To install the application:

1. Install the SQL Server database and Microsoft .NET Framework.
2. Install Administration Server and Administration Console. For remote installation of Administration Server, specify the /v"EULA=1 PRIVACYPOLICY=1"value in the command line settings of the installer, which is in the configuration file of the Administration Server installation package.
   • To activate the features of systems management and mobile device management, enter the activation code of the corresponding license in the Quick Start Wizard. 
   • Use the following trial activation code to evaluate systems management and mobile device management features: P7WJ2-Y6BSP-NQPH5-MQXR7. 
   • Features for managing anti-virus protection do not require a separate activation code. 
   • For installation of Kaspersky Security Center on an Amazon EC2 instance and deployment of Kaspersky Security for Windows Server and Kaspersky Endpoint Security for Linux, please use this activation code: BEEEP-1EWU3-EDG8S-C9A6K. If you intend to use Kaspersky Security Center in Amazon Web Services cloud environment and install Kaspersky Security for Windows Server on Amazon EC2 instances, you have to install the patch. 
3. Create a task for remote installation of Network Agent 10.5 on corporate devices: a group task or a task for specific devices. Run the task manually or according to a schedule. 
4. Install and configure the selected components: Exchange ActiveSync Server, iOS MDM Server, and others. For more details on how to install the components of Kaspersky Security Center refer to the Kaspersky Security Center Implementation Guide.

To upgrade the application:

1. Back up Administration Server data using klbackup.exe utility or the Administration Server backup tasks.
2. Run Kaspersky Security Center installation on a device with the previous Administration Server version installed and perform the Administration Server upgrade. Reverse compatibility of Administration Server versions is supported. After the upgrade, the data related to the previous version of Administration Server is saved.
3. Create a task for remote installation of Network Agent 10.5 on corporate devices: a group task or a task for specific devices. Run the task manually or according to a schedule. 

• Support of the file integrity control in Kaspersky Security for Virtualization 5.0 Light Agent and Kaspersky Security for Windows Server 10 Service Pack 1.
• Support for more client devices by an Administration Server: up to 100,000 devices by a single Administration Server.
• SQL Server Always On is now supported.
• Windows 10 RS3 and Windows Server 2016 Server Core are now supported.
• Endpoint Sensor integration:
  • Kaspersky Security Center transmits to the Endpoint Sensor server information about client devices that have the Endpoint Sensor agent installed.
  • Administration Server and the Endpoint Sensor server can establish a trusted connection for data exchange.  
  • Kaspersky Security Center can relay statuses and error messages from the Endpoint Sensor agent to the Endpoint Sensor server.
  • The Managed devices section displays the devices that have the Endpoint Sensor agent installed so that these devices can be combined into administration groups.
• Support of the Amazon AWS cloud environment (for management of Kaspersky Endpoint Security for Linux and Kaspersky Security for Windows Server):
  • Network Agent for 64-bit Linux systems is now supported.
  • Authentication and location of devices using AWS API has been added.
  • Remote installation of protection using AWS API (except for virtual workstations that run Amazon Workspaces).
  • The support of Vulnerability and Patch Management component for Amazon EC2 servers that are protected with Kaspersky Security for Windows Server has been added.
  • AWS Directory Service is now supported.
  • Purchasing and licensing Kaspersky Security Center through AWS Marketplace (for paid-for and free-of-charge images) is now available.
  • Display of the AWS-specific features in the interface has been added (client device properties, hierarchy of administration groups, AWS Directory, Cloud Segment Protection Configuration Wizard, and cloud segment polling).
• Improved work with mobile devices:
  • Mobile device support can be enabled in Administration Console.
  • The link to the Mobile Device Management section is now located in the correct node in the Administration Console tree.
  • Support of the Mobile Device Management feature for mobile devices that run iOS 11.
  • The feature of working with mobile devices can now be activated also through the Administration Server Quick Start Wizard.
  • Administration Server Quick Start Wizard now features the capability of selecting users and user groups that must be sent invitation messages for connecting their mobile devices to Kaspersky Security Center Administration Server.
  • Certificates issued by Administration Server on an Android device can be replaced without the user’s actions.
  • Certificates to mobile devices that have Kaspersky Endpoint Security for Android or Kaspersky Safe Browser installed can be issued.
• Improved process of handling vulnerability fixes:
  • If any errors occurred in the execution of the task for installing updates on client devices, you can group devices according to these errors in the list of task execution results.
  • Reporting on the results of installation of updates for third-party software on client devices has been added.  
  • Optimized work with Microsoft updates (distributed through Windows Server Update Services). Lowered network traffic, decreased the amount of free disk space required for a device with Administration Server installed.
• Improvements in the interface:
  • The list of Kaspersky Security Center plug-ins is now divided into categories: Workstations, File Servers and Storage, Mobile devices, Embedded Systems, and Other.
  • The Rule Creation Wizard has been added for tagging.
  • Assignment of update agents and definition of network locations has been optimized.
  • The Show password button has been added to all password entry fields.
  • New Policy Profile Wizard has been added.
  • The status of a policy profile (Active, Inactive) is now displayed in the list of profiles. 
  • The headers of reports now remain displayed at the top of the window after the user pages down through these reports.
  • A report on detection of a threat now includes information about the application components through which the threat was detected, as well as information about the intelligence level of the threat.
• Event audit improvements:
  • Event audit has been added to Kaspersky Industrial CyberSecurity for Nodes, Kaspersky Embedded Systems Security, and Kaspersky Endpoint Security for Android.
  • Double-clicking the name of an object revision now invokes the revision properties window.
  • Clicking the Description button in the revision properties window displays the revision details.
  • Any two policies can be compared by selecting them in the list of policies.
  • Any two tasks can be compared by selecting them in the list of tasks.
• Other improvements:
  • The Kazakh interface localization has been added.
  • A warning message on target group changes in device moving rules has been added. This warning message prevents accidental deletion of subgroups from a new target group in case the applied moving rule provided for synchronization of groups with Active Directory.
  • The status of a client device (OK, Warning, or Critical) is calculated with more precision by using the "Last visible time" setting.
  • The names of application distribution kits are now more uniform and thus provide more details, for example, ksc_10sp2_10.3.407b_lite_es-MX.exe.
  • The klbackup log now includes more details (without including trace files). 
  • The KSN Proxy server performance has been improved Interaction with connected Kaspersky Lab applications optimized.

