Support

Support for business applications

Kaspersky Security Center 15 Linux

Managing applications and executable files on client devices

Fixing vulnerabilities in an isolated network

Configuring the Administration Server with internet access to fix vulnerabilities in an isolated network

Kaspersky Security Center
Нет результатов
Нет результатов
Online Help
FAQ Download Buy Renew Forum Contact support Recovery tools Product videos

Configuring the Administration Server with internet access to fix vulnerabilities in an isolated network

July 1, 2024

ID 230729

Save as PDF

To prepare for fixing vulnerabilities and transmitting patches within an isolated network, the initial step is to configure an Administration Server with internet access, and then to configure isolated Administration Servers.

To configure an Administration Server with internet access:

  1. Create two folders on the disk where the Administration Server is installed:
    • Folder for the list of required updates
    • Folder for patches

    You can name these folders as desired.

  2. Grant the Modify access right to the KLAdmins group in the created folders, by using the standard administrative tools of the operating system.
  3. Use the klscflag utility to specify the paths to the folders in the Administration Server properties.

    Run the command line, and then change your current directory to the directory with the klscflag utility. The klscflag utility is located in the directory where the Administration Server is installed. The default installation path is /opt/kaspersky/ksc64/sbin.

  4. Run the following commands in the command line:
    • To set the path to the folder for patches:

      klscflag -fset -pv klserver -n VAPM_DATA_EXPORT_PATH -t s -v "<path to the folder>"

    • To set the path to the folder for the list of required updates:

      klscflag -fset -pv klserver -n VAPM_REQ_IMPORT_PATH -t s -v "<path to the folder>"

    Example: klscflag -fset -pv klserver -n VAPM_DATA_EXPORT_PATH -t s -v "/FolderForPatches"

  5. If necessary, use the klscflag utility to specify how often the Administration Server should check for new patch requests:

    klscflag -fset -pv klserver -n VAPM_DATA_EXPORT_PERIOD_SEC -t d -v <value in seconds>

    The default value is 120 seconds.

    Example: klscflag -fset -pv klserver -n VAPM_DATA_EXPORT_PERIOD_SEC -t d -v 120

  6. Restart the Administration Server service.

The Administration Server with internet access is ready to download and transmit updates to isolated Administration Servers. Before you start fixing vulnerabilities, configure the isolated Administration Servers.

See also:

Scenario: Fixing third-party software vulnerabilities in an isolated network

About fixing third-party software vulnerabilities in an isolated network

Kaspersky Endpoint Security for Linux: High protection without performance compromising
Detects and blocks advanced threats. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.