NAVIGATION Setup > Integrations > Kaspersky Endpoint Security
IMPORTANT The Kaspersky Endpoint Security Integration is no longer available for new implementations. This document applies only to partners who are already using the integration. Please note that if the Kaspersky Endpoint Security component is deleted from your Component Library, you will not be able to download it from the ComStore again.
About Kaspersky Endpoint Security
Kaspersky Lab provides IT security solutions and services, such as antivirus, anti-malware, and firewall applications to protect businesses, critical infrastructure, governments, and consumers around the globe. The company's portfolio includes endpoint protection and a number of security solutions to fight online threats.
The Kaspersky Endpoint Security (KES) Integration allows you to manage and administer your KES antivirus solution from within the Datto RMM Web Portal. With the integration enabled and a KES Security Management policy configured, you can perform the following:
- Deploy KES to Windows and macOS devices (refer to Supported versions for further information)
- Keep track of KES licenses and configuration files from within Datto RMM
- Uninstall incompatible antivirus solutions or KES from your endpoints
- Monitor your endpoints to be alerted as per the criteria configured in the KES Security Management monitor details
- Report on the current status of KES throughout your device estate
IMPORTANT You no longer need to specify a Configuration File Password when adding your KES configuration file on the KES Integration page. The password is now used during the installation process and needs to be specified in the KES Security Management policy. For further information, refer to Add your KES agent configuration file and Create a Security Management policy.
- You must be an Administrator in Datto RMM to set up the KES Integration.
- You must have a valid KES license key.
NOTE In order to deploy KES to macOS devices, you need to upload the license key file supplied by Kaspersky when setting up the integration.
For a full list of supported Windows operating systems, as well as general, hardware, and software requirements for KES 10, refer to the following Kaspersky support article: Kaspersky Endpoint Security 10 for Windows (for workstations).
For a full list of supported Mac operating systems, as well as requirements for KES 10, refer to the following Kaspersky support article: Kaspersky Endpoint Security 10 for Mac.
A number of antivirus products are incompatible with KES and can be removed when KES is installed if the corresponding install option is selected in the KES Security Management policy. Refer to Create a Security Management policy.
For a full list of incompatible products, refer to the following Kaspersky support articles:
- Navigate to Setup > Integrations > Kaspersky Endpoint Security.
Complete the following fields:
|Name||Enter a name for the license key.|
|Description||Enter a description.|
|Security Type||Use the radio button to select:
• Upload Key File: This will allow you to upload the key file provided by Kaspersky. Uploading the key file is mandatory for deploying KES to macOS devices.
• Key: This will allow you to continue without uploading the key file provided by Kaspersky.
NOTE To minimize potential errors, we recommend that you upload the .key file supplied by Kaspersky.
|Key||Enter your Kaspersky key.|
|Upload Key File||If you selected Upload Key File under Security Type, click the Choose file button to upload the key file provided by Kaspersky. Uploading the key file is mandatory for deploying KES to macOS devices.|
|Expiration Date||Enter the expiration date of your Kaspersky key.|
|Number of Endpoints||Enter the number of endpoints secured by this key. The maximum number of endpoints allowed is 20,000.|
IMPORTANT Datto RMM does not currently get expiry and endpoint information from Kaspersky. Please provide accurate information, or the integration will stop working without warning.
- Click Add.
NOTE The Number of Devices column displays the number of devices targeted by a KES Security Management policy. Once a device is added to the policy or removed from it (by being removed from the target of the policy or by getting excluded from the policy associations), the device count will increase or decrease accordingly.
The KES configuration file is a .cfg file that contains settings for all the installed components of KES (e.g. scan settings, whitelisting, exclusions, etc.). You can either add your own configuration file or use the Default Mac Configuration File and Default Windows Configuration File provided on the integration page.
NOTE If you choose to use any of the default configuration files, you still need to download a copy and upload it to your account using the Add new configuration file... button.
- To start with any of the default configuration files, locate the Configuration Files section and click the green Download arrow on the right of a configuration file to save it to your computer. Then click Add new configuration file....
