Administration Server Quick Start Wizard

This section provides information about the Administration Server Quick Start Wizard.

About Quick Start Wizard

This section provides information about the Administration Server Quick Start Wizard.

Administration Server Quick Start Wizard allows you to create a minimum of necessary tasks and policies, adjust a minimum of settings, download and install plug-ins for managed Kaspersky applications, and create installation packages of managed Kaspersky applications. When the Wizard is running, you can make the following changes to the application:

• Download and install plug-ins for managed applications. After the Quick Start Wizard has finished, the list of installed management plug-ins is displayed in the Advanced → Details of application management plug-ins installed section of the Administration Server properties window.
• Create installation packages of managed Kaspersky applications. After the Quick Start Wizard has finished, installation packages of Network Agent for Windows and managed Kaspersky applications are displayed in the Administration Server → Advanced → Remote installation → Installation packages list.
• Add key files or enter activation codes that can be automatically distributed to devices within administration groups. After the Quick Start Wizard has finished, information about license keys is displayed in the Administration Server → Kaspersky Licenses list and in the License keys section of the Administration Server properties window.
• Configure interaction with Kaspersky Security Network
  (KSN)

  An infrastructure of cloud services that provides access to the Kaspersky database with constantly updated information about the reputation of files, web resources, and software. Kaspersky Security Network ensures faster responses by Kaspersky applications to threats, improves the performance of some protection components, and reduces the likelihood of false positives.

  .
• Set up email delivery of notifications of events that occur during operation of Administration Server and managed applications (successful notification delivery requires that the Messenger service run on the Administration Server and all recipient devices). After the Quick Start Wizard has finished, the email notifications settings are displayed in the Notification section of the Administration Server properties window.
• Adjust the update settings and vulnerability fix settings for applications installed on devices.
• Create a protection policy for workstations and servers, as well as virus scan tasks, update download tasks, and data backup tasks, for the top level of the hierarchy of managed devices. After the Quick Start Wizard has finished, the created tasks are displayed in the Administration Server → Tasks list, the policies corresponding to the plug-ins for managed applications are displayed in the Administration Server → Policies list.

The Quick Start Wizard creates policies for managed applications, such as Kaspersky Endpoint Security for Windows, unless such policies are already created for the Managed devices group. The Quick Start Wizard creates tasks if tasks with the same names do not exist for the Managed devices group.

In Administration Console, Kaspersky Security Center automatically prompts you to run the Quick Start Wizard after you have started it for the first time. You can also start the Quick Start Wizard manually at any time.

Starting Administration Server Quick Start Wizard

The application automatically prompts you to run the Quick Start Wizard after Administration Server installation, at the first connection to it. You can also start the Quick Start Wizard manually at any time.

To start the Quick Start Wizard manually:

1. In the console tree, select the Administration Server node.
2. In the context menu of the node, select All Tasks → Administration Server Quick Start Wizard.

The Wizard prompts you to perform initial configuration of the Administration Server. Follow the instructions of the Wizard.

If you start the Quick Start Wizard again, tasks and policies created at the previous run of the Wizard cannot be created again.

Step 1. Getting acquainted with Quick Start Wizard

Read information about the actions that Quick Start Wizard performs.

Step 2. Configuring a proxy server

Expand all | Collapse all

Specify the internet access settings for Administration Server. You must configure internet access to use Kaspersky Security Network and to download updates of anti-virus databases for Kaspersky Security Center and managed Kaspersky applications.

Select the Use proxy server option if you want to use a proxy server when connecting to the internet. If this option is selected, the fields are available for entering settings. Specify the following settings for proxy server connection:

• Address

  Address of the proxy server used for Kaspersky Security Center connection to the internet.

• Port number

  Number of the port through which Kaspersky Security Center proxy connection will be established.

• Bypass proxy server for local addresses

  No proxy server will be used to connect to devices in the local network.

• Proxy server authentication

  If this check box is selected, in the entry fields you can specify the credentials for proxy server authentication.

  This entry field is available if the Use proxy server check box is selected.

• User name

  User account under which connection to the proxy server is established (this field is available if the Proxy server authentication check box is selected).

• Password

  Password set by the user under whose account the proxy server connection is established (this field is available if the Proxy server authentication check box is selected).

  To see the entered password, click and hold the Show button for as long as you require.

You can configure internet access later, separately from the quick start wizard.

To specify the internet access settings for Administration Server:

1. In the console tree, select the Administration Server node.
2. In the context menu of the Administration Server, select Properties.
3. In the Administration Server properties window, go to Advanced → Configuring Internet access.
4. Specify the settings for a proxy server connection.

