- Kaspersky Endpoint Agent Help
- Kaspersky Endpoint Agent
- Installing and uninstalling Kaspersky Endpoint Agent
- Preparing for Kaspersky Endpoint Agent installation
- Installing Kaspersky Endpoint Agent
- Installing and uninstalling Kaspersky Endpoint Agent locally
- Installing Kaspersky Endpoint Agent using Kaspersky Security Center
- Installing Kaspersky Endpoint Agent administration tools
- Updating Kaspersky Endpoint Agent from the previous version
- Repairing Kaspersky Endpoint Agent
- Changes in the system after Kaspersky Endpoint Agent installation
- Application licensing
- Kaspersky Endpoint Agent application data
- Service data
- Data on events in Windows Event Log
- Data in requests to Kaspersky Sandbox
- Data provided when using the activation code
- Data received as a result of IOC Scan task execution
- Data in YARA Scan results
- Data in requests to the KATA Central Node component
- Data in requests to Kaspersky Industrial CyberSecurity for Networks server
- Data for creating a threat development chain
- Providing extended Kaspersky Endpoint Agent diagnostic information to Technical Support specialists
- Data in trace and dump files
- Data on acceptance of the terms of KSN Statement
- Network isolation
- Execution prevention
- IOC Scan
- YARA scan
- Security audit
- Working with incident card
- About the EDR notifications widget
- About Kaspersky Endpoint Detection and Response Optimum
- About integration with Kaspersky Anti Targeted Attack Platform
- About integration with Kaspersky Managed Detection and Response
- About integration with Kaspersky Sandbox
- About integration with Kaspersky Industrial CyberSecurity for Networks
- Managing Kaspersky Endpoint Agent using Kaspersky Security Center Administration Console
- Managing Kaspersky Endpoint Agent policies
- Configuring Kaspersky Endpoint Agent settings
- Opening Kaspersky Endpoint Agent settings window
- Configuring Kaspersky Endpoint Agent security settings
- Configuring Kaspersky Endpoint Agent connection settings to a proxy server
- Configuring Kaspersky Security Center as a proxy server for Kaspersky Endpoint Agent activation
- Configure network isolation settings
- Configuring KSN usage in Kaspersky Endpoint Agent
- Configuring the integration of Kaspersky Endpoint Agent with Kaspersky Sandbox
- Enabling and disabling integration with Kaspersky Sandbox
- Configuring trusted connection between Kaspersky Sandbox and Kaspersky Endpoint Agent
- Configuring the response timeout of Kaspersky Sandbox and request queue settings
- Adding Kaspersky Sandbox servers to Kaspersky Endpoint Agent list
- Configuring Threat Response actions of Kaspersky Endpoint Agent to respond to threats detected by Kaspersky Sandbox
- Enabling and disabling Threat Response actions
- Adding Threat Response actions to the action list of the current policy
- Configuring authentication on the Administration Server for Autonomous IOC Scan tasks
- Device protection from legitimate applications that can be used by cybercriminals
- Configuring start of Autonomous IOC Scan tasks
- Configuring integration between Kaspersky Endpoint Agent and KATA Central Node
- Configuring integration between Kaspersky Endpoint Agent and Kaspersky Industrial CyberSecurity for Networks
- Enabling integration with Kaspersky Industrial CyberSecurity for Networks
- Configuring trusted connection with Kaspersky Industrial CyberSecurity for Networks
- Configuring synchronization settings between Kaspersky Endpoint Agent and Kaspersky Industrial CyberSecurity for Networks
- Configuring data submission settings
- Configuring integration between Kaspersky Endpoint Agent and Kaspersky Managed Detection and Response
- Configuring EDR telemetry settings
- Configuring storage settings in Kaspersky Endpoint Agent
- Configuring failure diagnosis
- Managing Kaspersky Endpoint Agent tasks
- Creating a local task
- Creating a group task
- Viewing the table of tasks
- Deleting a task from the list
- Starting tasks manually
- Starting tasks by schedule
- Viewing task execution results
- Configuring the storage time for the task execution results on the Administration Server
- Creating Kaspersky Endpoint Agent activation task
- Managing Kaspersky Endpoint Agent database and module update tasks
- Managing IOC Scan tasks in Kaspersky Endpoint Agent
- Managing the application using Kaspersky Security Center Web Console and Kaspersky Security Center Cloud Console
- Managing Kaspersky Endpoint Agent policies
- Configuring Kaspersky Endpoint Agent settings
- Opening Kaspersky Endpoint Agent settings window
- Configuring Kaspersky Endpoint Agent security settings
- Configuring Kaspersky Endpoint Agent connection settings to a proxy server
- Configuring Kaspersky Security Center as a proxy server for Kaspersky Endpoint Agent activation
- Configure network isolation settings
- Configuring Kaspersky Endpoint Agent policy type
- Configuring KSN usage in Kaspersky Endpoint Agent
- Configuring the integration of Kaspersky Endpoint Agent with Kaspersky Sandbox
- Enabling and disabling integration with Kaspersky Sandbox
- Configuring trusted connection on Kaspersky Endpoint Agent side
- Adding Kaspersky Sandbox servers to Kaspersky Endpoint Agent list
- Configuring the response timeout of Kaspersky Sandbox and request queue settings
- Configuring Threat Response actions of Kaspersky Endpoint Agent to respond to threats detected by Kaspersky Sandbox
- Enabling detection of legitimate applications that can be used by cybercriminals
- Configuring IOC Scan tasks start
- Configuring integration between Kaspersky Endpoint Agent and KATA Central Node
