System Requirement for KSC 14.

2 installation
Hardware and software requirements:
Software requirements
The supported operating systems and requirements are:
• Microsoft Windows Server 2012 (Including R2) 64-bit and above
• Microsoft Windows Server 2016 64-bit and above
• Microsoft Windows Server 2019 64-bit and above

64-bit versions supported. The Administration Server can be installed on all main editions of
Windows Server—Standard, Enterprise, Datacenter.

In addition to the operating system, the following software is necessary:

• Microsoft Data Access Components (MDAC) 2.8

• Microsoft Windows DAC 6.0
• Microsoft Windows Installer 4.5

Hardware requirements
Minimum hardware requirements are as follows:

• 4 cores CPU with 1.4 GHz or higher processor

• 8 GB of RAM and above (in addition to the memory necessary for the operating
system and other applications installed on the computer)
• *To also use Kaspersky Web console system should have 8 GB free space of RAM*

Please Note

• The allocated system should not be a Domain Controller (DC)

• If possible, kindly allocate a dedicated server for Kaspersky Security Center.
• If you want to Rename the Server name, kindly rename it before proceeding with the
KSC installation.
• If you want to add IP address as Kaspersky Administrator server Address, kindly give
a static IP address to the server.

Download Links
Databases

MARIA DB [My SQL] 10.3.20 (Database size up to 2 TB)

https://drive.google.com/file/d/1TyRVtyfVLwY01YUm5fs-lM2NC2ollTIh/view?usp=share_link
KASPERSKY SECURITY CENTER 14.2

https://products.s.kaspersky-labs.com/administrationkit/ksc10/14.2.0.26967p/english-
14023549-en/3734353734327c44454c7c31/ksc_14_14.2.0.26967_full_en.exe

KASPERSKY ENDPOINT SECURITY 12.2 AES 256

https://aes.s.kaspersky-labs.com/endpoints/keswin11/12.2.0.462/english-
21.14.5.462.0.189.0/3735323832347c44454c7c31/keswin_12.2.0.462_en_aes256.exe

KASPERSKY ENDPOINT SECURITY 12.2 AES 56

https://aes.s.kaspersky-labs.com/endpoints/keswin11/12.2.0.462/english-
21.14.5.462.0.189.0/3735323832357c44454c7c31/keswin_12.2.0.462_en_aes56.exe

KSC installation with Maria DB 10.3.20 Database

Installation of Maria DB 10.3.20
Accept the License Agreement and then click on Next
 • Put a strong password for root user
• Make Sure you remember it or note it down.
• As we will be using it later on KSC installation.
Installation of KSC and Web console
• If the No. of device count is under 1000 networked devices, kindly choose the 2nd
option, even for 20- 30 devices select the 2nd option only, because it will give the
user’s room to add more devices later on.
• Click on Browse
• Click on Advanced
• Follow the same process and add the same User Credentials again in “Account for
Services tab”
 Click on next

Click on Next

Here, you could give the FQDN name of your Domain or IP Address of the KSC server
System (Note: IP Address for the KSC server should be static).
 Installation of Kaspersky Web console

If you have selected the install both options, you will get this prompt

Click on Next
• Accept the License agreement then click on Next

Click on Next
• Click on test and check whether the mentioned port is available on Local host
(127.0.0.1)
• Uncheck the Start Kaspersky Security Center Administration console & Web
console.
• If you are using MS SQL 2019 server, you need to install the SQL Server
Management Studio and Run a query in Database
Click on + (Server name\KAV_CS_ADMIN_KIT) - click on (+ Database) – Click on (KAV) –
Click New Query
 Copy pastes the below mentioned query and click on Execute

USE KAV

GO

ALTER DATABASE SCOPED CONFIGURATION SET TSQL_SCALAR_UDF_INLINING = OFF

GO
 Restart the SQL Server Services

• How to monitor the Kaspersky Event log from the Event Viewer
 • Click on the down arrow on Applications and Services logs
• Go to Kaspersky event log
• Source should be “kladminserver”

Look for this log “Administrator Server running”

How to perform send heartbeat to check connection

Go to This PC – C: Drive
 Double Click and open “Program Files(x86) Folder

Double click and open “Kaspersky Lab” Folder

Double click and open “Kaspersky Security Center” Folder

*Note= In client devices, you will have to open the “Network Agent” Folder
 Look for this application and right click on it and run as admin

After clicking on send heartbeat option do check the date & time with systems date &
time. It should sync with each other.

Open the KSC console – click on the > Administrator server

 Click on Yes

• & Accept the Hardening guide option.

