The distributive of Kaspersky Security for Mobile includes an individual installation file for each of the supported operating systems. It can be installed locally on any of them: copy the corresponding file from the distribution or download it from the appropriate Market.
In this case, the user will be responsible for the Kaspersky Security Center connection settings and will need to correctly enter the network parameters (address and port) of the Administration Server. After that the administrator will be able to view information about the device in the Administration Console.
Another installation method is designed for devices that are connected to workstations running Windows. In this case the user only confirms the program installation. This method works for all mobile operating systems except for iOS.
The third method, remote installation, can be employed only for Kaspersky Security for Mobile for Android and iOS:
— Android: via the Administration Console, where a standalone package can be created and published
— iOS: via MDM for iOS (see the previous chapter)
FOR
INTERNAL
USE
49
Chapter 3. Kaspersky Security for Mobile
FOR
INTERNAL
USE
Installation using a standalone package (on Android)
Android devices, similarly to typical desktops (for example Windows), completely support installation using standalone packages:1. The administrator adds the Android version of the Kaspersky Security for Mobile installation package on the Administration Server. The path to the kmlisten.kpd file needs to be specified in the wizard. All the files necessary for installation are located in the sc_package_en.exe archive of Kaspersky Security for Mobile distribution
2. Then you can open the package properties and edit its settings:
— Administration Server address and port
— The folder within the Unassigned computers / Domain subdirectory of the Administration Server structure into which such devices are to be moved when connected. KSM10 by default
— Whether the e-mail address is required—with this option enabled, the user will be offered to enter their address. It will be used for identifying the device. In the Administration Console, the mobile device name will be as follows: <the address specified by the user>_<unique identifier of the device> 3. Create a standalone package. The Network Agent does not need to be installed—clear the corresponding
checkbox in the wizard. As a result, you will receive an .apk file, which will be automatically published on the built-in web server of KSC
4. The administrator then transfers this file to the users and asks them to install it. Any method can be used: it can be attached to an e-mail message, or a link to the package on the web server can be sent, or
the installation file can be copied to any other web server.
To send the message to a corporate e-mail address, open the User accounts container. The Send message by email command is available for each user here. In addition to the URL, you can insert the QR code, which is generated automatically.
You can also send SMS to the users whose mobile phone numbers are known.
5. Then the administrator has to wait until the user receives the message, downloads the package and starts the installation. The address and port of the server are already specified in the package, and the user needs to confirm the installation, grant administrative permissions to Kaspersky Security (for activation of the Anti-Theft functionality), and enter their e-mail address if required
After a successful synchronization with the Administration Server, the mobile device will appear in the Administration Console, either in the Unassigned computers / Domain / <the folder specified in
the installation package properties> node, or in the folder specified in the automatic relocation rule (if configured).
FOR
INTERNAL
USE
51
Chapter 3. Kaspersky Security for Mobile
FOR
INTERNAL
USE
Installation via workstation (all operating systems,
except for iOS)
The administrator installs a special utility (kmlisten.exe) on the workstations running Windows operating systems to which the users are allowed to connect tablets and smartphones. It works in the background, and when a device compatible with Kaspersky Security for Mobile is connected, copies the distribution on it and starts the installation. It is performed automatically; the user only confirms the installation.
The kmlisten.exe utility is shipped with Kaspersky Security for Mobile. To install it on a workstation, you can employ any method supported by Kaspersky Security Center (see the KSC course or product documentation for details). You will only need to set up the fields similar to the aforementioned: Administration Server address, port, the folder where the device will be placed within the Unassigned computers structure, and whether the e-mail address is required to be specified by the user.
FOR
INTERNAL
USE
53
Chapter 3. Kaspersky Security for Mobile
FOR
INTERNAL
USE
Installation via MDM for iOS (only iOS devices)
To be able to remotely install Kaspersky Security on iOS, an MDM for iOS profile must already be installed on the device. Then the administrator needs to:
1. Publish the installation package of Kaspersky Security for Mobile (an .ipa file) using any method, for example, the built-in web server of KSC
2. Add the published application in the Managed applications section under the properties of MDM for iOS (the Mobiledevices / Mobiledevicesservers container)
Installation via workstation (iOS)
Kaspersky Security for iOS can also be installed via the user’s workstation, but only manually, using standard iTunes tools. The .ipa file will be necessary for this (see higher).
FOR
INTERNAL
USE
55
Chapter 3. Kaspersky Security for Mobile