Keeping Kaseya Anti-Virus (KAV) up-to-date

Kaseya’s Kaspersky Anti-Virus (KAV) will not automatically update/upgrade to the latest version.  While virus definitions are updated automatically, the software itself requires manual updating.

Verifying that KAV is up-to-date can be a little confusing.  KAV 1.4 was released in October and replaced KAV 1.3.  The older version is identified as “Kaspersky Anti-Virus 2010” (Kaspersky 9) and the newer is “Kaspersky 6.0.4.1424 and 6.0.4.1611”.  Version 1611 is the newest version 6 – KAV 1.4.

So when you see Kaspersky 9, don’t think it is newer than Kaspersky 6.0.4.xxxx, it isn’t!

As of 12/18/2012 the most current version is:

Database Version – 6.0.4.1611

Service Version – 1.4.0.13306

 

Locating out-of-date installations

You can check the version from the Anti-Virus tab.   Change the Column Sets drop down to “Version”.  It will show only the machines that have KAV installed, listing database date, and the Client and Service Version.

image

 

image

The simplest way to see which installations need updating is to use the Column Sets drop down, and select  “Upgrade Ready to quickly reveal all of your endpoints that need upgrading.

image

Upgrading KAV

Once you have the list of what needs to be upgraded,  click on the “Client Version” column to sort by version (scroll until you find the out-of-date versions grouped together).  To upgrade an agent click on the machine name(s) to select (Hold SHIFT to select multiple machines) and use the Install drop down and choose “Upgrade Client Version”.

image

 

NOTE:  Kaspersky 2010 uses different profiles than does previous versions.  So if you are upgrading from “Kaspersky Anti-Virus 2010” you will then be given the option to select a new KAV profile to assign.  If simply upgrading from “.1424″ to “.1611” the existing profile is assigned automatically.

WARNING: The upgrade will reboot the end point without warning!

 

Upgrade Client Version Options

 image

  • “Prompt before install:  Installation will only proceed if user is logged on and agrees to proceed”

Because of the reboot we don’t recommend upgrading while users are logged in.  Checking this option will not give the end user control over the upgrade reboot action.  It’s probably best to coordinate the upgrade with your clients and ask them to log out of their machines in preparation.

Advanced Options

“Start Date & Time and Distribution Window” – Use this to schedule the start time of the upgrade.  The KAV installation file is 150 megs. Depending on how many end points are being upgraded and the client site’s bandwidth, you should spread out the upgrades over an appropriate period of time

“Password” – The default KAV password is “KaseyaUninstall”.  You can set a custom password.

 

KAV Flags

Reboot Needed

If the upgrade runs but KAV cannot successfully reboot the end point the “Reboot Needed” flag is triggered.

 image

Once this flag is set it can only be cleared if a reboot command is sent with Actions> Reboot

 image

Configuration is out of compliance with this profile

 image

This flag indicates a local configuration change has been made through the end point’s UI and differs from the configuration set in the profile assigned.  To clear this flag the profile needs to be redeployed using the Assign function.

image

Simply select the machine(s) that are showing out of compliance, click the “Assign” button, and then select the appropriate profile.

Best Practice Tips:  

  • Review machines for out-of-date definitions every week.
  • Review your upgrade eligible machines at least once per month
  • Schedule upgrades over evening or weekend when users are logged off.  Remember it will auto-reboot!

Credit:  Thanks to Jim Bulger, Virtual Administrator support guru for this contribution!