Step 3. Selecting the application activation method

Expand all | Collapse all

Select one of the following Kaspersky Security Center activation options:

• By inserting your activation code

  Activation code is a unique sequence of 20 alphanumeric characters. You enter an activation code to add a key that activates Kaspersky Security Center. You receive the activation code through the email address that you specified after purchasing Kaspersky Security Center.

  To activate the application with an activation code, you need Internet access to establish connection with Kaspersky activation servers.

  If you have selected this activation option, you can enable the Automatically distribute license key to managed devices option.

  If this option is enabled, the license key will be deployed automatically to managed devices.

  If this option is disabled, you can deploy license key to managed devices later, in the Kaspersky Licenses node of the Administration Console tree.

• By specifying a key file

  Key file is a file with the .key extension provided to you by Kaspersky. A key file is intended for adding a key that activates the application.

  You receive your key file through the email address that you specified after purchasing Kaspersky Security Center.

  To activate the application using a key file, you do not have to connect to Kaspersky activation servers.

  If you have selected this activation option, you can enable the Automatically distribute license key to managed devices option.

  If this option is enabled, the license key will be deployed automatically to managed devices.

  If this option is disabled, you can deploy license key to managed devices later, in the Kaspersky Licenses node of the Administration Console tree.

• By postponing the application activation

  The application will operate with basic functionality, without Mobile Device Management and without Vulnerability and Patch Management.

If you choose to postpone application activation, you can add a license key later at any time.

Step 4. Selecting the protection scopes and platforms

Expand all | Collapse all

Select the protection scopes and platforms that are in use on your network. When you select these options, you specify the filters for application management plug-ins and distribution packages on Kaspersky servers that you can download to install on client devices on your network. Select the options:

• Areas

  You can select the following protection areas:

  • Workstations. Select this option if you want to protect workstations in your network. By default, the Workstation option is selected.
  • File Servers and Storage. Select this option if you want to protect file servers in your network.
  • Virtualization. Select this option if you want to protect virtual machines in your network.
  • Embedded Systems. Select this option if you want to protect Windows-based embedded systems, such as Automated Teller Machine (ATM).

• Operating systems

  You can select the following platforms:

  • Microsoft Windows
  • macOS
  • Android
  • Linux
  • Other

  For information about supported operating systems, refer to Hardware and software requirements for Kaspersky Security Center 13.1 Web Console.

You can select the Kaspersky application packages from the list of available packages later, separately from the quick start wizard. To simplify the search for the required packages, you can filter the list of available packages by the following criteria:

• Protection area
• Type of downloaded software (distribution package, utility, plug-in, or web plug-in)
• Version of the Kaspersky application
• Localization language of the Kaspersky application

Step 5. Selecting plug-ins for managed applications

Expand all | Collapse all

Select plug-ins for managed applications to install. A list of plug-ins located on Kaspersky servers is displayed. The list is filtered according to the options selected on the previous step of the Wizard. By default, a full list includes plug-ins of all languages. To display only plug-in of specific language, select the language from Show the Administration Console localization language or drop-down list. The list of plug-ins includes the following columns:

• Application name

  The plug-ins depending of the protection areas and platforms that you have selected on the previous step are selected.

• Application version

  The list includes plug-ins of all the versions placed on Kaspersky servers. By default, the plug-ins of the latest versions are selected.

• Localization language

  By default, the localization language of a plug-in is defined by the Kaspersky Security Center language that you have selected at installation. You can specify other languages in Show the Administration Console localization language or drop-down list.

After the plug-ins are selected, their installation starts automatically in a separate window. To install some plug-ins, you must accept the terms of the EULA. Read the text of EULA, select the I accept the terms of the License Agreement option and click the Install button. If you do not accept the terms of the EULA, the plug-in is not installed.

After the installation completes, close the installation window.

You can also select the management plug-ins later, separately from the Quick Start Wizard.

Step 6. Downloading distribution packages and creating installation packages

Kaspersky Endpoint Security for Windows includes encryption tool for the information stored on client devices. To download a distribution package of Kaspersky Endpoint Security for Windows valid for the needs of your organization, consult the legislation of the country where the client devices of your organization are located. In the Encryption type window, select one of the following encryption types:

• Strong encryption (AES256). This encryption type uses 256-bit key length.
• Lite encryption (AES56). This encryption type uses 56-bit key length.

