A configuration file is generated to configure the app in an EMM Console. The app settings in the configuration file are presented in the table below.
Configuration key
|
Description
|
Type
|
Value
|
Default value
|
LicenseActivationCode
|
App activation code
|
String
|
App activation code consisting of 20 Latin letters and numerals. To activate the app with an activation code, you need internet access to connect to Kaspersky activation servers.
If you leave the field blank, the app will be activated with a trial license. The trial license is valid for 30 days. When the trial license expires, all features of the Kaspersky Endpoint Security for Android mobile app are disabled. To continue using the app, you must purchase a commercial license.
|
|
EulaAcceptanceConfirmationV1
|
<License Agreement link>
|
Choice
|
This setting is available only for VMware AirWatch.
Accepted – I confirm that I have fully read, understand, and accept the terms and conditions of this End User License Agreement.
Declined – I do not accept the terms and conditions of this End User License Agreement (EULA).
To accept the terms and conditions of the EULA for all mobile devices, you need internet access to connect to Kaspersky servers.
If you chose Declined, the app will ask the user to accept the terms and conditions of the EULA. Mobile device users can accept the conditions in the Initial Configuration Wizard.
|
|
EulaAcceptanceCodeV1
|
License Agreement code
|
String
|
These settings are available only for VMware AirWatch.
Use EulaAcceptanceCodeV1 if you want to accept a single End User License Agreement (EULA). Use EulaAcceptanceCodesV2 if you want to accept several EULAs at the same time. The EulaAcceptanceCodesV2 field must contain a semicolon-separated list of EULA codes: "<EULAid1>;<EULAid2>;<EULAid3>;...".
License Agreement code is contained in the End User License Agreement.
To learn License Agreement code:
- Copy the License Agreement link (
EulaAcceptanceConfirmationV1) from the EMM Console. - Paste the link into the browser.
The End User License Agreement (EULA) opens.
- Read the terms and conditions of this EULA and find the License Agreement code.
To accept the terms and conditions of the EULAs for all mobile devices, you need internet access to connect to Kaspersky servers.
If you leave the fields blank, the app will ask the user to accept the terms and conditions of the EULAs. Mobile device user can accept the conditions in the Initial Configuration Wizard.
If you specify the values of both fields, the terms and conditions of all EULAs specified in them will be accepted.
|
|
EulaAcceptanceCodesV2
|
License Agreement codes
|
String
|
|
KscServer
|
Kaspersky Security Center Administration Server address and port
|
String
|
DNS name or IP address of the Kaspersky Security Center Administration Server and port number. Enter the address as follows: <server address>:<port>. If you enter the server address without specifying the port, the app will use the default port 13292.
|
<server address>:13292
|
DisableNotification
|
Disable app notifications before connecting to Kaspersky Security Center
|
Boolean
|
True – Kaspersky Endpoint Security for Android hides all app notifications. Kaspersky Endpoint Security for Android hides notifications until the device connects to Kaspersky Security Center. After connecting, the app shows all notifications. You can disable certain app notifications in the policy settings.
Do not disable app notifications if you do not use Kaspersky Security Center. This could cause a user to miss receiving notifications about a license expiration. In this case, the app would stop performing its functions.
False – Kaspersky Endpoint Security for Android shows all app notifications.
|
False
|
ScanScheduleType
|
Scan run mode
|
Choice
|
AfterUpdate – Start a virus scan after a database update. The app updates anti-virus databases according to the defined schedule (UpdateScheduleType).
Daily – Start a virus scan once a day. Configure the scan start time (ScanScheduleTime).
Weekly – Start a virus scan once a week. Select the day of the week to start a virus scan (ScanScheduleDay) and configure the time (ScanScheduleTime).
Off – Autostart of a virus scan is disabled.
Irrespective of which value is set, the device user can manually start a virus scan.
|
AfterUpdate
|
ScanScheduleDay
|
Day of scan
|
Choice
|
Monday / Tuesday / Wednesday / Thursday / Friday / Saturday / Sunday
You can select only one value for this setting.
|
Monday
|
ScanScheduleTime
|
Time of scan
|
String
|
The time can be indicated in 24-hour format (for example, 13:00) or 12-hour format (for example, 10:30 P.M.).
|
8:00
|
ScanScheduleLock
|
Block configuration of the scan run mode
|
Boolean
|
True – The user cannot access the virus scan run mode settings within the app settings.
False – The user can configure the virus scan run mode and, for example, disable autostart of a virus scan.
|
True
|
ScanOnlyExecutableFiles
|
Types of files to scan (Virus Scan)
|
Choice
|
AllFiles – Scan all files.
OnlyExecutables – Scan only executable files. Executable files are files with the .apk (.zip), .dex, or .so extension.
In Kaspersky Endpoint Security for Android Service Pack 4 Maintenance Release 1, you cannot enable scanning of executable files only.
|
AllFiles
|
ScanArchives
|
Scan archives with unpacking
|
Boolean
|
True – The app unpacks archives and scans their contents.
