Configuring TLS encryption of connections with a mail server via SMTP
If you are using the distributed solution and multitenancy mode, use the web interface of the PCN or SCN server for which you want to configure parameters.
Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.
Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).
To configure TLS encryption of connections with the mail server over SMTP:
Select the Sensor servers section in the window of the program web interface.
The Server list table will be displayed.
Select the Sensor component for which you want to configure TLS encryption of connections with the mail server over the SMTP protocol.
This opens the Sensor component settings page.
Select the SMTP integration section.
In the State field, set the toggle switch to Enabled if it is disabled.
In the Client TLS security level section, select one of the following options:
No TLS encryption.
The program will not employ TLS encryption of connections with a mail server.
Attempt TLS encryption for incoming messages.
The program will support TLS encryption of the connection, but encryption will not be mandatory.
Require TLS encryption for incoming messages.
The program will receive messages only over encrypted channels.
Click the Download TLS certificate button to save the TLS certificate of the server with the Sensor component on the computer in the browser's downloads folder.
This certificate is required for authentication on the mail server.
In the Requesting Client TLS certificate section, select one of the following options:
Do not request.
The program will not verify the TLS certificate of the mail server.
Request.
The program will request a TLS certificate from the mail server, if one is available.
Require.
The program will receive messages only from those mail servers that have a TLS certificate.
Import the TLS certificate of the mail server that will be used for authentication when establishing a connection with the Sensor component. To do so:
Click the Upload TLS certificate button.
This opens the file selection window.
Select the certificate file with the PEM extension and click the Open button.
Click Apply.
TLS encryption of connections with the mail server over the SMTP protocol will be configured.