Updating application databases and modules

Updating the databases and application modules of Kaspersky Embedded Systems Security ensures up-to-date protection on your device. New viruses, malware, and other types of threats appear worldwide on a daily basis. Kaspersky Embedded Systems Security databases contain information about threats and ways of neutralizing them. To detect threats quickly, you are urged to regularly update the application databases and modules.

The following objects are updated on users' devices:

• Application databases. Application databases include databases of malware signatures, a description of network attacks, databases of malicious and phishing web addresses, databases of banners, spam databases, and other data.
• Application modules. Module updates are intended to eliminate vulnerabilities in the application and to improve methods of protecting devices. Module updates may change the behavior of application components and add new capabilities.

Kaspersky Embedded Systems Security supports the following scenarios for updating databases and application modules:

• Update from Kaspersky servers. Kaspersky update servers are located in different countries around the world, which ensures a high reliability of updates. If an update cannot be performed from one server, Kaspersky Embedded Systems Security switches over to the next server.
• Centralized update Centralized update reduces external Internet traffic, and provides for convenient monitoring of the update.

  Centralized update consists of the following steps:

  1. Download the update package to a repository within the organization's network.

     The update package is downloaded to the repository by the Download updates to Administration Server repository task of the Administration Server.

  2. Distribute the update package to client devices

     The update package is distributed to the client devices by the Update task of Kaspersky Embedded Systems Security. You can create an unlimited number of update tasks for each administration group.

By default, the list of update sources contains Kaspersky update servers and the Kaspersky Security Center Administration Server. You can add other update sources to the list. You can specify FTP-, HTTP-, or HTTPS servers as update sources. If an update cannot be performed from an update source, Kaspersky Embedded Systems Security switches to the next update source.

Updates are downloaded from Kaspersky update servers or from other FTP, HTTP, or HTTPS servers over standard network protocols. If connection to a proxy server is required to access the update sources, specify the proxy server settings in the Kaspersky Embedded Systems Security policy settings.

Updating from the Administration Server repository

To save Internet traffic, you can configure updates of application databases and modules on devices on the organization's LAN from a server repository. To do this, in Kaspersky Security Center you need to configure downloading the update package from Kaspersky update servers in the Administration Server repository. Other devices on the organization's LAN will be able to receive the update package from the server repository.

Configuring application database and module updates from the server repository consists of the following steps:

1. Download application databases and modules to the Administration Server repository using the Download updates to the Administration Server repository task of Kaspersky Security Center.
2. Configure updates of application databases and modules from the Administration Server repository on the remaining hosts using the Update task.

To configure updates of application databases and modules from the Administration Server repository:

1. Open the Administration Console of Kaspersky Security Center.
2. In the Administration Console tree, select the Tasks folder.

   The list of tasks is displayed in the right part of the window.

3. In the list of tasks, select the Update task for Kaspersky Embedded Systems Security and double-click to open the task properties window.

   The Update task is created automatically by the Initial Setup Wizard.

4. In the task properties window, select the Update sources section in the list on the left.

   The task settings are displayed in the right part of the window.

5. In the Database update source section, select the Kaspersky Security Center Administration Server option.
6. Select the Use Kaspersky update servers if other update sources are not available check box if you want to the Update task to use Kaspersky update servers if the Administration Server repository is unavailable.
7. Click Apply.

Updating using Kaspersky Update Utility

To reduce Internet traffic, you can configure updates of application databases and modules on devices of the organization's LAN from a shared directory by using the Kaspersky Update Utility. For this purpose, one of the devices in the organization LAN must receive update packages from the Kaspersky Security Center Administration Server or from Kaspersky update servers and copy the received update packages to the shared directory by using the utility. Other devices on the organization's LAN will be able to receive the update package from this shared directory.

Configuring application database and module updates from a shared directory consists of the following steps:

1. Install Kaspersky Update Utility on one of the devices of the organization's LAN.
2. Configure copying of the update package to the shared directory in the Kaspersky Update Utility settings.
3. Configure application database and module updates from the specified shared directory to the remaining devices on the organization's LAN.

You can download the Kaspersky Update Utility distribution kit from the Kaspersky Technical Support website. After installing the utility, select the update source (for example, the Administration Server repository) and the shared directory to which the Kaspersky Update Utility will copy update packages. For detailed information about using Kaspersky Update Utility, refer to the Kaspersky Knowledge Base.

To configure updates from a shared directory:

1. Open the Administration Console of Kaspersky Security Center.
2. In the Administration Console tree, select the Tasks folder.

   The list of tasks is displayed in the right part of the window.

3. In the list of tasks, select the Update task for Kaspersky Embedded Systems Security and double-click to open the task properties window.

   The Update task is created automatically by the Initial Setup Wizard.

4. In the task properties window, select the Update sources section.

   The task settings are displayed in the right part of the window.

5. In the Database updates source section, select the Other sources on the local or global network option.
6. In the table of update sources, click the Add button.
7. In the Update source field, specify the path to the shared directory.

   The source address must match the address indicated in the Kaspersky Update Utility settings.

8. Select the Use this source check box and click OK.
9. In the table, set the order of the update sources using the Up and Down buttons.
10. Click Apply.

Using a proxy server for updates

You may be required to specify proxy server settings to download database and application module updates from the update source. If there are multiple update sources, proxy server settings are applied for all sources. If a proxy server is not needed for some update sources, you can disable the use of a proxy server in Kaspersky Embedded Systems Security policy settings. The application will also use a proxy server to access Kaspersky Security Network and activation servers.

To enable use of a proxy server for a specific administration group:

1. Open the Administration Console of Kaspersky Security Center.
2. In the Managed devices folder, open the folder with the name of the desired administration group on devices on which you want to disable use of a proxy server.
3. In the workspace, select the Policies tab.
4. Select the required policy and in the context menu of the policy, select Properties.

   The Properties: <Policy name> window will open.

5. Select the General settings → Proxy server settings section.
6. In the Proxy server settings section, select the Use specified proxy server settings and specify the required proxy server settings.
7. Click OK.