Contents
Managing policies of Kaspersky Endpoint Agent for Linux
This section provides instructions for creating a policy for Kaspersky Endpoint Agent for Linux and enabling options in the policy using Kaspersky Security Center Administration Console.
Instructions in this section apply only to Kaspersky Endpoint Agent for Linux.
Creating a policy for Kaspersky Endpoint Agent for Linux
To create a policy for Kaspersky Endpoint Agent in Kaspersky Security Center:
- Open the Kaspersky Security Center Administration Console.
- In the console tree, open the Policies folder.
- Click Create policy.
The New Policy Wizard starts.
- In the Enter group policy name, window, enter the name that will be used to display the new policy in the list of policies.
- In the Select policy type, select a Kaspersky Endpoint Agent deployment mode by selecting the Endpoint Detection and Response Expert (KATA EDR) check box.
- Click Next.
- Do one of the following in all settings windows that are displayed in sequence:
- To configure application settings from the displayed sections when creating the policy:
- Click Configure next to the name of the section.
- This opens a window; in that window, modify the relevant settings and click OK.
- Click Next.
- To edit application settings in the displayed sections later, click Next.
Application configuration involves the following steps:
- Configuring general proxy server settings.
- Configuring the integration of Kaspersky Endpoint Agent with KATA Central Node.
- To configure application settings from the displayed sections when creating the policy:
- In the Target group window, select the Kaspersky Security Center administration group that the new policy must affect:
- Click Browse.
This opens the administration group selection window.
- Select an administration group from the list.
For example, you can select the Managed devices group.
- If you want to create a device subgroup in the Managed devices group:
- Click New group.
- This opens a window; in that window, enter the name of the device subgroup.
- Click OK.
- Click Next.
- Click Browse.
- In the Create group policy for the program select one of the following policy states:
- Active policy to activate the policy immediately after creation.
- Inactive policy to activate the policy later.
- Select the Open policy properties immediately after creation if you need to perform additional configuration of the policy right after it is created.
- Click Finish.
The policy that you created appears in the list of politics.
Enabling options in the policy of Kaspersky Endpoint Agent for Linux
When configuring default settings of a Kaspersky Endpoint Agent policy, setting values are saved but not applied until you enable them.
You can enable settings by enabling groups in which the settings reside. In one policy you can enable some groups of settings or all groups of settings.
To enable a group of settings in the Kaspersky Endpoint Agent policy:
- Open the Kaspersky Security Center Administration Console.
- In the console tree, open the Policies folder.
- Select a policy for Kaspersky Endpoint Agent and open its settings window in one of the following ways:
- Double-click on the name of the policy.
- In the context menu of the policy, select Properties.
- In the opened window, select the Application settings tab.
- Select the Other settings subsection.
- Select one of the following options for using a proxy server:
- Do not use proxy server.
- Use proxy server with specified settings.
If you selected Use proxy server with specified settings, in the Server name or IP address and Port, enter the address and port of the proxy server to which you want to connect. Port 8080 is used by default.
Kaspersky Endpoint Agent does not encrypt the connection with the proxy server. You must take steps to make sure the network connection between your proxy server and Kaspersky Endpoint Agent is secure.
If you want to use NTLM authentication when connecting to the proxy server:
- Select the Use NTLM authentication by user name and password.
- In the User name field, enter the name of the user whose account will be used for authorization at the proxy server.
- In the Password field, enter the password to obtain connection to the proxy server.
To reveal password characters, click Show to the right of the Password field.
If you do not want to use the proxy server for addresses internal to the organization, select the Bypass proxy server for local addresses check box.
- Click Apply.
- Select the KATA integration section.
- Go to the General Settings subsection.
- In the Data transmission settings group, set the Under policy toggle switch to active.
- In the Event transmission period (sec.) field, type 30.
- In the Event limit per one package, type 1024.
- In the Throttling settings group, set the Under policy toggle switch to active.
- Select the Enable throttling check box.
- Enter the maximum number of events per hour and the percentage value for events exceeding the limit.
- Go to the KATA integration settings subsection.
- In the Connection settings group, move the Enforce toggle switch to active.
- Select the Enable KATA integration check box.
- Enter the address and port of the KATA server in the Address and Port fields.
- Select the Use pinned certificate to secure connection check box.
- Click Add new TLS certificate.
- In the opened window, click Upload and select the server certificate file to set up a secure connection or enter certificate data in the field.
- Click Add.
- Click Add client certificate.
- In the opened window, select the Secure with client certificate check box.
- Click Upload and select a client certificate file to set up a secure connection.
- In the Cryptographic container password field, enter the password of the client certificate to set up a secure connection.
- Select the Apply TTL period for events transmission.
- In the TTL period (min.) field, enter the interval for sending synchronization requests.
- Click Apply.
- Click OK.
Policy settings required by Kaspersky Endpoint Agent are enabled.
Page top