Press ESC to close

Maintaining an active license is the foundation of network security. For administrators managing corporate environments, using a key file is often the preferred method for activation, especially in offline or air-gapped scenarios.

This guide outlines how to obtain, update, and deploy a Kaspersky Endpoint Security (KES) key file across your managed infrastructure. 1. Obtaining Your Kaspersky Key File

If you have an activation code (20-character string), you must first convert it into a .key file format.

Visit the KORM KeyFile page: Go to the Kaspersky KeyFile portal.

Enter Credentials: Input your activation code and email address.

Download: You will receive a .zip archive via email containing the .key file and a compatibility list. 2. Adding the Key to Kaspersky Security Center (KSC)

To update multiple endpoints at once, the new key file should first be added to the Administration Server’s repository.

Open KSC: Navigate to Kaspersky Lab licenses under application management. Add Key: Click Add a key and select Add using key file. Browse: Locate the .key file you downloaded earlier.

Automatic Deployment: Check the box for "Automatically deploy key to managed devices" to simplify the rollout. 3. Updating Endpoints: The Activation Task

If you did not choose automatic deployment, or if specific machines failed to update, you must create a manual activation task.

Create Task: In the Tasks section, create a new task and select Activate application.

Select License: Choose the newly added license from the repository.

Add as Reserve Key: If your current license is still active, select Add as reserve key. This ensures the new key takes over the moment the old one expires without leaving the system unprotected.

Assign Devices: Select the target workstations or groups and run the task. 4. Local Updates on a Single Workstation

For standalone machines not managed by a central console, you can update the key file directly through the local interface. Renewing a license - Kaspersky Support

Step 1. Making sure that the computer meets installation requirements. Step 2. Welcome page of the installation procedure. Step 3.

1) When to use a key file

Step-by-Step Visual Walkthrough (Text-Based)

For clarity, here is a text-based simulation of a successful "kaspersky endpoint security key file upd" via KSC:

[Admin] Downloads new_license.key from Kaspersky portal.
[Admin] Opens KSC console → Storage → Licenses.
[KSC] Shows old license: "KES Business (expires in 3 days)"
[Admin] Clicks "Add License" → selects new_license.key.
[KSC] Verifies digital signature → "Valid until Dec 31, 2026. 120 seats."
[Admin] Goes to Tasks → "Update License Task" → Change license to new entry.
[KSC] Task completes on 245 of 245 managed devices.
[Admin] Verifies: License Usage Report → Status = "Active" for all endpoints.

Total time: 4 minutes.

2. Set Up Email Alerts

Configure notifications in KSC → Events → License expiration to alert the IT team at 60, 30, and 7 days remaining. Never let a license lapse unexpectedly.

5. Security & Validation

3. Methods for Key File Update

📋 Prerequisites: Before You Begin

Before initiating the update, ensure you have the following:

  1. The New Key File: This is typically a .key file provided by your reseller or Kaspersky representative. In some cases, you may have an activation code (alphanumeric format) instead.
  2. Administrator Rights: You must have local admin rights on the endpoint or administrative rights within the Kaspersky Security Center.
  3. Compatibility Check: Ensure the key file is valid for the version of KES you are running. A key for KES 10 might not work seamlessly with KES 11 or 12 depending on the license type.

Step 4: Monitor the Update

2) Prerequisites