Configuring trusted connection with Kaspersky Industrial CyberSecurity for Networks
This Help provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.
To configure trusted connection between Kaspersky Endpoint Agent and Kaspersky Industrial CyberSecurity for Networks, perform the following actions on Kaspersky Endpoint Agent side:
Open Kaspersky Security Center Administration Console.
In the console tree, open the Policies folder.
Select Kaspersky Endpoint Agent policy and open its properties window in one of the following ways:
Double-click the policy name.
Select Properties in the policy context menu.
Select the Configure policy settings item in the right part of the window.
In the Telemetry receipt servers section, select the KICS for Networks subsection.
In the Connection settings group, select the Use pinned certificate to protect connection check box.
Click the Add new TLS certificate button.
The Adding new TLS certificate window opens.
Perform one of the following actions to add a TLS certificate:
Add a certificate file. Click Browse, and in the window that opens, select the certificate file and click Open.
Copy and paste the contents of the certificate file to the Paste TLS certificate data field.
Kaspersky Endpoint Agent may have only one TLS certificate for the Kaspersky Industrial CyberSecurity for Networks server. If you have added a TLS certificate before and then add a TLS certificate once again, only the last added certificate is valid.
Click the Add button.
Information about the added TLS certificate is shown in the TLS certificate data group of settings.
If you want to configure additional connection protection by a user certificate, click the Add client certificate button.
In the Add client certificate window that opens, do the following:
Select the Secure connection with the client certificate check box.
Click the Upload button and in the window that opens select the PFX archive and click Open.
Enter the password for the PFX archive.
Click OK.
In the upper right corner of the settings group, change the switch from Unaffected by policy to Under policy.
Click OK.
Trusted connection to Kaspersky Industrial CyberSecurity for Networks server is configured.