False – The app scans only the archive files.
The app scans only archives with the .zip (.apk) extension.
In Kaspersky Endpoint Security for Android Service Pack 4 Maintenance Release 1, you cannot disable scanning of contents of archives.
|
True
|
ScanActionOnThreatFound
|
Action on threat detection (Virus Scan)
|
Choice
|
Quarantine – The app puts detected objects in Quarantine. Quarantine stores files as archives, so they cannot harm the device. The Quarantine lets you delete or restore the files that were moved to isolated storage.
Delete – The app deletes the detected objects.
Skip – The app leaves the detected objects unchanged. If the detected objects have been skipped, Kaspersky Endpoint Security for Android warns the user about problems in device protection. When there is an attempt to access an object on the device (such as an attempt to copy or open it), the app blocks access to the object.
AskUser – The app prompts the user to select an action for each detected object: skip, quarantine, or delete. When multiple objects are detected, the user can apply a selected action to all objects.
Information about detected threats and the actions taken on them is logged in app reports.
|
Quarantine
|
ScanLock
|
Block configuration of scan settings
|
Boolean
|
True – The following scan settings cannot be accessed by the user in the app settings: the type of files to scan, scanning of archives, and the action to take when a threat is detected.
False – The user can configure scan settings and, for example, select the Skip action for detected threats.
|
True
|
ScanAndProtectionAdwareRiskware
|
Block adware, autodialers, and apps that can be used by criminals to cause harm to the user's device and data
|
Boolean
|
True – The app detects adware and other apps that can be used by criminals to cause harm to the user's device and data.
False – The app skips adware and other apps that can be used by criminals to cause harm to the user's device and data.
|
True
|
ProtectionMode
|
Real-time protection mode
|
Choice
|
Recommended – The app only scans new apps once, immediately after they have been installed, as well as files from the Downloads folder.
Extended – The app scans all files that the user opens, modifies, copies, runs and saves on the device. The app also scans new apps and files from the Downloads folder.
Disabled – Real-time protection is disabled.
|
Recommended
|
UseKsnMode
|
Kaspersky Security Network mode
|
Choice
|
Recommended – The app exchanges data with Kaspersky Security Network (KSN). Kaspersky Endpoint Security for Android uses KSN for real-time protection of the device against threats (Cloud Protection) and the operation of Web Protection on the internet.
Extended – The app exchanges data with Kaspersky Security Network and also sends the Virus Laboratory certain performance statistics from Kaspersky Endpoint Security for Android. This information makes it possible to keep track of threats in real time. No personal data is collected, processed, or stored by KSN services.
Disabled – The app does not use data from Kaspersky Security Network. You cannot enable Web Protection (EnableWebFilter). The Cloud Protection component is not available for Anti-Virus.
|
Recommended
|
ProtectScanOnlyExecutableFiles
|
Types of files to scan (Real-time Protection)
|
Boolean
|
AllFiles – Scan all files.
OnlyExecutables – Scan only executable files. Executable files are files with the .apk (.zip), .dex, or .so extension.
In Kaspersky Endpoint Security for Android Service Pack 4 Maintenance Release 1, you cannot enable scanning of executable files only.
|
AllFiles
|
ProtectionActionOnThreatFound
|
Action on threat detection (Real-time Protection)
|
Choice
|
Quarantine – The app puts detected objects in Quarantine. Quarantine stores files as archives, so they cannot harm the device. Quarantine lets you delete or restore the files that were moved to isolated storage.
Delete – The app deletes detected objects.
Skip – The app leaves the detected objects unchanged. If the detected objects have been skipped, Kaspersky Endpoint Security for Android warns the user about problems in device protection. When an attempt is made to access an object on the device (such as an attempt to copy or open it), the app blocks access to the object.
Information about detected threats and the actions taken on them is logged in app reports.
|
Quarantine
|
ProtectionLock
|
Block configuration of real-time protection settings
|
Boolean
|
True – The following real-time protection settings cannot be accessed by the user in the app settings: real-time protection mode, types of files to scan, and the action to take when a threat is detected.
False – The user can configure real-time protection settings and, for example, can select the Skip action for detected threats.
|
True
|
UpdateScheduleType
|
Databases update run mode
|
Choice
|
Daily – Check for new anti-virus databases and download them to devices once a day. Configure the database update start time (UpdateScheduleTime).
Weekly – Check for new anti-virus databases and download them to devices once a week. Select the day of the week to start a database update (UpdateScheduleDay) and configure the time (UpdateScheduleTime).
Off – Automatic update of antivirus databases is disabled.
