windows 10, please refer to this article.

Microsoft Windows 8.1 Pro x86 / х64
Microsoft Windows 8.1 Enterprise x86 / х64.
Microsoft Windows 8 Pro x86 / х64
Microsoft Windows 8 Enterprise x86 / х64
Microsoft Windows 7 Professional x86 / х64 SP1 and later
Microsoft Windows 7 Enterprise x86 / х64 SP1 and later
Microsoft Windows 7 Ultimate x86 / х64 SP1 and later
Microsoft Windows Server 2019 х64
Microsoft Windows Server 2016 х64

For details about support for Microsoft Windows Server 2019 and 2016, please refer to this article.

Microsoft Windows Server 2012 R2 Standard х64
Microsoft Windows Server 2012 Foundation х64
Microsoft Windows Server 2012 Standard х64
Microsoft Small Business Server 2011 Standard х64
Microsoft Windows Server 2008 R2 Standard х64 SP1
Microsoft Windows Server 2008 R2 Enterprise х64 SP1
Microsoft Windows Server 2008 Standard x86 / х64 SP2
Microsoft Windows Server 2008 Enterprise x86 / х64 SP2

The following operating systems are no longer supported:

Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Embedded
Microsoft Windows Server 2003
Microsoft Windows Server 2003 R2

Installation on the above operating systems is not supported.

Support limitations for server platforms:

Limited support of ReFS.
Server Core and Cluster Mode configurations are not supported.
Disk encryption (Kaspersky FDE) and file encryption are not supported on server platforms.

Supported virtual platforms:

VMWare ESXi 6.0.0 3620759
Microsoft Hyper-V 3.0
Citrix XenServer 7.0
Citrix XenDesktop 7.13
Citrix Provisioning Services 7.13

Support limitations for virtual platforms:

Full disk encryption (FDE) on Hyper-V virtual machines is not supported.
Full disk encryption (FDE) and encryption of files and folders (FLE) are not supported on Citrix virtual platforms.

For other details regarding support for virtual platforms, please refer to this article.

Version 10.3.0.6294MR1: Hardware and Software Requirements

For Kaspersky Endpoint Security 10 for Windows to work properly, the computer must meet the following requirements:

General requirements:

1 GHz or faster processor (with support of the SSE2 instruction set).
RAM:
- 1 GB (for 32-bit operating systems)
- 2 GB (for 64-bit operating systems)
2 GB of free disk space on the hard drive

Operating systems:

Microsoft Windows 10 Pro x86 / х64
Microsoft Windows 10 Enterprise x86 / х64

For details about support for Microsoft Windows 10, please refer to this article.

Microsoft Windows 8.1 Pro x86 / х64
Microsoft Windows 8.1 Enterprise x86 / х64
Microsoft Windows 8 Pro x86 / х64
Microsoft Windows 8 Enterprise x86 / х64
Microsoft Windows 7 Professional x86 / х64 SP1 and later
Microsoft Windows 7 Enterprise x86 / х64 SP1 and later
Microsoft Windows 7 Ultimate x86 / х64 SP1 and later
Microsoft Windows Server 2016 х64

For details about support for Microsoft Windows Server 2016, please refer to this article.

Microsoft Windows Server 2012 R2 Standard х64
Microsoft Windows Server 2012 Foundation х64
Microsoft Windows Server 2012 Standard х64
Microsoft Small Business Server 2011 Standard х64
Microsoft Windows Server 2008 R2 Standard х64 SP1
Microsoft Windows Server 2008 R2 Enterprise х64 SP1
Microsoft Windows Server 2008 Standard x86 / х64 SP2
Microsoft Windows Server 2008 Enterprise x86 / х64 SP2

The following operating systems are no longer supported:

Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Embedded
Microsoft Windows Server 2003
Microsoft Windows Server 2003 R2

Installation on the above operating systems is not supported.

Server platform support limitations:

The ReFS file system is supported with limitations.
The Server Core and Cluster Mode configurations are not supported.
Disk encryption (Kaspersky FDE) and encryption of files on server platforms are not supported.