 This Prompt will appear click on next

If proxy server is present provide the details here otherwise, click on next
Click on Activate the application later option, we will it later on

Select the Areas and Operating System you want to protect

 Click on the drop-down option and select the language

Select the plug-ins of the required application & click on next

Let the setup wizard run and download the required plug-ins

Click next to install the plug-ins

 Click on ok

Follow the above step and install all the required plug-ins
• Click on the drop-down option and select the language
• Uncheck all the boxes and try to click on next
• A prompt will appear click on yes and then click on next
• Note: we will create a package later on.
 Click on I agree to use the KSN Agreement then click on next

If you want to configure email notification provide the details of SMTP server here then
click
Note : you have the option to configure it later on.
Let the wizard automatically create the default policy and tasks then click on next
Click on next
Click on next
Uncheck the Run Protection deployment wizard then click on Finish

How to Extract key file from Activation code

Click and open the Activation code.txt file to get the Activation code

From any browser visit the above-mentioned site

Here enters the Activation code, Users mail ID, type the capche& the check the I agree tab
and click on Get key file

The user will receive a zip file after extracting the file, you will receive the key files

Click on the compatibility list and check which key file is for what purpose
 How to add key files in the KSC Console

Go to Kaspersky License tab – click on add activation code or key file option

Select the 2nd option

Note: Using key file option you could activate the license on offline devices as well.
 Click on Browse

Click key file and then open to add the key file
If you want to distribute the license key automatically select the check box
The license key is added in the Kaspersky console- click on finish
How to add groups under manage devices

Right click on managed devices- New- Group

 After Running the Administrator server quick start wizard, these tasks are automatically
created.

How to Create an installation package and configure it

Click on Advanced- Remote installation-installation packages – Create installation package

 Give it a name as mentioned above

Click on the dropdown option- select Self-extracting archives- Select Keswin package- then
open
Uncheck the copy updates option- click on next to quickly create the package
Accept the EULA Agreement – click on next
If the plug-ins were not installed earlier, it will automatically be installed now.
Right click on the newly created package and click on properties section.
Go to Settings and check the 2-option marked with red Rectangle then click on apply &
ok.

How to create standalone package for one click installation

Select the Network agent if you want to create a single standalone package of both KES
& Network Agent – click on next
If you want to move the devices automatically to managed devices group select the
above options – then click on next
We have the option to send the standalone package link via mail also.
Click on finish
 If you select the open the list of standalone packages one will see the above details.

How to deploy the Kaspersky application remotely from the KSC server (for
windows)

Right click and select the install application

You could select either of the 2 options depending on the requirement.
If network agent is already installed on end devices check the 1 option otherwise, select
the 3rd option
Here, one could choose any of the options depending on one’s requirement.
The above option will automatically remove the incompatible applications mentioned
here- click next
Choose any one option depending on the conditions mentioned above – click next
The application is successfully deployed from the KSC console.

The Endpoint on client devices will look like this.

How to Create a Policy in KSC Console

Go to policy tab- new policy

Select the desired policy you want to create

 Click on next

Agree the KSN agreement – click next

Select the group for which one wants to create a policy
Check the option in red and proceed to finish
If you don’t want to inherit the settings from parent group one could uncheck the above
option

How to set Tampered protection on End points (Windows)

General Settings- Interface- under password protection- Settings
Check the enable password protection – select KLAdmin – edit.

Select password to set a password

 Click on apply to add the changes

Note : If one forgets the password, one can change it from here.
How to add an application in Scan exclusion or Trusted application tab
 In Scan exclusion, one could select file or folder option and object hash
option

Add the path to the application exe one want to exclude and check all the
options - click ok
Note: do click on apply to apply the changes
How to enable tampered protection on Network Agent

Select the network Agent policy – right click properties

Settings – check use uninstallation password – click on drop-down& select
editing lock – click on modify and put a strong password – click on apply
Note : If one forgets the password, one can change it from here.

How to change Destination folder of backup task of Administrator server

How to change schedule of a task
Note : The download updates to the admin server repository should be set to
every 8 hours
How to create Default task of Database update & Malware Scan (virus scan)
for windows devices
This task one could set to every 2,4,or6 hours depending on their requirement.
Select the malware scan task then click on next
Click on add – This PC – ok – next
This task should be schedule weekly
How to add license to end devices using the Add key task (if one has not
enabled automatic deployment of License key)
Note : Uncheck the add as reserve key option
Select the run the task option – click on finish
 How to access KSC Web console

Double click on Kaspersky web console option

Click on advanced then proceed
Type the windows login credentials by which you are login on KSC server to
access the web console