Irrespective of which value is set, the device user can manually start an update of anti-virus databases.
|
Daily
|
UpdateScheduleDay
|
Day to start a database update
|
Choice
|
Monday / Tuesday / Wednesday / Thursday / Friday / Saturday / Sunday
You can select only one value for this setting.
|
Monday
|
UpdateScheduleTime
|
Database update start time
|
String
|
The time can be indicated in 24-hour format (for example, 13:00) or 12-hour format (for example, 10:30 P.M.).
|
8:00
|
UpdateScheduleLock
|
Block configuration of the database update run mode
|
Boolean
|
True – The user cannot access the database update run mode settings within the app settings.
False – The user can configure the database update run mode and, for example, disable autostart of anti-virus database updates.
|
True
|
AllowUpdateInRoaming
|
Update databases in roaming
|
Boolean
|
True – The app downloads anti-virus databases if the device is in the roaming zone. The app downloads anti-virus databases according to the defined schedule (UpdateScheduleType).
False – The app downloads anti-virus databases only if the device is in the home network.
|
False
|
EnableWebFilter
|
Web Protection
|
Boolean
|
True – The app uses the Web Protection component to block malicious and phishing websites on the internet. Web Protection supports Google Chrome only.
Malicious and phishing websites using the HTTPS protocol are allowed to remain unblocked if the domain is trusted. If the domain is untrusted, Web Protection blocks malicious and phishing websites.
False – Protection against malicious and phishing websites is disabled.
For the Web Protection component to work, the following conditions must be met:
- Device users accept the Privacy Policy and the Web Protection Statement in the Initial Configuration Wizard or app settings.
- A proxy server is configured in the browser settings:
ProxyMode = "fixed_servers"
ProxyServer = "127.0.0.1:3128"
DisableSpdy = true
DataCompressionProxyEnabled = false
Proxy server configuration may vary depending on the Google Chrome version. For more details about configuring Google Chrome, visit the Chromium project website.
After the Kaspersky Endpoint Security for Android app is removed from the mobile device, reset the proxy server settings.
- Use of KSN is enabled in the app settings:
UseKsnMode = Recommended or UseKsnMode = Extended. - It is recommended to select Google Chrome as the default browser in the operating system settings.
|
False
|
EnableWebFilterLock
|
Block configuration of Web Protection
|
Boolean
|
True – The user cannot access Web Protection settings within the app settings.
False – The user can configure Web Protection settings and, for example, disable protection against malicious and phishing websites on the internet.
|
True
|
UpdateServer
|
Database update source server address
|
String
|
Address of the server hosting the database updates, for example, http://update.server.com.
If you leave the field blank, Kaspersky Endpoint Security for Android uses the Kaspersky database update servers.
|
|
AllowGoogleAnalytics
|
Submit data to the Google Analytics for Firebase, SafetyNet Attestation, Firebase Performance Monitoring, and Crashlytics services
|
Boolean
|
True – The app automatically submits Kaspersky Endpoint Security for Android operating data to the Google Analytics for Firebase, SafetyNet Attestation, Firebase Performance Monitoring, and Crashlytics services. This data is necessary in order to improve the performance of the app and to analyze user satisfaction. Data is transferred to the Google Analytics for Firebase, SafetyNet Attestation, Firebase Performance Monitoring, and Crashlytics services over a secure connection. Access to and protection of data is regulated by the relevant terms of use of the Google Analytics for Firebase, SafetyNet Attestation, Firebase Performance Monitoring, and Crashlytics services.
False – Submission of data to the Google Analytics for Firebase, SafetyNet Attestation, Firebase Performance Monitoring, and Crashlytics services is disabled.
|
True
|
KscDeviceNameTag
|
Device Name Tag for Kaspersky Security Center
|
String
|
This setting is available only for VMware AirWatch.
The tag will be added to the device name in Kaspersky Security Center. A space separates the tag and the device name. This makes it easier to find and sort devices in Kaspersky Security Center.
We recommend using only these values. VMware AirWatch supports other values, but Kaspersky Endpoint Security cannot guarantee that these values work.
|
|
KscGroup
|
Device group name
|
String
|
You can specify device groups in an EMM console. When a device is connected to Kaspersky Security Center, it will be automatically added to a subfolder of the of Unassigned devices folder. The name of the subfolder will match the group name specified in this parameter. You can then create rules for automatically moving devices from subfolders of the Unassigned devices folder to administration groups in the Managed devices folder.
If you leave the field blank, the device will be automatically added to the root of the Unassigned devices folder.
|
KES10
|
KscCorporateEmail
|
User's corporate email
|
String
|
You can specify users' corporate email addresses in an EMM console. These emails will be displayed in Kaspersky Security Center.
The string must be a valid email address. Other values are ignored.
|
|
KscDeviceName
|
Device name in Kaspersky Security Center
|
String
|
This setting is available only for SOTI MobiControl.
You can specify the device name displayed in Kaspersky Security Center. You can type any name or use the %DEVICENAME% macro to automatically get the device name from the SOTI MobiControl console. If you leave the field blank, the device name will be generated according to the format specified in the Kaspersky Security Center group policy.
|
|