Supported virtual platforms:

VMWare ESXi 6.0.0 3620759
Microsoft Hyper-V 3.0
Citrix XenServer 7.0
Citrix XenDesktop 7.13
Citrix Provisioning Services 7.13

Issues and limitations:

Full disk encryption (FDE) on Hyper-V virtual machines is not supported.
Full disk encryption (FDE) and encryption of files and folders (FLE) are not supported on Citrix virtual platforms.

For other details regarding support for virtual platforms, please refer to this article.

Version 10.3.0.6294: Hardware and Software Requirements

For Kaspersky Endpoint Security 10 for Windows to work properly, the computer must meet the following requirements:

General requirements:

1 GHz or faster processor (with support of the SSE2 instruction set).
RAM:
- 1 GB (for 32-bit operating systems)
- 2 GB (for 64-bit operating systems)
2 GB of free disk space on the hard drive

Operating systems:

Microsoft Windows 10 Pro x86 / х64
Microsoft Windows 10 Enterprise x86 / х64

For details about support for Microsoft Windows 10, please refer to this article.

Microsoft Windows 8.1 Pro x86 / х64
Microsoft Windows 8.1 Enterprise x86 / х64
Microsoft Windows 8 Pro x86 / х64
Microsoft Windows 8 Enterprise x86 / х64
Microsoft Windows 7 Professional x86 / х64 SP1 and later
Microsoft Windows 7 Enterprise x86 / х64 SP1 and later
Microsoft Windows 7 Ultimate x86 / х64 SP1 and later
Microsoft Windows Server 2016 х64

For details about support for Microsoft Windows Server 2016, please refer to this article.

Microsoft Windows Server 2012 R2 Standard х64
Microsoft Windows Server 2012 Foundation х64
Microsoft Windows Server 2012 Standard х64
Microsoft Small Business Server 2011 Standard х64
Microsoft Windows Server 2008 R2 Standard х64 SP1
Microsoft Windows Server 2008 R2 Enterprise х64 SP1
Microsoft Windows Server 2008 Standard x86 / х64 SP2
Microsoft Windows Server 2008 Enterprise x86 / х64 SP2

The following operating systems are no longer supported:

Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Embedded
Microsoft Windows Server 2003
Microsoft Windows Server 2003 R2

Installation on the above operating systems is not supported.

Server platform support limitations:

The ReFS file system is supported with limitations.
The Server Core and Cluster Mode configurations are not supported.
Disk encryption (Kaspersky FDE) and encryption of files on server platforms are not supported.

Supported virtual platforms:

VMWare ESXi 6.0.0 3620759
Microsoft Hyper-V 3.0
Citrix XenServer 7.0
Citrix XenDesktop 7.13
Citrix Provisioning Services 7.13

Issues and limitations:

Full disk encryption (FDE) on Hyper-V virtual machines is not supported.
Full disk encryption (FDE) and encryption of files and folders (FLE) are not supported on Citrix virtual platforms.

For other details regarding support for virtual platforms, please refer to this article.

Version 10.2.6.3733: Hardware and Software Requirements

For Kaspersky Endpoint Security 10 for Windows to work properly, the computer must meet the following requirements:

General requirements:

Intel Pentium processor 1 GHz or faster
1 GB of RAM
2 GB of free disk space on the hard drive

Operating systems

Microsoft Windows 10 Pro / Enterprise x86 / х64
Microsoft Windows 8.1 Pro / Enterprise x86 / х64
Microsoft Windows 8 Pro / Enterprise x86 / х64
Microsoft Windows 7 Professional / Enterprise / Ultimate x86 / х64 SP1 or later
Microsoft Windows 7 Professional / Enterprise / Ultimate x86 / х64
Microsoft Windows Vista x86 / х64 SP2 or later
Microsoft Windows XP Professional x86 SP3 or later
Microsoft Windows Server 2019 х64
Microsoft Windows Server 2016 Standard / Essentials х64

For details about support for Microsoft Windows Server 2019 and 2016, please refer to this article.