The Encryption type window is displayed only if you have selected Workstations as a protection area and Microsoft Windows as a platform.

After you have selected an encryption type, a list of distribution packages of both encryption types is displayed. A distribution package with the selected encryption type is selected in the list. The distribution package language corresponds to the Kaspersky Security Center language. If a distribution package of Kaspersky Endpoint Security for Windows for the Kaspersky Security Center language does not exist, the English distribution package is selected.

In the list, you can select distribution package languages by means Show the Administration Console localization language or drop-down list.

Distributives of managed applications may require a specific minimum version of Kaspersky Security Center to be installed.

In the list, you can select distribution packages of any encryption type, different of that you have selected in the Encryption type window. After you have selected a distribution package for Kaspersky Endpoint Security for Windows, downloading of the distribution packages, corresponding to the components and platforms, starts. You can monitor the downloading progress in the Download status column. After the Quick Start Wizard has finished, installation packages of Network Agent for Windows and managed Kaspersky applications are displayed in the Administration Server → Advanced → Remote installation → Installation packages list.

To finish downloading of some distribution packages you must accept EULA. When you click the Accept button, the text of EULA is displayed. To proceed to the next step of the Wizard, you must accept the terms and conditions of the EULA and the terms and conditions of Kaspersky Privacy Policy. Select the options related to the EULA and Kaspersky Privacy Policy, and then click the Accept all button. If you do not accept the terms and conditions, the downloading of the package is canceled.

After you have accepted the terms and conditions of the EULA and the terms and conditions of Kaspersky Privacy Policy, the downloading of the distribution packages continues. When the downloading is finished, the Installation package is created status is displayed. Later, you can use installation packages to deploy Kaspersky applications on client devices.

If you prefer not to run the Wizard, you can create installation packages manually by going to Administration Server → Advanced → Remote installation → Installation packages in the Administration Console tree.

Step 7. Configuring Kaspersky Security Network usage

Expand all | Collapse all

You can obtain access to the reputation databases of Kaspersky Security Network to ensure faster responses by Kaspersky applications to threats, improve the effectiveness of some protection components, and reduce the risk of false positives.

Read the KSN Statement, which is displayed in the window. Specify the settings for relaying information about Kaspersky Security Center operations to the Kaspersky Security Network knowledge base. Select one of the following options:

• I agree to use Kaspersky Security Network

  Kaspersky Security Center and managed applications installed on client devices will automatically transfer their operation details to Kaspersky Security Network. Participation in Kaspersky Security Network ensures faster updates of databases containing information about viruses and other threats, which ensures a faster response to emergent security threats.

• I do not agree to use Kaspersky Security Network

  Kaspersky Security Center and managed applications will provide no information to Kaspersky Security Network.

  If you select this option, the use of Kaspersky Security Network will be disabled.

If you downloaded the Kaspersky Endpoint Security for Windows plug-in, both KSN statements—the KSN Statement for Kaspersky Security Center and the KSN Statement for Kaspersky Endpoint Security for Windows—are displayed. KSN statements for other managed Kaspersky applications whose plug-ins were downloaded are displayed in separate windows and you must accept (or not accept) each of the statements separately.

You can also set up Administration Server access to Kaspersky Security Network (KSN) later in the Administration Server properties window of Administration Console.

Step 8. Configuring email notifications

Expand all | Collapse all

Configure the sending of notifications about events registered during the operation of Kaspersky applications on managed devices. These settings are used as the default settings for Administration Server.

To configure the delivery of notifications about events occurring in Kaspersky applications, use the following settings:

• Recipients (email addresses)

  The email addresses of users to whom the application will send notifications. You can enter one or more addresses; if you enter more than one address, separate them with a semicolon.

• SMTP servers

  The address or addresses of your organization's mail servers.

  If you enter more than one address, separate them with a semicolon. You can use the IP address or the Windows network name (NetBIOS name) of a device as the address.

• SMTP server port

  Communication port number of the SMTP server. If you use several SMTP servers, the connection to them is established through the specified communication port. The default port number is 25.

• Use ESMTP authentication

  Enables support of ESMTP authentication. When the check box is selected, in the User name and Password fields you can specify the ESMTP authentication settings. By default, this check box is cleared.

• Settings

  Specify the following settings:

  • Subject (subject of an email message)
  • Sender email address
  • TLS settings for SMTP server

  You can specify TLS settings for SMTP server:

  You can disable usage of TLS, use TLS if the SMTP server supports this protocol, or you can force usage of TLS only. If you choose to use only TLS, specify a certificate for authentication of the SMTP server and choose whether you want to enable communication through any version of TLS or only through TLS 1.2 or later versions. Also, if you choose to use only TLS, you can specify a certificate for client authentication on the SMTP server.

