Configuring the application

You can configure the application through the web interface of the Control node of the cluster. The new settings are automatically propagated to Secondary nodes.

The application configuration scenario consists of the following steps:

1. Configuring time and time zone synchronization
2. Configuring the connection to the proxy server

   Perform this step if the node does not have direct Internet access for activating the application, updating databases, and interacting with Kaspersky.

3. Application activation

   Activate KSMG using an activation code or, if you do not have Internet access, add a license key using a key file.

4. Configuring application database updates

   If you do not have Internet access, configure application database updates via an update source located in the local network.

5. Updating databases manually

   Wait for the update task to complete. Restart the operating system to apply the database update.

6. Configuring protection settings
7. Configuring Backup settings
8. Configuring participation in Kaspersky Security Network

   If you want to have access to Kaspersky Security Network reputation databases and other statistical data without sending data from your computers to Kaspersky Security Network, you can configure the use of Kaspersky Private Security Network.

9. Configuring integration with the KATA server

   Perform this step if the KATA application is deployed in your organization.

10. Configuring integration with an external directory service over LDAP
11. Configuring Single Sign-On (SSO) user authentication

    This step is required if you want personal and privileged users to use domain accounts.

12. Creating user accounts and roles

    Assign roles to users as necessary.

    If the 'helpdesk' account was used in the previous version of the application, create a role with similar permissions: viewing messages in Backup, delivering messages from Backup, managing addresses in personal allow and deny lists.

13. Configuring basic built-in MTA settings
14. Configuring TLS encryption for the built-in MTA
15. Adding domains and configuring routing
16. Configuring the DKIM signature
17. Configuring verification of recipient addresses
18. Configuring the application for personal users

    Configure personal user account settings, personal Backup settings, and the personal Backup digest schedule.

19. Migrating message processing rules and personal lists of users from the previous version of the application

    When upgrading the application from a previous version, you can export rules and personal lists of users from the old version, and then import them into the new version.

    To import settings, specify the path to the KSMG_settings.kz file obtained by exporting application settings from the previous version.

20. Configuring message processing rules

    You must perform this step if data for importing rules does not exist or if you need additional rules.

21. Configuring system log settings
22. Configuring the export of events to an external SIEM system
23. Configuring application monitoring using SNMP
24. Configuring email notifications about application events
25. Configuring application statistics report schedule settings