Microsoft Windows Server 2012 R2 Foundation / Standard / Essentials х64
Microsoft Windows Server 2012 Foundation / Standard / Essentials х64
Microsoft Small Business Server 2011 Standard х64
Microsoft Windows MultiPoint Server 2011 х64
Microsoft Small Business Server 2008 Standard / Premium x64.
Microsoft Windows Server 2008 R2 Foundation / Standard / Enterprise х64 SP1 or later
Microsoft Windows Server 2008 Foundation / Standard / x86 / Enterprise х64 SP2 or later
Microsoft Windows Server 2003 R2 Standard / Enterprise x86 / x64 SP2 or later
Microsoft Windows Server 2003 Standard / Enterprise x86 / x64 SP2
Microsoft Windows Embedded 8.0 Standard x64
Microsoft Windows Embedded 8.1 Industry Pro x64
Microsoft Windows Embedded Standard 7* x86 / x64 SP1
Microsoft Windows Embedded POSReady 7* x86 / x64

Microsoft Windows 10 and Microsoft Windows Server 2016 are supported with limitations.

Special considerations and support limitations for embedded systems

It is recommended to run Microsoft Windows Embedded 8.0 Standard x64 (Standard 8) or Microsoft Windows Embedded 8.1 Industry x64 (Industry 8.1) on devices with 2GB or more of RAM.
File level encryption (FLE) and full disk encryption (FDE) functionality is not supported in embedded operating systems.

Supported virtual platforms

VMWare ESXi 5.5.0 2718055 Update 2
VMWare ESXi 5.5.0 3568722 Update 3b
VMWare ESXi 5.5.0 2718055 Update 2
Microsoft Hyper-V 3.0 (Windows Server 2012 R2)
Citrix XenServer 6.5
Citrix XenDesktop 7.8
Citrix Provisioning Server 7.8

Server platform support limitations

The ReFS file system is supported with limitations.
The Server Core and Cluster Mode configurations are not supported.
Disk encryption (Kaspersky FDE) and encryption of files on server platforms are not supported.

Version 10.2.5.3201: Hardware and Software Requirements

For proper functioning of Kaspersky Endpoint Security 10 for Windows, your computer must meet the following requirements:

General requirements

Intel Pentium 1GHz and faster
1 GB available RAM
2 GB of free disk space
Microsoft Internet Explorer 7.0 and later
Microsoft Windows Installer 3.0 and later
Internet connection for activating the application and for updating databases and application modules

Hardware and software requirements for workstations

Microsoft Windows 10 Pro x86 / х64
Microsoft Windows 10 Enterprise x86 / х64
Microsoft Windows 8.1 Pro x86 / х64
Microsoft Windows 8.1 Enterprise x86 / х64
Microsoft Windows 8 Pro x86 / х64
Microsoft Windows 8 Enterprise x86 / х64
Microsoft Windows 7 Professional x86 / х64 SP1 and later
Microsoft Windows 7 Enterprise / Ultimate x86 / х64 SP1 and later
Microsoft Windows 7 Professional x86 / х64
Microsoft Windows 7 Enterprise / Ultimate x86 / х64
Microsoft Windows Vista x86 / х64 SP2 and later
Microsoft Windows XP Professional x86 SP3 and later
Microsoft Windows Server 2019 х64
Microsoft Windows Server 2016 Standard / Essentials х64

For details about support for Microsoft Windows Server 2019 and 2016, please refer to this article.