  • Browse for an SMTP server certificate file:

  You can receive a file with the list of certificates from a trusted certification authority, and then upload the file to Administration Server. Kaspersky Security Center checks whether the certificate of an SMTP server is also signed by a trusted certification authority. Kaspersky Security Center cannot connect to an SMTP server if the certificate of the SMTP server is not received from a trusted certification authority.

  • Browse for a client certificate file:

  You can use a certificate that you received from any source, for example, from any trusted certification authority. You must specify the certificate and its private key by using one of the following certificate types:

  • X-509 certificate:

  Specify the file with the certificate and the file with the private key. You can upload these files in any order. When both files are uploaded, specify the password to decrypt the private key. The password can have an empty value if the private key is not encrypted.

  • pkcs12 container:

  You must upload a single file that contains the certificate and its private key. When the file is loaded, then you must specify the password for decoding the private key. The password can have an empty value if the private key is not encoded.

You can test the new email notification settings by clicking the Send test message button.

You can also configure event notifications later, separately from the Quick Start Wizard.

Step 9. Configuring update management

Expand all | Collapse all

Configure the settings for managing updates of applications installed on client devices.

You can configure these settings only if you have provided a license key with the Vulnerabilities and Patch management option.

In the Search for updates and install them group of settings, you can select a mode of Kaspersky Security Center update search and installation:

• Search for required updates

  The Find vulnerabilities and required updates task is created.

  This option is selected by default.

• Find and install required updates

  The Find vulnerabilities and required updates and Install required updates and fix vulnerabilities tasks are created automatically, if you do not have ones.

In the Windows Server Update Services group of settings, you can select the update synchronization method:

• Use update sources defined in the domain policy

  Client devices will download Windows Update updates according to your domain policy settings. Network Agent policy is created automatically, if you do not have one.

• Use Administration Server as a WSUS server

  Client devices will download Windows Update updates from the Administration Server. The Perform Windows Update synchronization task and Network Agent policy are created automatically, if you do not have ones.

If you prefer not to run the Quick Start Wizard, create the Find vulnerabilities and required updates and Install required updates and fix vulnerabilities tasks later. To use Administration Server as the WSUS server, create the Perform Windows Update synchronization task, and then select the Use Administration Server as a WSUS server option in the Network Agent policy.

Page top

Step 10. Creating an initial protection configuration

The Configure initial protection window displays a list of policies and tasks that are created automatically. The following policies and tasks are created:

• Kaspersky Security Center Network Agent policy
• Policies for managed Kaspersky applications
• Administration Server maintenance task
• Backup of Administration Server data task
• Download updates to the Administration Server repository task
• Find vulnerabilities and required updates task
• Install update task

Wait for the creation of policies and tasks to complete before proceeding to the next step of the Wizard.

If you have downloaded and installed the plug-in for Kaspersky Endpoint Security for Windows 10 Service Pack 1 and later till the 11.0.1, during the creation of policies and tasks, a window opens for initial configuration of the trusted zone of Kaspersky Endpoint Security for Windows. The application will prompt you to add vendors verified by Kaspersky to the trusted zone for the purposes of excluding their applications from scans to prevent them from being accidentally blocked. You can create recommended exclusions now or create a list of exclusions later by selecting the following in the console tree: Policies → Kaspersky Endpoint Security properties menu → Advanced Threat Protection → Trusted zone → Settings → Add. The list of scan exclusions is available for editing at any time when using the application.

Operations on the trusted zone are performed by using tools integrated into Kaspersky Endpoint Security for Windows. For detailed instructions on how to perform operations and a description of encryption features please refer to Kaspersky Endpoint Security for Windows Online Help.

To finish initial configuration of the trusted zone and return to the Wizard, click OK.

Click Next. This button becomes available after all necessary policies and tasks have been created.

You can also create the required tasks and policies later, separately from the Quick Start Wizard.

Step 11. Connecting mobile devices

Expand all | Collapse all

If you previously enabled the Mobile devices protection area in the Wizard settings, specify the settings for connecting the enterprise mobile devices of the managed organization. If you did not enable Mobile devices protection area, this step is skipped.

