(tip: Solution on third paragraph) That’s kind of unbelievable, but I cannot update my Security Center 12 server because of the Kaspersky Security 10 for Windows Server. The antivirus solution just block all https connections to Kaspersky Labs update servers, probably because of certification problem. We use KSN, so maybe Kaspersky servers’ reputation is not that good? :D Unfortunatelly, the web connection interception (transparent proxy), necessary to analyze safe traffic in web applications, cannot be filtered by use of URL addresses, because of the nature of SSL interception. So, there are only four options. The solution given above of using http is simple, but introduce an insecure connection, unecessarily. The second one is worse: turning off Traffic Security Task in Real-Time Server Protection in KSWS. The third one I tested is including Kaspersky Labs update servers’ IP addresses. You can choose some of them. The task will show error for the others but eventually will use one of the allowed servers. That’s not good also, as Kaspersky may choose to change those addresses or even bringing a new server nearer you and you will not use it. SOLUTION: So, I suppose the best way to achieve continuous protection having updates working is including the update process as exception to the task: on Kaspersky Security for Windows Server's policy applied to the Security Center server(s), Real-time server protection session, Traffic Security Settings button, Configure interception area button, Exclude processes: mark option Apply exclusions for processes and click on Executable files to include Up2Date.exe process. In my server, I added C:\Kaspersky Lab\Kaspersly Security Center\Up2Date.exe.
