Jump to content
bunger

Upgrade from 10.2.434 to 10.3.407.0 - any gotchas? [In progress]

Recommended Posts

We are running KSC and KES all on the same versions - 10.2.434.

 

I am considering upgrading everything to the latest: Kaspersky Security Center 10 Service Pack 2 (version 10.3.407.0): build with integrated patch A

 

I've read the related documents and it seems pretty straight-forward: update KSC and then push out the updated agents/clients. Is it that straight-forward?

 

I remember reading previous version upgraded required the removal of Kaspersky encryption before upgrading, but am not seeing that requirement for this version?

 

thanks in advance!

Share this post


Link to post
We are running KSC and KES all on the same versions - 10.2.434.

 

I am considering upgrading everything to the latest: Kaspersky Security Center 10 Service Pack 2 (version 10.3.407.0): build with integrated patch A

 

I've read the related documents and it seems pretty straight-forward: update KSC and then push out the updated agents/clients. Is it that straight-forward?

 

I remember reading previous version upgraded required the removal of Kaspersky encryption before upgrading, but am not seeing that requirement for this version?

 

thanks in advance!

 

Hello.

 

Decryption is required on KES upgrade, when the AES module version changes. This is not relevant when you plan to keep using the same version of KES.

Here is a thing to note: http://support.kaspersky.com/13049

In some other cases, after the upgrade to SP2, KSC takes some tome to rebuild its database; events will be different. Depending on the database size, this might take from several minutes to an hour, after which the service starts normally.

 

Thank you.

Share this post


Link to post
Decryption is required on KES upgrade, when the AES module version changes. This is not relevant when you plan to keep using the same version of KES.

 

Is AES module version changing in this upgrade? In other words, I have a handful of laptops deployed with full disk encryption and am wondering whether they would need to be decrypted prior to pushing out this upgrade.

Share this post


Link to post
Is AES module version changing in this upgrade? In other words, I have a handful of laptops deployed with full disk encryption and am wondering whether they would need to be decrypted prior to pushing out this upgrade.

 

AES module comes with KES, not KSC.

This is not relevant when you plan to keep using the same version of KES.

If you are planning to upgrade KES from version lower than SP1 MR2, you need to decrypt hosts beforehand.

 

Thank you.

Share this post


Link to post
AES module comes with KES, not KSC.

 

If you are planning to upgrade KES from version lower than SP1 MR2, you need to decrypt hosts beforehand.

 

Thank you.

 

All KES installations are KES 10 Service Pack 1 MR 2, so no need to decrypt. Correct?

Share this post


Link to post
All KES installations are KES 10 Service Pack 1 MR 2, so no need to decrypt. Correct?

 

KES10SP1MR3 uses AES 1.1.0.73, same as MR2. In this case decryption is not necessary.

 

Thank you.

Share this post


Link to post
KES10SP1MR3 uses AES 1.1.0.73, same as MR2. In this case decryption is not necessary.

 

Thank you.

 

Thank you!

Share this post


Link to post

Hello.

I have a similar case, I need to upgrade from KSC 10.2.434 to KSC 10.4.343. Also some laptops have full disk encryption enabled, with KES 10 SP1 MR2, My questions are:

1. Is there a problem or additional consideration to take care, that is not mentioned before in this post?

2. Now, in Server where Kaspersky Administrator Server is installed, is it not necessary to install aes encryption module? Since what version this is not necessary? For example in KSC 10.2.434 it was neccesary.

3. With network agents upgrade task to 10.4.343 in all administrated clients, is there any special consideration? As far as I know, just need to reinstall them from KSC

4. After upgrading to KSC 10.4.343, maybe I'll upgrade clients to KES 10 SP1 MR4, according to this, AES encryption module is the same (1.1.0.73) as in KES 10 SP1 MR2 or MR3, so it's not neccesary to decrypt hard drives before upgrade to KES 10 SP1 MR4, correct?

 

Thank you.

 

Share this post


Link to post

Hi,

From the KES SP2 version AES module is integrated in main package. Only re-installation of nagents and policies convertation is needed. In your scenario it's not neccesary to decrypt hard drives before upgrade.

Thank you!

Share this post


Link to post

Hi,

Thank you for the info it's very helpfull, but what about question 2, if I'm thinking to upgrade to KES 10 SP1 MR4 (this way there is no need to convert policies and tasks from KES 10 SP1 MR2), It's not neccesary to have AES Module installed in server where KSC 10.4.343 is going to be running. Before It was a requirement (KSC 10.2.434, and previus versions and KES 10 MR1 ), now It is not? and if it is not needed could you tell me the reason?

Thank you.

Share this post


Link to post
hace 1 hora, Nikolay Arinchev dijo:

Hi,

Since AES module is a part of KES there is no need to install it at a host whrer KSC is running.

Hello,

Ok, but KES 10 SP1 MR4 (and SP1 MR2), still use AES encryption module (1.1.0.73), that's why I still have the same doubt, could you confirm if in this scenario, AES module is not needed in host where KSC (10.4.343) is (going to be) running? I have 250 laptops with FDE enabled and I need to be very sure about this. 

It's clear that when using KES 10 SP2 is not neccesary.

Thank you.

Share this post


Link to post
hace 19 horas, Nikolay Arinchev dijo:

Hi,

No, it`s not necessarily.

Thank you!

Excellent, thank you for your help.

Regards.

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.