• The error that sometimes caused the properties of a device selection to miss some settings in the text description of the criterion applied for inclusion of devices in the selection.
• The error that sometimes prevented the activation condition of a Kaspersky Endpoint Security 10 for Windows policy profile to be saved if a network location from the Network Agent policy was specified as the criterion.
• Fixed the database error in Kaspersky Event Log displayed as "Introducing FOREIGN KEY constraint 'FK_pol_outbreak_policy__pol_policy_policy_id' on table 'pol_outbreak_policy' may cause cycles or multiple cascade paths".
• The interface error in the Vulnerability Fix Wizard.
• The error that caused the Administration Server data backup task to fail and return the "Transport level error while connecting to: maximum number of connections was exceeded" error.
• The error that caused the growth of disk space amount used up by Administration Server when working with a large number of dynamic virtual machines.
• The error that caused an incorrect display of information in the threats report after the "As rated by KSN" column was added.
• The error that caused a quick growth in size of the Administration Server database when working with a large number of dynamic virtual machines.
• The error that caused Administration Console to hang on an Administration Server with a large number of policies (greater than 1,000) if a Kaspersky Endpoint Security 10 for Windows policy was removed.
• The error that caused delays when applying a policy profile that used Active Directory attributes as activation rule.
• The error that caused the task of database download to the Kaspersky Security Center repository to terminate abruptly, displaying the "Operation canceled randomly" message.
• The error that sometimes caused the installation package distribution task to fail.
• The error that caused an excessively lengthy (longer than 10 hours) execution of the Administration Server database maintenance task.
• The error that caused Administration Server to crash during report generation and an entry displayed as "Process …\klserver.exe will be terminated due to exception KLSTD_ERROR_ABNORMAL_TERMINATION (ebadc0de)" to be added to the event log.
• The error that caused Administration Server to hang in certain cases after restoration from a backup copy.
• The error that caused an increased CPU load when executing the Mugshot command on a mobile device.
• The error that caused the patch installation on a Network Agent device to fail in certain cases.
• The error that caused improper functioning of Administration Server when an internal account longer than 255 characters was used.
• The error that occurred during the assignment of update agents on the basis of broadcast domains and caused devices to access the relevant update agent from a different broadcast domain in certain cases.
• The error that blocked the capability to delete the update agent from a virtual Administration Server.
• The error that caused the "Update" task to return an error if an update agent was used as the update source.
• The error that caused the list of available updates to differ depending on whether the Administration Server is in the DMZ.
• The error that caused trial subscription keys not to be added to the Kaspersky Lab licenses repository.
• The error that caused KES devices with the public key infrastructure (PKI) already configured not to connect to the Administration Server.
• The error that caused Network Agent not to be installed locally.
• Amazon Web Services errors have been fixed.

• Administration Server of the Service Pack 3 version can be connected to through Administration Console of the Service Pack 2 Maintenance Release 1 version, or earlier.
• During Kaspersky Security Center installation with the "Install packages for mobile device support" component selected, the default installation package for mobile devices is named "Kaspersky Security 10 for Mobile".
• During concurrent installation of Kaspersky Security Center 10 with the Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition and Kaspersky Endpoint Security 8 for Linux plug-ins, the operating system may be restarted in certain cases. This problem is encountered in Microsoft Windows 10 Pro RS2, Microsoft Windows 10 Enterprise RS2, and Microsoft Windows 10 Education RS2. However, Kaspersky Security Center 10 installation completes successfully.