Adons

When you download the activation file, you upload the activation file to KSC, and then active your devices from an activation task using activation file.

You can visit https://keyfile.kaspersky.com/ and download the activation file using your code, then use these files to activate the clients from KSC in offline mode

Can you send a screenshot about the error message?

Try this.

Hi, for KEDRO you have to be sure that all components are activated, Kaspersky Endpoint Agent installed KES 11.6 installed and the endpoint agent sensor is activated in the package before install, like the following image. if the KES is already installed on the endpoints, you can run a change application components task and active the endpoint agent sensor. ckeck if your EDRO license is applied. Enter to web console and be sure the endpoint agent plugin is installed. add “incident card” on the threat report and run it this could help you, let me know about it.

I can see that you are looking for KSC package (Kaspersky Security Center) Download package link https://www.kaspersky.com/small-to-medium-business-security/downloads/endpoint?icid=gl_sup-site_trd_ona_oth__onl_b2b_klsupport_tri-dl____ksc___

What about your license?

check your internet connection or key

Hi, first can you tell us what packages are installed on your PC? Is it connected to a KSC, and added in a group? What is the PC’ Status in this group?

recuerdo tener un problema similar con las notificaciones, mi solucion fue quitar el mx lookup, usar el puerto 587 o 25 con gmail, te recomiendo usar la cuanta con authenticacion, marca “ESMTP authentication” y configura tu correo y clave.

You should set the specific IP Address because in “ANY” IP it can be dangerous

Have you tried with a PowerShell script? see https://docs.microsoft.com/en-us/powershell/module/bitlocker/enable-bitlocker?view=win10-ps

Just run a remote installing task with “Kaspersky Network agent 12” and “Kaspersky Endpoint Security 11.5” packages, after that check the applications installed in the PC: select pc property > applications if there two applications installed only, run a separely remote installing task specifying the EDR agent 3.9.2.1243 package. You have to see it like this at the end.

Hi, In KSC 12 there are 2 Agent packages: 1 Kaspersky network agent (12.0.0.7734) < for server communication 2 Kaspersky endpoint agent (3.9.0.1188) < EDRO component, to use this you need a EDR license becouse is a different product. Kaspersky Network Agent for Windows (English)_12.0.0.7734 and Kaspersky Security Center 12 Network Agent (12.2.0.4376) look like the same packege.

Debes dar mas detalles al respecto, puedes abrir un ticket con Kaspersky https://companyaccount.kaspersky.com/account/login y adjuntar el GSI generado del equipo, uno con Kaspersky instalado y otro sin Kaspersky instalado, puedes descargar el archivo aqui https://support.kaspersky.com/mx/common/diagnostics/3632

Just block the 445 port in Kaspersky group policy with firewall, try to do this in a test policy with a specific device first.

Hi, if you want to use EDRO, first your license have to be an EDRO license, then you need 3 client packages 1 Kaspersky Network agent < for server communication 2 Kaspersky EDR agent < EDR Component 3 Kaspersky Endpoint Security < for Protection if you install KES and this detects your EDRO license, it will install EDR agent automatically, other way you have to install with another installation task and specify the EDR agent package.

Hi, try adding your browser in the exclusion application and set the IP for Kaspersky does not check this. Select Group policy > General setting > Exclusions > Trusted application tab > Add “Set yout browser executable path” > check “Dont scan network traffic” > remote ip address and set the IP, if leave this as “any”, it can be dangerous Let me know about it.

Also, device request access is an educational affair for the user, you may have to share a document about how-to request USB access step by step and tell them "This is the process".

ok, you can set a quick scan in your group policy for connected usb If you want to allow to connect a usb device for 1 or 2 hours, when the user connect the usb, kaspersky will show you a block message, in this block message you will see a temporal access request just select the device and kaspersky will create a .akey file, you have to move this file to your server and select the device, right click on this and select “Grant access in offline mode” In this windows just select the .akey file and this will show you some values like time to use this file and time to use this device, so you can set 1 or 2 hours, this will create a .acode file just share this file with the user. connect the usb again, when kaspersky show you a block message just select “I have a access code” and select the .acode file.

Hi, try searching for Symantec registries in the regedit and delete them.

Hi, firts from KSC you can allow a user to use devices, just set the user in the KES policy: select group policy > device control >removable drive > edit > add > add , end select the user or you can add an specific device to allow use it in all Kaspersky group, Active directory group or specific user. Select the group policy > device control > trusted devices, and press “refresh” button, it will show you a list of all devices connected in your Kaspersky devices, you need to know the device ID, you can see this in the device control log in computer events. You need to be sure that your computer is connected with network agent to the KSC console, if the computer is not connected to the console, the policy will never work. you can force this with klmover, just change the IP in KLMover.bat file with your server IP or server name and run it as administrator in client computer. Let me know about it.

use this to disable traces files.

Can you check the logs in reports to see more details?

Hi, try this to update KES to 11.5 In Kaspersky security center on premise just run a deploy task with the new version of KES If you are using Kaspersky Security cloud, you can use a script in Active directory to update to KES 11.5 create a share folder and save KES11.5 (the languaje is important). move the setup.ini file in the folder and set your kaspersky user and password in this file move the install.bat file in the folder and edit [Share_path] with your Share folder path like \\PC_NAME_OR_IP\FOLDER_NAME, [Package_name] with KES executable file like KES11.5.exe, [_Kescloud_key_name] with kes version like 11.5.xxx Create a new GPO go to “Computer Configuration > Windows Setting [startup/shutdown] > startup > properties > add “ and select the install.bat file in the share folderIf your computer is not in domain, just share the folder to everyone and run the install.bat file as administrator Let me know about it.