Microsoft Windows Server 2012 R2 Foundation / Standard / Essentials х64
Microsoft Windows Server 2012 Foundation / Standard / Essentials х64
Microsoft Small Business Server 2011 Standard х64
Microsoft Windows MultiPoint Server 2011 х64
Microsoft Small Business Server 2008 Standard / Premium x64
Microsoft Windows Server 2008 R2 Foundation / Standard / Enterprise х64 SP1 and later
Microsoft Windows Server 2008 Foundation / Standard / Enterprise х86 / х64 SP2 and later
Microsoft Windows Server 2003 R2 Standard / Enterprise x86 / x64 SP2 and later
Microsoft Windows Server 2003 Standard / Enterprise x86 / x64 SP2
Microsoft Windows Embedded 8.0 Standard x64
Microsoft Windows Embedded 8.1 Industry Pro x64
Microsoft Windows Embedded Standard 7* x86 / x64 SP1
Microsoft Windows Embedded POSReady 7* x86 / x64

Microsoft Windows 10 and Microsoft Windows Server 2016 are supported with limitations.

Limitations of embedded operating systems support

We recommend that you use Microsoft Windows Embedded 8.0 Standard x64 (Standard 8) or Microsoft Windows Embedded 8.1 Industry x64 (Industry 8.1) on devices with at least 2 GB RAM.
Encryption of files (FLE) and hard drives (FDE) is not supported in the embedded operating systems.

Supported virtual platforms:

VMWare ESXi 5.5.0 2718055 Update 2
VMWare ESXi 5.5.0 3568722 Update 3b
VMWare ESXi 5.5.0 2718055 Update 2
Microsoft Hyper-V 3.0 (Windows Server 2012 R2)
Citrix XenServer 6.5
Citrix XenDesktop 7.8
Citrix Provisioning Server 7.8

Server platform support limitations:

The ReFS file system is supported with limitations.
The Server Core and Cluster Mode configurations are not supported.
Disk encryption (Kaspersky FDE) and encryption of files on server platforms are not supported.

Version 10.2.4.674: Hardware and Software Requirements

For proper functioning of Kaspersky Endpoint Security 10 for Windows, your computer must meet the following requirements:

General requirements:

Intel Pentium processor at 1 GHz and faster
1 GB of free RAM
2 GB of free disk space
Microsoft Internet Explorer 7.0 or later
Microsoft Windows Installer 3.0 or later
Internet connection (required for activating and updating the application)

Hardware and software requirements:

Microsoft Windows 10 TH2 Pro version 1511 x86 / х64
Microsoft Windows 10 TH2 Enterprise version 1511 x86 / х64
Microsoft Windows 8.1 Pro x86 / х64
Microsoft Windows 8.1 Enterprise x86 / х64
Microsoft Windows 8 Pro x86 / х64
Microsoft Windows 8 Enterprise x86 / х64
Microsoft Windows 7 Professional x86 / х64 SP1 and later
Microsoft Windows 7 Enterprise / Ultimate x86 / х64 SP1 and later
Microsoft Windows 7 Professional x86 / х64
Microsoft Windows 7 Enterprise / Ultimate x86 / х64
Microsoft Windows Vista x86 / х64 SP2 and later
Microsoft Windows XP Professional x86 SP3 and later
Microsoft Windows Server 2012 R2 Standard / Essentials / Enterprise х64
Microsoft Windows Server 2012 Foundation / Standard / Essentials х64
Microsoft Small Business Server 2011 Standard / Essentials х64
Microsoft Windows MultiPoint Server 2011 х64
Microsoft Windows Server 2008 R2 Standard / Enterprise / Foundation х64 SP1 and later
Microsoft Windows Server 2008 R2 Standard / Enterprise / Foundation х64
Microsoft Windows Server 2008 Standard / Enterprise х86 / х64 SP2 and later
Microsoft Small Business Server 2008 Standard / Premium x64
Microsoft Windows Server 2003 R2 Standard / Enterprise x86 / x64 SP2 and later
Microsoft Windows Server 2003 Standard / Enterprise x86 / x64 SP2 and later
Microsoft Windows Embedded 8.0 Standard x64
Microsoft Windows Embedded 8.1 Industry Pro x64
Microsoft Windows Embedded Standard 7 x86 / x64 SP1
Microsoft Windows Embedded POSReady 7 x86 / x64

Limitations of embedded operating systems support

We recommend that you use Microsoft Windows Embedded 8.0 Standard x64 (Standard 8) or Microsoft Windows Embedded 8.1 Industry x64 (Industry 8.1) on devices with at least 2 GB RAM.
Encryption of files (FLE) and hard drives (FDE) is not supported in the embedded operating systems.

