About device statuses

Kaspersky Security Center assigns a status to each managed device. The particular status
depends on whether the conditions defined by the user are met. In some cases, when assigning a
status to a device, Kaspersky Security Center takes into consideration the device's visibility flag
on the network (see the table below). If Kaspersky Security Center does not find a device on the
network within two hours, the visibility flag of the device is set to Not Visible.

The statuses are the following:

 Critical or Critical / Visible

 Warning or Warning / Visible
 OK or OK / Visible

The table below lists the default conditions that must be met to assign the Critical or Warning
status to a device, with all possible values.

Conditions for assigning a status to a device

Condition Condition description Available values

Security application is not Network Agent is installed on  Toggle button is on.
installed the device, but a security  Toggle button is off.
application is not installed.
Too many viruses detected Some viruses have been found More than 0.
on the device by a task for virus
detection, for example, the
Virus scan task, and the number
of viruses found exceeds the
specified value.
Real-time protection level differs The device is visible on the  Stopped.
from the level set by the network, but the real-time  Paused.
Administrator protection level differs from the  Running.
level set (in the condition) by
the administrator for the device
status.
Virus scan has not been The device is visible on the More than 1 day.
performed in a long time network and a security
application is installed on the
device, but neither the Malware
scan task nor a local scan task
has been run within the
specified time interval. The
condition is applicable only to
devices that were added to the
Administration Server database
 7 days ago or earlier.
Databases are outdated The device is visible on the More than 1 day.
network and a security
application is installed on the
device, but the anti-virus
databases have not been updated
on this device within the
specified time interval. The
condition is applicable only to
devices that were added to the
Administration Server database
1 day ago or earlier.
Not connected in a long time Network Agent is installed on More than 1 day.
the device, but the device has
not connected to an
Administration Server within
the specified time interval,
because the device was turned
off.
Active threats are detected The number of unprocessed More than 0 items.
objects in the ACTIVE
THREATS folder exceeds the
specified value.
Restart is required The device is visible on the More than 0 minutes.
network, but an application
requires the device restart
longer than the specified time
interval and for one of the
selected reasons.
Incompatible applications are The device is visible on the  Toggle button is off.
installed network, but software inventory  Toggle button is on.
performed through Network
Agent has detected
incompatible applications
installed on the device.
Software vulnerabilities have The device is visible on the  Critical.
been detected network and Network Agent is  High.
installed on the device, but the  Medium.
Find vulnerabilities and  Ignore if the vulnerability
required updates task has cannot be fixed.
detected vulnerabilities with the  Ignore if an update is
specified severity level in assigned for installation.
applications installed on the
device.
License expired The device is visible on the  Toggle button is off.
network, but the license has  Toggle button is on.
expired.
License expires soon The device is visible on the More than 0 days.
network, but the license will
expire on the device in less than
the specified number of days.
Check for Windows Update The device is visible on the More than 1 day.
updates has not been performed network, but the Perform
in a long time Windows Update
synchronization task has not
been run within the specified
time interval.
Invalid encryption status Network Agent is installed on  Does not comply with the
the device, but the device policy due to the user's
encryption result is equal to the refusal (for external
specified value. devices only).
 Does not comply with the
policy due to an error.
 Restart is required when
applying the policy.
 No encryption policy is
specified.
 Not supported.
 When applying the policy.

Mobile device settings do not The mobile device settings are  Toggle button is off.
comply with the policy other than the settings that were  Toggle button is on.
specified in the Kaspersky
Endpoint Security for Android
policy during the check of
compliance rules.
Unprocessed incidents detected Some unprocessed incidents  Toggle button is off.
have been found on the device.  Toggle button is on.
Incidents can be created either
automatically, through managed
Kaspersky applications installed
on the client device, or
manually by the administrator.
Device status defined by The status of the device is  Toggle button is off.
application defined by the managed  Toggle button is on.
application.
Device is out of disk space Free disk space on the device is More than 0 MB.
less than the specified value or
 the device could not be
synchronized with the
Administration Server. The
Critical or Warning status is
changed to the OK status when
the device is successfully
synchronized with the
Administration Server and free
space on the device is greater
than or equal to the specified
value.
Device has become unmanaged During device discovery, the  Toggle button is off.
device was recognized as visible  Toggle button is on.
on the network, but more than
three attempts to synchronize
with the Administration Server
failed.
Protection is disabled The device is visible on the More than 0 minutes.
network, but the security
application on the device has
been disabled for longer than
the specified time interval.

In this case, the state of the

security application is stopped
or failure, and differs from the
following: starting, running, or
suspended.
Security application is not The device is visible on the  Toggle button is off.
running network and a security  Toggle button is on.
application is installed on the
device but is not running.

Kaspersky Security Center allows you to set up automatic switching of the status of a device in
an administration group when specified conditions are met. When specified conditions are met,
the client device is assigned one of the following statuses: Critical or Warning. When specified
conditions are not met, the client device is assigned the OK status.

Different statuses may correspond to different values of one condition. For example, by default,
if the Databases are outdated condition has the More than 3 days value, the client device is
assigned the Warning status; if the value is More than 7 days, the Critical status is assigned.

If you upgrade the Kaspersky Security Center from the previous version, the values of the
Databases are outdated condition for assigning the status to Critical or Warning do not change.
When Kaspersky Security Center assigns a status to a device, for some conditions (see the
Condition description column) the visibility flag is taken into consideration. For example, if a
managed device was assigned the Critical status because the Databases are outdated condition
was met, and later the visibility flag was set for the device, then the device is assigned the OK
status.