Configuring the integration and trusted connection with Kaspersky Anti Targeted Attack Platform on the Kaspersky Endpoint Agent side
To configure integration with Kaspersky Anti Targeted Attack Platform on the Kaspersky Endpoint Agent side:
Open the KSC Console.
In the console tree, open the Policies folder.
In the Kaspersky Endpoint Agent policy section, select the required policy and double-click it to open its properties.
The properties of the selected policy are displayed.
In the KATA integration section, select the KATA integration settings subsection.
Select the Enable KATA integration check box.
In the Address field, enter the address of the Central Node server of the Kaspersky Anti Targeted Attack Platform program that you want to configure integration with, and select a port to use for the connection. Port 443 is used by default.
Select the Use pinned certificate to secure connection check box.
Click Add a TLS certificate....
This opens the Adding TLS certificate window.
To add a TLS certificate previously created on the Kaspersky Anti Targeted Attack Platform side and downloaded, do one of the following:
Add a certificate file. To do so, click Browse...; in the window that is displayed, select a certificate file and click Open.
Paste the content of the certificate file to the Paste TLS certificate data: field.
Kaspersky Endpoint Agent can store only one TLS certificate for the Kaspersky Anti Targeted Attack Platform server. If you have added a TLS certificate before and are adding a TLS certificate again, only the last added certificate is used.
If you have configured traffic redirection to the server with the Sensor component, you must download the TLS certificate of the Sensor server and then upload it here.
Click Add.
Information about the added TLS certificate is displayed in the section for integration with Kaspersky Anti Targeted Attack Platform.
Click Add client certificate....
In the window that is displayed, select the Secure with client certificate check box.
Click Download.
This opens the file selection window on your local computer.
In the Timeout period (sec.): field, enter the maximum response timeout of the Kaspersky Anti Targeted Attack Platform Central Node server in seconds.
In the Send sync request to KATA server every (min.) field, enter the period in minutes.
If you do not want Kaspersky Endpoint Agent to send information about repeated running of processes to the Kaspersky Anti Targeted Attack Platform server, select the Apply TTL period for events transmission check box. If the process is started after the next TTL period expires, Kaspersky Endpoint Agent does not consider this a repeated start of the process.
If you have set the "Apply TTL period for events transmission" check box, specify the time in the TTL period (min.) field.
Make sure the toggle switch in the upper right corner of the group of settings is in the Under policy position.
Click OK.
The integration with Kaspersky Anti Targeted Attack Platform on the Kaspersky Endpoint Agent side is configured.