Server platform support limitations:

The ReFS file system is supported with limitations.
The Server Core and Cluster Mode configurations are not supported.
Disk encryption (Kaspersky FDE) and encryption of files on server platforms are not supported.

Version 10.2.2.10535MR1: Hardware and Software Requirements

For Kaspersky Endpoint Security 10 for Windows to work properly, the computer must meet the following requirements:

General requirements

Intel Pentium processor 1 GHz or faster
1 GB available RAM
2 GB of free hard disk space
Microsoft Internet Explorer 7.0 or later
Microsoft Windows Installer 3.0 or later
Internet connection for activating the application and for updating databases and application modules.

Operating systems

Microsoft Windows 8.1 Update Pro x86 / х64
Microsoft Windows 8.1 Update Enterprise x86 / х64
Microsoft Windows 8.1 Pro x86 / х64
Microsoft Windows 8.1 Enterprise x86 / х64
Microsoft Windows 8 Pro x86 / х64
Microsoft Windows 8 Enterprise x86 / х64
Microsoft Windows 7 Professional x86 / х64 SP1 and later
Microsoft Windows 7 Enterprise / Ultimate x86 / х64 SP1 and later
Microsoft Windows 7 Professional x86 / х64
Microsoft Windows 7 Enterprise / Ultimate x86 / х64
Microsoft Windows Vista x86 / х64 SP2 or later
Microsoft Small Business Server 2011 Essentials х64
Microsoft Small Business Server 2011 Standard х64
Microsoft Small Business Server 2008 Standard x64
Microsoft Small Business Server 2008 Premium x64
Microsoft Windows Server 2012 R2 Standard х64
Microsoft Windows Server 2012 Foundation / Standard х64
Microsoft Windows MultiPoint Server 2011 x64
Microsoft Windows Server 2008 R2 Standard х64 SP1 and later
Microsoft Windows Server 2008 R2 Standard х64
Microsoft Windows Server 2008 R2 Enterprise х64 SP1 and later
Microsoft Windows Server 2008 R2 Enterprise х64
Microsoft Windows Server 2008 R2 Foundation x64 SP1 and later
Microsoft Windows Server 2008 R2 Foundation x64
Microsoft Windows Server 2008 Standard х86 / х64 SP2 and later
Microsoft Windows Server 2008 Enterprise х86 / х64 SP2 and later
Microsoft Windows Server 2003 R2 Standard x86 / x64 SP2 and later
Microsoft Windows Server 2003 R2 Enterprise x86 / x64 SP2 and later
Microsoft Windows Server 2003 Standard x86 / x64 SP2
Microsoft Windows Server 2003 Enterprise x86 / x64 SP2 and later
Windows Embedded 8.0 Standard x64
Windows Embedded 8.1 Industry Pro x64
Windows Embedded Standard 7 with SP1 x86 / х64
Windows Embedded POSReady 7 x86 / х64

Special considerations and support limitations for embedded systems

It is recommended to run Microsoft Windows Embedded 8.0 Standard x64 (Standard 8) or Microsoft Windows Embedded 8.1 Industry x64 (Industry 8.1) on devices with 2GB or more of RAM.
File level encryption (FLE) and full disk encryption (FDE) functionality is not supported in embedded operating systems.

Server platform support limitations

The ReFS file system is supported with limitations.
The Server Core and Cluster Mode configurations are not supported.

Support limitations for Microsoft Windows 8.1

The update of Windows 8 to Windows 8.1 is not supported.
ReFS file system is limited for the iSwift / iChecker technology.
It is not possible to hide Kaspersky Endpoint Security 10 in the Start menu.