- Configuring integration between Kaspersky Endpoint Agent and Kaspersky Industrial CyberSecurity for Networks
- Enabling integration with Kaspersky Industrial CyberSecurity for Networks
- Configuring trusted connection with Kaspersky Industrial CyberSecurity for Networks
- Configuring synchronization settings between Kaspersky Endpoint Agent and Kaspersky Industrial CyberSecurity for Networks
- Configuring data submission settings
- Configuring integration between Kaspersky Endpoint Agent and Kaspersky Managed Detection and Response
- Configuring EDR telemetry settings
- Configuring Execution prevention settings
- Configuring storage settings in Kaspersky Endpoint Agent
- Configuring failure diagnosis
- Managing Kaspersky Endpoint Agent tasks
- Creating tasks
- Viewing the table of tasks
- Deleting a task from the list
- Configuring task schedule settings
- Starting tasks manually
- Viewing task execution results
- Configuring the storage time for the task execution results on the Administration Server
- Creating Kaspersky Endpoint Agent activation tasks
- Configuring Database and application module update task
- Managing Standard IOC Scan tasks
- Managing Security Audit tasks
- Creating the Security Audit task with the default settings
- Configuring Security Audit task settings using the Kaspersky ICS CERT vulnerabilities database for SCADA
- Configuring Security Audit task settings using a security and standards compliance configuration
- Configuring Security Audit task settings using a custom rule database from the Kaspersky Security Center repository
- Configuring the Security Audit task settings using a custom database from file
- Viewing the Security Audit task execution results
- Exporting the Security Audit task execution results to a separate file
- Configuring the Quarantine file task
- Configuring the Delete file task
- Configuring the Run process task
- Configuring the Terminate process task
- Managing Kaspersky Endpoint Agent using the command line interface
- Managing Kaspersky Endpoint Agent activation
- Managing Kaspersky Endpoint Agent authentication
- Configuring tracing
- Configuring creating a dump of Kaspersky Endpoint Agent processes
- Viewing information about quarantine settings and quarantined objects
- Actions on quarantined objects
- Managing Kaspersky Sandbox integration settings
- Managing integration settings with KATA Central Node component
- Managing integration settings with Kaspersky Industrial CyberSecurity for Networks
- Running Kaspersky Endpoint Agent database and module update
- Starting, stopping and viewing the current application status
- Protecting the application with password
- Protecting application services with PPL technology
- Managing self-defense settings
- Managing event filtering
- Managing network isolation
- Managing Standard IOC Scan tasks
- Configuring and launching the Security Audit task
- Creating a thumbprint for the certificate for signing files with OVAL or XCCDF rules
- Creating a Kaspersky Security Center installation package with custom OVAL or XCCDF rules
- Managing scanning of files and processes according to YARA rules
- Managing scanning of autorun point objects according to YARA rules
- Managing Execution prevention
- Creating a memory dump
- Creating a disk dump
- Contact Technical Support
- Glossary
- Information about third-party code
- Trademark notices
Managing the application using Kaspersky Security Center Web Console and Kaspersky Security Center Cloud Console > Managing Kaspersky Endpoint Agent policies > Creating Kaspersky Endpoint Agent policy
Creating Kaspersky Endpoint Agent policy
Creating Kaspersky Endpoint Agent policy
This section provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.
To create a Kaspersky Endpoint Agent policy in the Kaspersky Security Center Web Console:
- In the main window, select Devices → Policies and profiles.
- Click the Add button.
The policy creation wizard starts.
- Select the Kaspersky Endpoint Agent application and click Next.
- Select the required Kaspersky Endpoint Agent deployment method by selecting the appropriate check boxes:
- Kaspersky Sandbox integration;
- Endpoint Detection and Response Optimum
- Endpoint Detection and Response Expert (KATA EDR), Kaspersky Industrial CyberSecurity for Networks
Policy type and integration with Kaspersky Sandbox and KATA EDR cannot be selected in Kaspersky Security Center Cloud Console.
- Click Next.
- On the General tab, you can perform the following actions:
- Change the policy name.
- Select policy status:
- Active. After the next synchronization, the policy will be active on the computer.
- Inactive. Backup policy. An inactive policy can be made active, if required.
- Out-of-office. The policy will become active when the computer leaves the corporate network.
- Configure the policy settings inheritance:
- Inherit settings from parent policy. If this option is enabled, the policy settings will be inherited from the upper-level policy. The policy settings cannot be modified if the Force inheritance of settings in child policies option is enabled in the parent policy.
- Force inheritance of settings in child policies. If this option is enabled, the parent policy settings will be applied to child policies. In the properties window of the child policy, the Inherit settings from parent policy option is automatically enabled and cannot be disabled.
- On the Application settings tab, you can configure Kaspersky Endpoint Agent policy settings.
- Click the Save button.
Article ID: 200417, Last review: Dec 13, 2022