Activating the application

Switching the application to fully functional mode. Application activation is performed by the user during or after installation of the application. You must have an activation code or key file to activate the application.

Activation code

A code that you receive when purchasing a license to use Kaspersky Endpoint Security. This code is required for activating the application.

The activation code is a sequence of twenty Latin letters and numerals in the format xxxxx-xxxxx-xxxxx-xxxxx.

Administration group

A set of managed devices, such as mobile devices grouped according to the functions they perform and the set of apps installed on them. Managed devices are grouped so that they can be managed as a single whole. For example, mobile devices running the same operating system can be combined into an administration group. A group may include other administration groups. It is possible to create group policies and group tasks for group devices.

Administration Server

A component of Kaspersky Security Center that centrally stores information about all Kaspersky Lab applications that are installed within the corporate network. It can also be used to manage these applications.

Administrator’s workstation

The computer hosting the Administration Console of Kaspersky Security Center. If the application administration plug-in is installed on the administrator's workstation, the administrator can manage Kaspersky Endpoint Security mobile apps deployed on user devices.

Android work profile

A safe environment on the user's device in which the administrator can manage apps and user accounts without restricting the use of personal data by the user. When a work profile is created on the user's mobile device, the following corporate apps are automatically installed in the work profile: Google Play Market, Google Chrome, Downloads, Kaspersky Endpoint Security for Android, and others. Corporate apps installed in the work profile and notifications of these apps are marked with a red briefcase icon. You have to create a separate Google corporate account for the Google Play Market app. Apps installed in the work profile appear in the common list of apps.

Anti-virus databases

Databases that contain information about computer security threats known to Kaspersky Lab as of the anti-virus database release date. Anti-virus database records help detect malicious code in objects being scanned. Anti-virus databases are created by Kaspersky Lab experts and are updated every hour.

Apple Push Notification service (APNs) certificate

A certificate signed by Apple that lets you use the functionality of the Apple Push Notification service. An iOS MDM Server can use the Apple Push Notification service to manage iOS devices.

Application administration plug-in

A dedicated component that provides the interface for managing Kaspersky Lab applications through Administration Console. Each application that can be managed through Kaspersky Security Center SPE has its own administration plug-in. The administration plug-in is included in all Kaspersky Lab applications that can be managed via Kaspersky Security Center.

Certificate Signing Request

A file with Administration Server settings that, once confirmed by Kaspersky Lab, is sent to Apple for purposes of getting the APNs certificate.

Compliance control

Verification that the settings of a mobile device and Kaspersky Endpoint Security for Android comply with corporate security requirements. Corporate security requirements regulate how the user can work with the device. For example, the real-time protection must be enabled on the device, the anti-virus databases must be up-to-date, and the device password must be sufficiently strong. Compliance control is based on a list of rules. A compliance rule includes the following components:


A special-purpose shell for mobile apps that makes it possible to control the activity of a containerized app. A container protects personal and corporate data on the mobile device. A container used on an iOS device is signed by the same certificate that is used to sign Kaspersky Safe Browser for iOS devices.

Device administrator

A set of app rights on an Android device that enables the app to use device management policies. It is necessary to implement full functionality of Kaspersky Endpoint Security on Android devices.

EAS device

A mobile device connected to Administration Server via Exchange ActiveSync protocol.

End User License Agreement

Binding agreement between you and AO Kaspersky Lab that stipulates the terms on which you may use the application.

Exchange Server

A Kaspersky Endpoint Security component that makes it possible to connect Exchange ActiveSync mobile devices to the Administration Server. It is installed on the client device.

Group task

A task intended for an administration group and performed on all managed devices included in the group.


Protocol for accessing email. In contrast to the POP3 protocol, IMAP provides extended capabilities for working with mailboxes, such as managing folders and handling messages without copying their contents from the mail server. The IMAP protocol uses port 134.

Installation package

A set of files created for remote installation of a Kaspersky Lab application by using the remote administration system. The installation package is created from special files included in the app distribution package. The installation package contains a range of settings needed to install the app and get it running immediately after installation. The values of settings in the distribution kit correspond to default values of application settings.

iOS MDM device

An iOS mobile device controlled by the iOS MDM Server.

iOS MDM profile

A profile that contains a set of settings for connecting iOS mobile devices to the Administration Server. An iOS MDM profile makes it possible to distribute iOS configuration profiles in background mode using the iOS MDM Server, and also receive extended diagnostic information about mobile devices. A link to the iOS MDM profile needs to be sent to a user in order to enable the iOS MDM Server to discover and connect the user's iOS mobile device.

iOS MDM Server

A component of Kaspersky Endpoint Security that is installed to a client device and enables connection of iOS mobile devices to the Administration Server and enables management of those iOS mobile devices through the Apple Push Notifications (APNs) service.