- Complete the following fields:
|Operating System||Select the operating system of the endpoint device the Kaspersky agent will be monitoring.|
|Name||Enter a name for the configuration file.|
|Description||Enter a description for the configuration file.|
|Configuration File||To upload either your own configuration file or any of the default configuration files downloaded in step 1, click the green Upload the Configuration File arrow.|
- You can add as many configuration files as you wish.
NOTE The configuration file currently used in a KES policy will display the This Configuration File is in use icon under the In Use column.
To edit the uploaded configuration files, click the pencil icon. Make the changes in the Edit Configuration File window and click Save.
NOTE Each time you modify a configuration file, its version number under the Version column will increase by one.
NOTE Each time you modify a configuration file, the Force all associated policy updates icon will become activated next to it. Clicking on the icon will push any change made to the configuration file to all the devices that are currently using it, and the devices will apply the changes accordingly.
- To delete a configuration file, click the Remove this Configuration File button at the end of the row.
NOTE You cannot delete or modify the default Windows and Mac Configuration File.
IMPORTANT Prior to KES version 10.2.4.674 (Windows) and KES version 10.0.0.327b (macOS), you had to specify a password when adding a configuration file on the KES Integration page. The password has now been moved from the configuration file and is used during the installation process. All previous configuration file passwords have been migrated to already existing policies. For further information, refer to Configure the Security Management Install Options.
You have now successfully completed the setup of the Kaspersky Endpoint Security Integration. Follow the steps below to deploy the Kaspersky agent to your endpoints and enable monitoring.
Now that you have set up the integration with your license files(s) and configuration file(s), you can use the power of Datto RMM to push out the Kaspersky Endpoint Security agent.
Set up a Security Management policy to push out KES to your devices and to raise alerts and tickets as per the criteria you set in the monitor details. You can create the policy at either account or site level. For further information, refer to Create a Security Management policy.
When the Kaspersky Endpoint Security component is downloaded from the ComStore, the KES Run Security Management Command button is available in the Action bar on the Devices page in each Managed site. Selecting a device and clicking this button will allow you to run a security command on your device.
- Navigate to Sites and open a managed site associated with a KES Security Management policy. To learn about KES policies, refer to Create a Security Management policy.
- Click the Devices tab.
- Select one or more of your devices targeted by the Security Management policy, and click the KES Run Security Management Command button in the action bar.
- The following commands will become available:
NOTE The selected device needs to be targeted by a KES Security Management policy so that you can run a Security Management command on it.
|Activate Security Management||Re-activates the site's KES Security Management policy on the selected device(s) either by including the device(s) in the policy target again or by re-activating a disabled policy.
NOTE This action will only take place if the selected device has previously been targeted by a KES policy.
|Deactivate Security Management||Excludes the selected device(s) from the site's KES Security Management policy.|
|Reset Security Status KES||Resets the Security Management status on the device and triggers a deployment of KES if it's not installed on it.
EXAMPLE For example, if the installation of KES had been unsuccessful on your device through a KES policy, but you managed to solve the issue on your device in the meantime, running this command will attempt to install KES on your device again.
- Once you have selected a command, click OK and the requested action will be performed.
To be able to uninstall KES from your endpoints, you must ensure the Kaspersky Endpoint Security Integration is enabled and set up for your account, and your endpoints are targeted with a KES Security Management policy. To uninstall KES from these devices, follow these steps:
- Log into your Datto RMM account and navigate to the account or site policy that targets the devices you want to uninstall KES from.
- Remove the required devices from the list of target devices.
- Make sure that the Uninstall KES from the devices that are removed from the list of target devices option is selected in the Security Management Install Options section.
Click Save and Push Changes.
If you click Save Only, you'll be directed to your list of policies where you can click Push changes... next to the policy in question.
NOTE If Allow force reboot is checked in the Security Management Install Options, the device will automatically reboot after KES has been uninstalled.
Click Download KES Installation CSV Report on the KES Integration page to have a quick overview of the number of KES installations in each site of your Datto RMM account.
To learn how to see information and statistics about your devices with the KES agent installed, refer to Security Management.
You can report on the latest value and status of your KES Security Management monitor by scheduling a Device Monitor Status report.
You can also create a custom filter to search for devices with a specific Security Management status. Refer to Filters.