Supported virtual platforms

VMWare ESXi 5.5.0 1623387 Update 1
VMWare ESXi 5.5.0 2068190 Update 2
Microsoft Hyper-V 3.0 (Windows Server 2012)
Citrix XenServer 6.2
Citrix XenDesktop 7.5
Citrix Provisioning Server 7.1

Virtual platform support Issues and limitations

To enable Kaspersky Endpoint Security compatibility with Citrix PVS, perform installation with the Ensure compatibility with Citrix PVS option enabled. This option can be enabled in the Setup Wizard or using the command line parameter /pCITRIXCOMPATIBILITY=1. In case of remote installation, you must add the /pCITRIXCOMPATIBILITY=1 key into the kud file.
Installation of Kaspersky Endpoint Security 10 Service Pack 1 to a Microsoft Windows XP virtual machine running on Citrix XenDesktop is not supported.
Using Target Device for creating images of virtual machines with Kaspersky Endpoint Security 10 Service Pack 1 installed that run under Microsoft Windows XP and Microsoft Windows Vista is not supported.

Version 10.2.2.10535: Hardware and Software Requirements

For Kaspersky Endpoint Security 10 for Windows to work properly, the computer must meet the following requirements:

General requirements

Intel Pentium processor 1 GHz or faster
1 GB available RAM
2 GB of free hard disk space
Microsoft Internet Explorer 7.0 or later
Microsoft Windows Installer 3.0 or later
Internet connection for activating the application and for updating databases and application modules.

Operating systems

Microsoft Windows 8.1 Update Pro x86 / х64
Microsoft Windows 8.1 Update Enterprise x86 / х64
Microsoft Windows 8.1 Pro x86 / х64
Microsoft Windows 8.1 Enterprise x86 / х64
Microsoft Windows 8 Pro x86 / х64
Microsoft Windows 8 Enterprise x86 / х64
Microsoft Windows 7 Professional x86 / х64 SP1 and later
Microsoft Windows 7 Enterprise / Ultimate x86 / х64 SP1 and later
Microsoft Windows 7 Professional x86 / х64
Microsoft Windows 7 Enterprise / Ultimate x86 / х64
Microsoft Windows Vista x86 / х64 SP2 or later
Microsoft Small Business Server 2011 Essentials х64
Microsoft Small Business Server 2011 Standard х64
Microsoft Small Business Server 2008 Standard x64
Microsoft Small Business Server 2008 Premium x64
Microsoft Windows Server 2012 R2 Standard х64
Microsoft Windows Server 2012 Foundation / Standard х64
Microsoft Windows MultiPoint Server 2011 x64
Microsoft Windows Server 2008 R2 Standard х64 SP1 and later
Microsoft Windows Server 2008 R2 Standard х64
Microsoft Windows Server 2008 R2 Enterprise х64 SP1 and later
Microsoft Windows Server 2008 R2 Enterprise х64
Microsoft Windows Server 2008 R2 Foundation x64 SP1 and later
Microsoft Windows Server 2008 R2 Foundation x64
Microsoft Windows Server 2008 Standard х86 / х64 SP2 and later
Microsoft Windows Server 2008 Enterprise х86 / х64 SP2 and later
Microsoft Windows Server 2003 R2 Standard x86 / x64 SP2 and later
Microsoft Windows Server 2003 R2 Enterprise x86 / x64 SP2 and later
Microsoft Windows Server 2003 Standard x86 / x64 SP2
Microsoft Windows Server 2003 Enterprise x86 / x64 SP2 and later
Windows Embedded 8.0 Standard x64
Windows Embedded 8.1 Industry Pro x64
Windows Embedded Standard 7 with SP1 x86 / х64
Windows Embedded POSReady 7 x86 / х64

Special considerations and support limitations for embedded systems

It is recommended to run Microsoft Windows Embedded 8.0 Standard x64 (Standard 8) or Microsoft Windows Embedded 8.1 Industry x64 (Industry 8.1) on devices with 2GB or more of RAM.
File level encryption (FLE) and full disk encryption (FDE) functionality is not supported in embedded operating systems.