At this step of the Wizard, do the following:

• Configure ports for connection of mobile devices
• Configure Administration Server authentication
• Create or manage certificates
• Set up issuance, automatic updating, and encryption of general-type certificates
• Create a moving rule for mobile devices

To set up the ports for connection of mobile devices:

1. Click the Configure button to the right of the Mobile device connection field.
2. In the drop-down list, select Configure ports.

   The Administration Server properties window opens, displaying the Additional ports section.

3. In the Additional ports section, you can specify the mobile device connection settings:
   • SSL port for the activation proxy server

     The number of an SSL port for connection of Kaspersky Endpoint Security for Windows to activation servers of Kaspersky.

     The default port number is 17000.

   • Open port for mobile devices

     A port opens for mobile devices to connect to the Licensing Server. You can define the port number and other settings in the fields below.

     By default, this option is enabled.

   • Port for mobile device synchronization

     Number of the port through which mobile devices connect to the Administration Server and exchange data with it. The default port number is 13292.

     You can assign a different port if port 13292 is being used for other purposes.

   • Port for mobile device activation

     The port for connection of Kaspersky Endpoint Security for Android to activation servers of Kaspersky.

     The default port number is 17100.

   • Open port for UEFI protection devices and KasperskyOS devices

     UEFI protection devices can connect to the Administration Server.

   • Port for UEFI protection devices and KasperskyOS devices

     You can change the port number if the Open port for UEFI protection devices and KasperskyOS devices option is enabled. The default port number is 13294.

4. Click OK to save changes and return to the Quick Start Wizard.

You will have to configure authentication of the Administration Server by mobile devices and authentication of mobile devices by the Administration Server. If you want, you can configure authentication later, separately from the Quick Start Wizard.

To configure Administration Server authentication by mobile devices:

1. Click the Configure button to the right of the Mobile device connection field.
2. In the drop-down list, select Configure authentication.

   The Administration Server properties window opens, displaying the Certificates section.

3. Select the authentication option for mobile devices in the Administration Server authentication by mobile devices group of settings, and select the authentication option for UEFI protection devices in the Administration Server authentication by UEFI protection devices group of settings.

   When Administration Server exchanges data with client devices, it is authenticated through the use of a certificate.

   By default, Administration Server uses the certificate that was created during Administration Server installation. If you want, you can add a new certificate.

To add a new certificate (optional):

1. Select Other certificate.

   The Browse button appears.

2. Click the Browse button.
3. In the window that opens, specify the certificate settings:
   • Certificate type

     In the drop-down list, you can select a certificate type:

     • X.509 certificate. If this option is selected, you should specify the private key of a certificate and an open certificate:
       • Private key (.prk, .pem). In this field, click the Browse button to specify the private key of a certificate in PKCS #8 (*.prk) format.
       • Public key (.cer). In this field, click the Browse button to specify a public key in PEM (*.cer) format.
     • PKCS #12 container. If you select this option, you can specify a certificate file in P12 or PFX format by clicking the Browse button and filling in the Certificate file field.
   • Activation time:
     • Immediately

       The current certificate will be immediately replaced with the new one after you click OK.

       Previously connected mobile devices will not be able to connect to Administration Server.

     • After this period expires, days

       If you select this option, a reserve certificate will be generated. The current certificate will be replaced with the new one in the specified number of days. The effective date of the reserve certificate is displayed in the Certificates section.

       It is recommended that you plan the reissue in advance. The reserve certificate must be downloaded to the mobile devices before the specified period expires. After the current certificate is replaced with the new one, previously connected mobile devices that do not have the reserve certificate will not be able to connect to Administration Server.

4. Click the Properties button to view the settings of the selected Administration Server certificate.

To reissue a certificate issued through Administration Server:

1. Select Certificate issued through Administration Server.
2. Click the Reissue button.
3. In the window that opens, specify the following settings:
   • Connection address:
     • Use old connection address

       The address of the Administration Server to which mobile devices connect remains unchanged.

       This option is selected by default.

     • Change connection address to

       If you want mobile devices to connect to a different address, specify the relevant address in this field.

       If the address for mobile device connection has changed, a new certificate must be issued. The old certificate becomes invalid on all mobile devices connected. Previously connected devices will not be able to connect to Administration Server so they will become unmanaged.

   • Activation time:
     • Immediately

       The current certificate will be immediately replaced with the new one after you click OK.

       Previously connected mobile devices will not be able to connect to Administration Server.

     • After this period expires, days

       If you select this option, a reserve certificate will be generated. The current certificate will be replaced with the new one in the specified number of days. The effective date of the reserve certificate is displayed in the Certificates section.

