Using Kaspersky Security Network

To increase the protection of devices and user data, Kaspersky Embedded Systems Security can use Kaspersky's cloud-based knowledge base Kaspersky Security Network (KSN) to check the reputation of files, Internet resources, and software. The use of Kaspersky Security Network data ensures a faster response to various threats, high protection component performance, and fewer false positives.

Kaspersky Embedded Systems Security supports the following infrastructure solutions to work with Kaspersky's reputation databases:

• Kaspersky Security Network (KSN) – A solution that receives information from Kaspersky and sends data about objects detected on user devices to Kaspersky for additional verification by Kaspersky analysts and to add to reputation and statistical databases.
• Kaspersky Private Security Network (KPSN) – A solution that allows users of devices with Kaspersky Embedded Systems Security installed to access the reputation databases of Kaspersky, as well as other statistical data, without sending data to Kaspersky from their devices. KPSN is designed for corporate clients who can't use Kaspersky Security Network, for example, for the following reasons:
  • No connection of local workplaces to the Internet
  • Legal prohibition or corporate security restrictions on sending any data outside the country or the organization's local network

After changing the Kaspersky Embedded Systems Security license, submit the details of the new key to the service provider in order to be able to use KPSN. Otherwise, an authentication error will prevent data exchange with KPSN.

Use of Kaspersky Security Network is voluntary. Kaspersky Embedded Systems Security suggests using KSN during installation. You can start or stop using KSN at any time.

There are two options for using KSN:

• Kaspersky Security Network with statistics sharing (extended KSN mode) – you can receive information from the Kaspersky knowledge base, while Kaspersky Embedded Systems Security automatically sends statistical information to KSN obtained during its operation. The application can also send to Kaspersky for additional scanning certain files (or parts of files) that intruders can use to harm the device or data.
• Kaspersky Security Network without statistics sharing – you can receive information from the Kaspersky knowledge base, while Kaspersky Embedded Systems Security does not send anonymous statistics and data about the types and sources of threats.

No personal data is collected, processed, or stored. Detailed information about the storage, and destruction, and/or submission to Kaspersky of statistical information generated during participation in KSN is available in the Kaspersky Security Network Statement and on Kaspersky's website. The file with the text of the Kaspersky Security Network Statement is included in the application distribution kit.

User computers managed by Kaspersky Security Center Administration Server interact with KSN via the KSN Proxy service.

The KSN Proxy Server service provides the following features:

• The user's device can query KSN and submit information to KSN, even without direct access to the Internet.
• The KSN proxy server caches processed data, thereby reducing the load on the external network connection and speeding up receipt of the information that is requested by the user's device.

For details about the KSN proxy server service refer to the Kaspersky Security Center Help section. KSN proxy server settings can be configured in the Kaspersky Security Center Administration Server properties.

Enabling and disabling Kaspersky Security Network usage from the command line

To enable use of Kaspersky Security Network, execute one the following commands:

• To enable the use of Kaspersky Security Network with statistics (extended KSN mode), run the following command:

  kess-control --set-app-settings UseKSN=Extended --accept-ksn

• To enable use of Kaspersky Security Network without sending statistics,

  kess-control --set-app-settings UseKSN=Basic --accept-ksn

To disable use of Kaspersky Security Network, execute the following command:

kess-control --set-app-settings UseKSN=No

To enable or disable use of Kaspersky Security Network with a configuration file, execute the following command:

kess-control --set-app-settings --file <configuration file name> [--accept-ksn]

To enable the use of Kaspersky Security Network with a configuration file, run the following command: kess-control --set-app-settings --file <configuration file name> with the --accept-ksn flag.

If Kaspersky Embedded Systems Security installed on a client device runs under a policy that was assigned in Kaspersky Security Center, the value of the UseKSN setting can only be modified by using Kaspersky Security Center. When Kaspersky Embedded Systems Security installed on a client device stops running under a policy, the following value is assigned to the setting: UseKSN=No.

The file ksn_license.<language ID> containing the text of the Kaspersky Security Network Statement is located in the directory /opt/kaspersky/kess/doc/.

Checking the connection to Kaspersky Security Network using the command line

To check the connection to Kaspersky Security Network, run the following command:

kess-control --app-info

The Kaspersky Security Network Status line shows the connection status to Kaspersky Security Network:

• If the With statistics sharing (extended KSN mode) status is displayed, Kaspersky Embedded Systems Security is used on Kaspersky Security Network, information from the knowledge base can be obtained, and anonymous statistics and information about the types and sources of threats is sent.
• If the Without statistics sharing status is displayed, Kaspersky Embedded Systems Security uses Kaspersky Security Network and information from the knowledge base can be obtained, but anonymous statistics and information about the types and sources of threats is not sent.
• If the No status is displayed, Kaspersky Embedded Systems Security does not use Kaspersky Security Network.

A connection to Kaspersky Security Network may be absent for the following reasons:

• The user device is not connected to the internet.
• The use of Kaspersky Security Network is disabled.
• The application has not been activated or the license has expired.
• Problems related to the license key are detected. For example, the key is in the denylist.