Kaspersky Lab categories

Predefined data categories developed by Kaspersky Lab experts. Categories can be updated during application database updates. A security officer cannot modify or delete predefined categories.

Kaspersky Lab update servers

HTTP servers of Kaspersky Lab from which Kaspersky Lab applications download database and application module updates.

Kaspersky Security Center administrator

The person managing application operation through the remote centralized administration system of Kaspersky Security Center.

Kaspersky Security Center Web Server

A component of Kaspersky Security Center that is installed with Administration Server. The web server is intended for transferring standalone installation packages, iOS MDM profiles, and files from the shared folder over the network.

Kaspersky Security Network (KSN)

An infrastructure of cloud services that provides access to the online Knowledge Base of Kaspersky Lab which contains information about the reputation of files, web resources, and software. The use of data from Kaspersky Security Network ensures faster responses by Kaspersky Lab applications to threats, improves the performance of some protection components, and reduces the likelihood of false alarms.

Key file

A file in xxxxxxxx.key format that enables use of a Kaspersky Lab application based on a trial or commercial license.


A time-limited right to use the application granted to you under the End User License Agreement.

License term

The time period during which you have access to the application features and rights to use additional services. The available functionality and specific additional services depend on the type of license.

Managed device

An iOS device whose configuration is monitored in Apple Configurator, an application for applying group settings to iOS devices. A managed device has supervised status in Apple Configurator. Whenever you connect a managed device to a computer, Apple Configurator checks the configuration of the device for compliance with the specified settings and adjusts them when needed. A managed device cannot be synchronized with Apple Configurator installed on a different computer.

More settings that can be configured with the aid of a Kaspersky Device Management for iOS policy are available on a managed device than on an unmanaged device. For example, a managed device can have an HTTP proxy to monitor Internet traffic on the device within a company network. By default, all mobile devices are not managed.

Manifest file

A file in PLIST format containing a link to the app file (ipa file) located on a web server. It is used by iOS devices to locate, download, and install apps from a web server.


A type of online fraud aimed at obtaining unauthorized access to confidential data of users.


A set of settings of the application and Kaspersky Endpoint Security mobile apps applied to devices in administration groups or to individual devices. Different policies can be applied to different administration groups. A policy includes the configured settings of all functions of Kaspersky Endpoint Security mobile apps.


Network protocol used by a mail client to receive messages from a mail server.

Provisioning profile

A set of parameters that apps need to work on iOS mobile devices. A provisioning profile includes license information and is linked to a specific app.

Proxy server

A computer network service that allows clients to make indirect requests to other network services. First, a client connects to a proxy server and requests a specific resource (such as a file) located on another server. Then the proxy server either connects to the specified server and obtains the resource from it or returns the resource from its own cache (if the proxy has its own cache). In some cases, a user's request or a server's response can be modified by the proxy server for certain purposes.

QR code

A two-dimensional bar code with encrypted information that is scanned by means of the device camera. A QR code may contain text, an image, website link, contact info, Wi-Fi network connection settings, or other information.


The folder to which the Kaspersky Lab application moves probably infected objects that have been detected. Quarantined objects are stored in encrypted form to prevent them from harming the computer.


A protocol for data encryption in local networks and on the Internet. SSL is used in web applications to create a secure connection between a client and a server.

Standalone installation package

An installation file of Kaspersky Endpoint Security for the Android operating system, which contains the settings of application connection to the Administration Server. It is created on the basis of the installation package of this application and is a particular case of mobile app package.


Enables use of the app with the selected settings (expiration date and number of devices). You can pause or resume your subscription, renew it automatically, or opt out of it.

Unlock code

A code that you receive on the My Kaspersky portal. It is needed to unlock a device after the Lock & Locate, Alarm or Mugshot commands have been executed, and when Self-Defense is triggered.


A program that infects other software by adding its own code to them in order to gain control when infected files are run. This simple definition describes the most common action performed by a virus, which is the act of infection.

Page top