Contents
About Kaspersky Thin Client
Kaspersky Thin Client (hereinafter also referred to as "the system") is a cyberimmune operating system for thin clients based on the KasperskyOS operating system. Kaspersky Thin Client is designed to provide users with access to a remote desktop and serves as a substitute for a local workstation. Kaspersky Thin Client version 1.6 can be installed only to a TONK TN1200 thin client.
Core functions of Kaspersky Thin Client:
- Connect to physical and virtual desktops running Microsoft Windows or Linux operating systems via remote desktop protocol (RDP) with user name and password authorization.
- Connect to terminal servers running Microsoft Windows Server operating systems via RDP with user name and password authorization.
- Connect to virtual desktops deployed in Basis.WorkPlace virtual workstation infrastructure with user name and password authorization.
- Transmit the remote desktop screen image to the monitor connected to Kaspersky Thin Client.
- Transmit events from the keyboard and mouse connected to Kaspersky Thin Client to the remote desktop.
- Transmit flash drives, smart cards and USB tokens connected to Kaspersky Thin Client to the remote desktop.
Kaspersky Thin Client is part of the Kaspersky Secure Remote Workspace comprehensive solution. This solution also includes the Kaspersky Security Center Web Console designed for centralized administration and monitoring of thin clients with Kaspersky Thin Client. Management of thin clients through the Kaspersky Security Center Web Console is enabled by the Kaspersky Security Management Suite web plug-in (included in the distribution kit).
Distribution kit
The Kaspersky Thin Client distribution kit includes the following:
- Archive containing the installation image for Kaspersky Thin Client: Kaspersky_Thin_Client_<version number>.tar.gz.
- Text file containing information about third-party code: LegalNotices_en.txt.
- Text files containing a description of the new functionality and known limitations: ReleaseNotes_Kaspersky_Thin_Client_<version number>_RU.txt, ReleaseNotes_Kaspersky_Thin_Client_<version number>_EN.txt.
- Files containing the Kaspersky Thin Client End User License Agreement: eula_ru_ktc_<version number>.txt, eula_en_ktc_<version number>.txt.
The Kaspersky Security Management Suite distribution kit includes the following:
- Archive containing the installation image and web plug-in signature file for the Kaspersky Security Center Web Console: Web_Plugin_Kaspersky_Security_Management_Suite_<plug-in version number>_ru.exe.
- Archive containing the installation image and web plug-in signature file for the Kaspersky Security Center Web Console: Web_Plugin_Kaspersky_Security_Management_Suite_<plug-in version number>_en.exe.
- Text file containing information about third-party code: KSMS_LegalNotices_en.txt.
- Text files containing a description of the new functionality and known limitations: ReleaseNotes_Kaspersky_Thin_Client_<version number>_RU.txt, ReleaseNotes_Kaspersky_Thin_Client_<version number>_EN.txt.
- Files containing the Kaspersky Security Management Suite End User License Agreement: eula_ru_ksms_<version number>.rtf, eula_en_ksms_<version number>.rtf.
Operation of Kaspersky Thin Client
The standard operating scenario for Kaspersky Thin Client (see the figure below) involves the following:
- After Kaspersky Thin Client is installed to the appropriate hardware platform, it receives network settings from a DHCP server, or the administrator manually configures these settings.
- The administrator connects and configures interaction between Kaspersky Thin Client and Kaspersky Security Center.
- Kaspersky Thin Client receives the remote desktop connection settings, updates, trusted certificates, and the date and time with the policy from Kaspersky Security Center.
- The user connects to the remote desktop via RDP or through the Basis.WorkPlace virtualization platform.
- In the Kaspersky Thin Client interface, the user sends audit and event logs to a recipient log server.
- Kaspersky Thin Client uses Kaspersky Security Center to receive software updates from the Kaspersky update server.
Standard operating scenario for Kaspersky Thin Client
Hardware and software requirements
This section describes the hardware and software requirements for Kaspersky Thin Client.
Requirements for monitors connected to Kaspersky Thin Client
Kaspersky Thin Client supports connection of two monitors.
Kaspersky Thin Client supports the following monitor resolutions:
- 1024x768
- 1280x800
- 1280x1024
- 1366x768
- 1440x900
- 1600x900
- 1680x1050
- 1920x1080
- 1920x1200. When connecting a monitor with this resolution, the actual resolution displayed will be no more than 1920x1080.
Kaspersky Thin Client supports the following connection interfaces:
- HDMI
- Display Port
Kaspersky Thin Client supports only True Color monitors.
Requirements for peripheral devices connected to Kaspersky Thin Client
Kaspersky Thin Client supports input from a standard USB keyboard and mouse without multimedia functionality. If necessary, you can connect and/or disconnect a keyboard and/or a mouse through the USB ports while Kaspersky Thin Client is running. You can only switch keyboard layout using the ALT+SHIFT key combination. This key combination cannot be customized.
Requirements for remote desktops
You can connect to physical computers, virtual machines, and terminal servers. Kaspersky Thin Client supports connections to the following operating systems:
- Microsoft Windows 7
- Microsoft Windows 10
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
- Astra Linux Common Edition 2.12.43
- Astra Linux Special Edition 1.7
- ALT Linux 10
- RED OS 7.3
Requirements for Basis.WorkPlace remote desktops
Kaspersky Thin Client supports operation with Basis.WorkPlace virtualization platform version 1.96. Kaspersky Thin Client supports connections via Basis.WorkPlace to the following operating systems:
- Microsoft Windows 10
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
- Astra Linux Common Edition 2.12.43
- Astra Linux Special Edition 1.7
- ALT Linux 10
- RED OS 7.3
Network requirements
The network transmission speed must be at least 50 Mbit/s.
Requirements for Kaspersky Security Center and the Kaspersky Security Center Web Console
The Kaspersky Thin Client system is compatible with Kaspersky Security Center versions 13.2 and 14. System and software requirements for the server where Kaspersky Security Center is deployed, are shown in the Kaspersky Security Center Online Help Guide.
Requirements for event logs servers
The log server that will receive the Kaspersky Thin Client audit and event logs is deployed in your enterprise infrastructure by the customer's experts.
The log server has the following requirements:
- Kaspersky Thin Client connects to the log server over HTTPS (port 443 is used by default).
- Kaspersky Thin Client connects to the log server only based on the security certificate.
- Kaspersky Thin Client receives logs by using the PUT method.