Server platform support limitations

The ReFS file system is supported with limitations.
The Server Core and Cluster Mode configurations are not supported.

Support limitations for Microsoft Windows 8.1

The update of Windows 8 to Windows 8.1 is not supported.
ReFS file system is limited for the iSwift / iChecker technology.
It is not possible to hide Kaspersky Endpoint Security 10 in the Start menu.

Supported virtual platforms

VMWare ESXi 5.5.0 1623387 Update 1
VMWare ESXi 5.5.0 2068190 Update 2
Microsoft Hyper-V 3.0 (Windows Server 2012)
Citrix XenServer 6.2
Citrix XenDesktop 7.5
Citrix Provisioning Server 7.1

Virtual platform support issues and limitations

To enable Kaspersky Endpoint Security compatibility with Citrix PVS, perform installation with the Ensure compatibility with Citrix PVS option enabled. This option can be enabled in the Setup Wizard or using the command line parameter /pCITRIXCOMPATIBILITY=1. In case of remote installation, you must add the /pCITRIXCOMPATIBILITY=1 key into the kud file.
Installation of Kaspersky Endpoint Security 10 Service Pack 1 to a Microsoft Windows XP virtual machine running on Citrix XenDesktop is not supported.
Using Target Device for creating images of virtual machines with Kaspersky Endpoint Security 10 Service Pack 1 installed that run under Microsoft Windows XP and Microsoft Windows Vista is not supported.

Database Update	Yes
Support	Yes
Error fix	Yes

Kaspersky Endpoint Security 10 for Windows (for workstations and file servers)

How to install Kaspersky Endpoint Security 10 for Windows

How to install the application locally using the Setup Wizard

Step 1: Checking software and hardware requirements

Step 2: The initial setup window

Step 3: End User License Agreement

Step 4: Select the installation type

Step 5: Custom installation

Step 6: Select the destination folder

Step 7: Exclusions from the scan scope

Step 8: Preparation for installation

Step 9: Application installation

Local installation from the command line

Installation in the interactive mode

Installation in the silent mode

Remote installation via Kaspersky Security Center 10

Installation through the group task

Installation through the task for device selections

Remote installation using Active Directory group policies

Installation through Active Directory group policies

Upgrade through Active Directory group policies

Remote installation Using Active Directory group policies via Kaspersky Security Center 10

Special considerations

Useful references

Kaspersky Endpoint Security 10 for Windows (for workstations and file servers)

Status: Full Support

Database Update

Support

Error fix

Documentation

License agreement

Download

Additional Downloads

Packages for remote management

Kaspersky Endpoint Security 10 for Windows (for workstations and file servers)

Version 10.3.3.304: Hardware and Software Requirements

General requirements:

Operating systems

Server platform support limitations

Supported virtual platforms

Issues and limitations:

Version 10.3.3.275: Hardware and Software Requirements

General requirements:

Operating systems:

Server platform support limitations

Supported virtual platforms

Issues and limitations:

Version 10.3.0.6294MR2: Hardware and Software Requirements

General requirements:

Operating systems:

Support limitations for server platforms:

Supported virtual platforms:

Support limitations for virtual platforms:

Version 10.3.0.6294MR1: Hardware and Software Requirements

General requirements:

Operating systems:

Server platform support limitations:

Supported virtual platforms:

Issues and limitations:

Version 10.3.0.6294: Hardware and Software Requirements

General requirements:

Operating systems:

Server platform support limitations:

Supported virtual platforms:

Issues and limitations:

Version 10.2.6.3733: Hardware and Software Requirements

General requirements:

Operating systems

Special considerations and support limitations for embedded systems

Supported virtual platforms

Server platform support limitations

Version 10.2.5.3201: Hardware and Software Requirements

General requirements

Hardware and software requirements for workstations

Limitations of embedded operating systems support

Supported virtual platforms:

Server platform support limitations:

Version 10.2.4.674: Hardware and Software Requirements

General requirements:

Hardware and software requirements: