Deploy Kaspersky Endpoint Security Cloud with PowerShell

I had to deploy Kaspersky Endpoint Security Cloud to replace a standard Kaspersky Enpoint Security architecture. To do so I've used Microsoft psexec tool and a PowerShell script.

Network share

We need a network share (accessible by all) where we will put KESC.exe and the deploy.bat batch script in.

Batch Script

The batch script will record up to two registry keys. It will allow to run KESC.exe -s up to twice in order to : first uninstall Kasperky Network Agent and then install Kaspersky Endpoint Security Cloud. (source : https://support.kaspersky.com/13693).

Instructions

Modify the first two lines depending on your infrastructure.

deploy.bat

ECHO ON
set SHARE_PATH=\\SRV-DATA\share
set PACKAGE_NAME=KESC.exe
set __KESCLOUD_ROOT_KEY="HKLM\Software\KasperskyLab\KESCloud"
set __KESCLOUD_KEY_NAME="AutoPackageInstalled"
set __KESCLOUD_PACKAGE_FULL_PATH="%SHARE_PATH%\%PACKAGE_NAME%"
set __KESCLOUD_PACKAGE_ARGUMENTS=-s

:REM if HKLM\Software\KasperskyLab missing, create Key
REG QUERY HKLM\Software\KasperskyLab
IF %ERRORLEVEL% == 1 REG ADD HKLM\Software\KasperskyLab

:REM If HKLM\Software\KasperskyLab\KESCloud\NetAgent DWORD equal to 1 KESC switch else go to NETAGENT switch
REG QUERY HKLM\Software\KasperskyLab\KESCloud /v NetAgent | FIND "0x1"
IF %ERRORLEVEL% == 1 GOTO NETAGENT
GOTO KESC
:NETAGENT
REG ADD HKLM\Software\KasperskyLab\KESCloud /v NetAgent /t REG_DWORD /f /D 1
%__KESCLOUD_PACKAGE_FULL_PATH% %__KESCLOUD_PACKAGE_ARGUMENTS%
GOTO KESC

:KESC
REG QUERY %__KESCLOUD_ROOT_KEY% /v %__KESCLOUD_KEY_NAME% | FIND "0x1"
IF %ERRORLEVEL% == 1 GOTO INSTALL
GOTO END
:INSTALL
REG ADD %__KESCLOUD_ROOT_KEY% /v %__KESCLOUD_KEY_NAME% /t REG_DWORD /f /D 1
%__KESCLOUD_PACKAGE_FULL_PATH% %__KESCLOUD_PACKAGE_ARGUMENTS%
:END

PowerShell Script

Now, the PowerShell script. We just have to set the following variables :

###########################
# author : shebangthedolphins.net
# version : 1.1
# date : 2018.02
# role : deploy Kaspersky Endpoint Security Cloud
# other : launch it with domain admin user rights.
# updates :
#       - 1.0 (2018/02) : First version    
#       - 1.1 (2020/09) : Add variables and comments

#VARIABLES
$computers = New-Object System.Collections.ArrayList
[void] $computers.AddRange( ("COMPUTER15","COMPUTER85","COMPUTER86","COMPUTER98","COMPUTER16","COMPUTER19"))
$domain = shebangthedolphins.net
$user = administrator
$password = Mypassword
$share = \\SRV-DATA\share\
$psexec = "c:\Users\std\psexec.exe"

Foreach ($computer in $computers)
{
    Write-Host "Work on $computer"
    ping -n 1 "$computer" | findstr "TTL" #check if computer is available
    if ($LASTEXITCODE -eq '0') #if yes, let's start deployment
    {
	 & "$psexec" "/accepteula" "\\$computer" "-u" "$domain\$user" "-p" "$password" "$share\deploy.bat"
    }
    else
    {
	    write-host "$computer cannot be reached"
    }
} 
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Contact :