Kaspersky Endpoint Security for Mac

1. Start Administration Console of Kaspersky Security Center.
2. Expand the Administration Server <Server name> node.
3. In the console tree, select the Managed devices node.
4. Select the administration group that contains the required client computer.
5. In the workspace, select the Policies tab and click the Create a policy button.

   The New Policy Wizard opens.

6. Follow the steps of the New Policy Wizard to create a policy.

1. Start Administration Console of Kaspersky Security Center.
2. Expand the Administration Server <Server name> node.
3. In the console tree, select the Policies folder and click the Create a policy button.

   The New Policy Wizard opens.

4. Follow the steps of the New Policy Wizard to create a policy.

In the Select the application for which you want to create a group policy window, in the list of applications, select Kaspersky Endpoint Security 10 Service Pack 2 Maintenance Release 1 for Mac.

1. In the Enter a group policy name window, in the Name field, specify the name of the policy that you are creating. The name can't contain the following symbols: “ * < : > ? \ |.
2. Select the Use settings from policy for previous version of application checkbox if you want to import the settings from an existing Kaspersky Endpoint Security policy to a new policy.

In the Protection window, configure the following settings if necessary:

• Configure protection settings for the operating system on the client computer.
• Configure Trusted Zone.
• Select types of objects to be detected.
• Disable or enable the start of scheduled tasks when the computer is running on battery power.

In the File Anti-Virus window, do the following if necessary:

• Enable or disable File Anti-Virus.

  By default, File Anti-Virus is enabled.

• Select a security level.

  By default, the security level recommended by Kaspersky Lab is selected.

• Select actions to be performed upon detecting a malicious object.

In the Web Anti-Virus window, do the following if necessary:

• Enable or disable Web Anti-Virus.

  By default, Web Anti-Virus is enabled.

• Select a security level.

  By default, the security level recommended by Kaspersky Lab is selected.

• Select the action to be performed upon detecting a malicious object in web traffic.
• Enable or disable scanning of inbound and outbound HTTPS traffic.

In the Network Attack Blocker window, do the following if necessary:

• Enable or disable Network Attack Blocker.

  By default, Network Attack Blocker is enabled.

• Configure Network Attack Blocker settings.

1. In the FileVault Disk Encryption window, enable or disable FileVault encryption management for a user's startup disk.
2. Choose the Encrypt disk option, if you want to encrypt user's startup disk when the policy is applied to a client computer.

By default, the FileVault encryption is disabled.

If the Enable FileVault disk encryption management checkbox is unselected, users with administrator rights can encrypt and decrypt their Mac startup disks from System Preferences.

If the Enable FileVault disk encryption management checkbox and the Encrypt disk option are selected, users with administrator rights can't decrypt the startup disk of their Mac from System Preferences.

If the Enable FileVault disk encryption management checkbox and the Decrypt disk option are selected, users with administrator rights can't encrypt the startup disk of their Mac from System Preferences.

In the Update window, do the following if necessary:

• Enable or disable updating application modules.
• Enable or disable copying of update files to a specific folder.
• Specify the folder to which the application will copy update files.
• Specify update sources.

In the KSN window, do the following if necessary:

• Read the full text of the Kaspersky Security Network Statement by clicking the KSN Statement button.
• Enable or disable the use of Kaspersky Security Network.
• Enable or disable extended KSN mode.
• Enable or disable the use of KSN proxy.

When you choose to participate in Kaspersky Security Network in a policy settings, Kaspersky Endpoint Security statistics from client computers to which the policy is applied are automatically sent to Kaspersky Lab to enhance protection of these computers.

Note: Kaspersky Lab doesn't collect, process, or store any personal data without your explicit consent.

After the policy is deleted or made inactive, KSN settings on a client computer return to the original state.

In the User Interaction window, configure the settings of Kaspersky Endpoint Security interaction with the user of the client computer if necessary.

In the Network window, configure the connection to a proxy server if necessary.

In the Reports window, do the following if necessary:

• Configure settings for generating and storing reports.
• Configure settings for storing objects in Backup.

In the Create the group policy for the application window, do the following:

1. Select the status that will be assigned to the policy:
   • Active policy: the policy is applied to the selected administration group.
   • Inactive policy: the policy is not applied.
   • Out-of-office policy: the policy is applied to the selected administration group when the computers are disconnected from the corporate network.

   Note: You can create multiple policies for an application in an administration group, but only one of them can be active.

   For detailed information about policy statuses, see Kaspersky Security Center Help.

2. Select the Open policy properties immediately after they are created checkbox if you want to review the policy settings after the policy is created.
3. Click Finish to close the New Policy Wizard.

   The policy that you have created appears on the Policies tab in the workspace of the relevant administration group. The policy is applied to client computers after their first synchronization with Administration Server.