This Help provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.
To create a Kaspersky Endpoint Agent policy in Kaspersky Security Center:
Open Kaspersky Security Center Administration Console.
In the console tree, open the Policies folder.
Click Create a policy.
The policy creation wizard starts.
In the Enter group policy name window, perform the following actions:
Enter the name that will be used for the new policy in the policy list.
If you want to import the settings of an existing Kaspersky Endpoint Agent policy to a new policy, perform the following actions:
Select the Use the policy settings for previous application version check box.
Click Select and in the window that opens, select the policy whose settings you want to import.
Click OK.
Click Next.
In the New policy window, select one of the following options and click Next:
Create a new policy and configure its settings.
Create a new policy with default settings.
If you enabled the Use the policy settings for previous application version setting at the previous step, the Create a new policy and configure its settings option is selected by default, and the settings specified in the imported policy are displayed during the policy creation. In this case, the switch in the upper right corner of each section with the policy settings, that shows if the policy is applied, depends on the position of the switches in the groups of settings of the imported policy.
The switch is set to Under policy if the corresponding switch in the imported policy is also set to Under policy for all groups of settings that are included in the section.
The switch is set to Unaffected by policy if the corresponding switch in the imported policy is also set to Unaffected by policy for at least one group of settings that are included in the section.
In the Select policy type window, select the required Kaspersky Endpoint Agent deployment method:
Kaspersky Sandbox
Endpoint Detection and Response Expert (KATA EDR)
Click Next.
If you select the Create a new policy and configure its settings option, perform one of the following actions in all sequentially displayed settings windows:
To configure the application settings in displayed sections during the policy creation:
Click Configure next to the name of the required section.
In the window that opens, configure the required settings and click OK.
Click Next.
To configure the application settings in the displayed section later, click Next.
Configuration of the application settings consists of the following steps:
The composition of the steps depends on the type of policy selected at the previous step and may differ from the one described.
Configuring integration between Kaspersky Endpoint Agent and Kaspersky Sandbox.
Configuring integration between Kaspersky Endpoint Agent and the KATA Central Node component.
Configuring threat response settings.
Configuring application repositories.
Configuring application security settings.
Configuring general application settings.
In the Target group window, select Kaspersky Security Center administration group to which the created policy will be applied by performing the following steps:
Click Browse.
The administration group selection window opens.
Select the administration group from the list.
For example, you can select the Managed devices group.
If you want to create a subgroup in the Managed devices group:
Click New group.
In the window that opens, enter the name of the device subgroup.
Click OK.
Click Next.
In the Creating a group policy for the application window select one of the following policy statuses:
Active policy to activate the policy immediately after creation.
Inactive policy to activate the policy later.
Out-of-office. The policy becomes active when the computer leaves the corporate network.
Select the Open policy properties after creation check box, if you want to perform additional configuration of the policy immediately after creation.