       It is recommended that you plan the reissue in advance. The reserve certificate must be downloaded to the mobile devices before the specified period expires. After the current certificate is replaced with the new one, previously connected mobile devices that do not have the reserve certificate will not be able to connect to Administration Server.

4. Click OK to save changes and return to the Certificates window.
5. Click OK to save changes and return to the Quick Start Wizard.

To set up issuance, automatic updating, and encryption of general-type certificates for identification of mobile devices by Administration Server:

1. Click the Configure button on the right of the Mobile device authentication field.

   The Certificate issuance rules window opens, displaying the Issuance of mobile certificates section.

2. If necessary, specify the following settings in the Issuance settings section:
   • Certificate lifetime, days

     Certificate lifetime period in days. The default lifetime of a certificate is 365 days. When this period expires, the mobile device will not be able to connect to the Administration Server.

   • Certificate source

     Select the source of general-type certificates for mobile devices: certificates are issued by Administration Server, or they are specified manually.

     You can modify the certificate templates if integration with the public key infrastructure (PKI) has been configured in the Integration with PKI section. In this case, the following template selection fields are available:

   • Default template

     Use a certificate issued by an external certificate source – Certification Center – under the default template.

     By default, this option is selected.

   • Other template

     Select a template used to issue certificates. You can specify certificate templates in the domain. The Refresh list button updates the list of certificate templates.

3. If necessary, specify the following settings for automatic issuance of certificates in the Automatic Updates settings section:
   • Renew when certificate is to expire in (days)

     The number of days remaining until the current certificate's expiration during which Administration Server should issue a new certificate. For example, if the value of the field is 4, Administration Server issues a new certificate four days before the current certificate expires. The default value is 7.

   • Reissue certificate automatically if possible

     Select this option to reissue a certificate automatically for the number of days specified in the Renew when certificate is to expire in (days) field. If a certificate was manually defined, it cannot be automatically renewed, and the enabled option will not work.

     By default, this option is disabled.

   Certificates are automatically reissued by a Certification Authority.

4. If necessary, in the Password protection settings section, specify the settings for decrypting certificates during installation.

   Select the Prompt for password during certificate installation option to prompt the user for password when the certificate is installed on a mobile device. The password is used only once—during installation of the certificate on the mobile device.

   The password will be automatically generated by Administration Server and sent to the email address that you specified. You can specify the user's email address, or your own email address if you want to use another method to forward the password to the user.

   You can use the slider to specify the number of characters in the certificate decryption password.

   The password prompting option is required, for example, to protect a shared certificate in a stand-alone Kaspersky Endpoint Security for Android installation package. Password protection will prevent an intruder from obtaining access to the shared certificate through theft of the stand-alone installation package from Kaspersky Security Center Web Server.

   If this option is disabled, the certificate is automatically decrypted during installation and the user will not be prompted for a password. By default, this option is disabled.

5. Click OK to save changes and return to the Quick Start Wizard window.

   Click the Cancel button to return to the Quick Start Wizard without saving any changes made.

To enable the function for moving mobile devices to an administration group that you choose,

In the Automatic moving of mobile devices field, select the Create a moving rule for mobile devices option.

If the Create a moving rule for mobile devices option is selected, the application automatically creates a moving rule that moves devices running Android and iOS to the Managed devices group:

• With Android operating systems on which a Kaspersky Endpoint Security for Android and a mobile certificate are installed
• With iOS operating systems on which the iOS MDM profile with a shared certificate is installed

If such a rule already exists, the application does not create it again.

By default, this option is disabled.

Kaspersky no longer supports Kaspersky Safe Browser.

Step 12. Downloading updates

Updates for anti-virus databases for Kaspersky Security Center and managed Kaspersky applications are downloaded automatically. The updates are downloaded from Kaspersky servers.

To download updates separately from the Quick Start Wizard, create and configure the Download updates to the repository of the Administration Server task.

Page top

Step 13. Device discovery

The Network poll window displays information about the status of network polling performed by the Administration Server.

You can view network devices detected by Administration Server and receive help on working with the Device discovery window by clicking the links in the lower part of the window.

You can poll your network later. If you prefer not to run the Quick Start Wizard, use Administration Console to configure the polling of Windows domains, Active Directory, and IP ranges by the distribution point.

Step 14. Closing the Quick Start Wizard

In the Quick Start Wizard completion window, select the Run the Remote Installation Wizard option if you want to start automatic installation of anti-virus applications and/or Network Agent on devices on your network.

To complete the Wizard, click the Finish button.