Arian.Mohammad

That's because, with every update, Kaspersky first checks the backlist/denylist of keys (license), if your keys are not in the list, the update will continue. now if during the update download blacklist/deny list becomes corrupted you get this error, cause it is the first thing KL product checks for every update. So removing the current corrupted updates and downloading the fresh update must solve the problem.

did you run the kata-upgrade-preparation script before starting?

what version do you use? Are you using DP? Is there a proxy in between? can you do klnagchk and put the results here?

there are several ways to do that, In addition to what @ElvinE5 described, running an inventory task on reference computers can help big time. after that you can even add your program to less restricted categories but limit some of its connections, for example: msphoto.exe is a trusted application so naturally it is in the Trusted category , in which all network connection is permitted, but you can add another rule and block port 80 for msphoto.exe like this: and you can find more help here: https://support.kaspersky.com/KESWin/12.3/en-US/123452.htm and about the inventory task here: https://support.kaspersky.com/KESWin/12.3/en-US/130536.htm

I don't see a limitation on the KESwin limitations section. also, KESwin does not use hardware virtualization like the safe money feature so It's possible to use them together, but I wouldn't, to stay on the safe side 😄

remove the BitLocker component from your installation package before the deployment maybe help can help

when you import settings, useKSN, and CloudMode are set to no. check this help: https://support.kaspersky.com/KES4Linux/12.0.0/en-US/234826.htm

Always have a backup ( which certificate is also included), as Windows upgrade does not change application settings, I don't see a problem with your upgrade if your DBMS is supported. In case of any issues, you can simply restore your backup. although I suggest upgrading your KSC to 14.2 too.

@CallMeSam the best options is exactly what @ElvinE5 Suggested. but if you want to use silent keys you can either use the setup.ini file or these command switches: /s or /qn switches with the following commands: setup_kes.exe /pEULA=1 /pPRIVACYPOLICY=1 [/pKSN=1|0] [/pALLOWREBOOT=1|0] [/pADDLOCAL=<component>] [/pSKIPPRODUCTCHECK=1|0] [/pSKIPPRODUCTUNINSTALL=1|0] [/pKLLOGIN=<user name> /pKLPASSWD=<password> /pKLPASSWDAREA=<password scope>] [/pENABLETRACES=1|0 /pTRACESLEVEL=<tracing level>] /s msiexec /i <distribution kit name> EULA=1 PRIVACYPOLICY=1 [KSN=1|0] [ALLOWREBOOT=1|0] [ADDLOCAL=<component>] [SKIPPRODUCTCHECK=1|0] [SKIPPRODUCTUNINSTALL=1|0] [KLLOGIN=<user name> KLPASSWD=<password> KLPASSWDAREA=<password scope>] [ENABLETRACES=1|0 TRACESLEVEL=<tracing level>] /qn but still, ksc is your best bet

Hello, which component exactly detects that? Network threat protection? do you have any EDR solution available? optimum, expert? on the KES local interface, you can see Application Network Activity, Which process tried to connect to your server in the period of incident detection time?

in fact, EDR Standard and Advanced morphed into EDR Expert.

You can use KEDR Expert on KATAP ( Kaspersky targeted attack platform) as an on-perm solution, that's why KATAP has two license sections, if you don't like to use the cloud solution for any reason, you can use KATAP as an on-perm solution. the difference is without a KATA(NDR) license, Network sources like SPAN, ICAP, Mail, etc... would not function, and only endpoints telemetry, and objects would be analyzed.

Hello, Did you create the IOA rule or it is Kaspersky rule?