Configuring trusted connection on Kaspersky Endpoint Agent side

Expand all | Collapse all

This section provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.

You can configure a trusted connection between Kaspersky Sandbox and Kaspersky Endpoint Agent in the web interface of Kaspersky Sandbox server even when it is not included in the cluster.

If you have already merged servers into a cluster, remove the server from the cluster, then create a new cluster based on this server and add all the servers intended for Kaspersky Sandbox solution to the new cluster.

If the servers you need belong of another cluster, remove them from that cluster one by one and then add them to your cluster.

To configure a trusted connection on Kaspersky Endpoint Agent's side:

1. Do one of the following:
   • Open the application properties window for an individual device.
     1. In the main Kaspersky Security Center Web Console window select Devices → Managed devices.
     2. Select the device.
     3. In the <Device name> window that opens, select the Applications tab.
     4. Select Kaspersky Endpoint Agent.
     5. In the window that opens, select the Application settings tab.
   • Open the policy properties window.
     1. In the main Kaspersky Security Center Web Console window select Devices → Policies and profiles.
     2. Select the policy you want to configure.
     3. In the <Policy name> window that opens, select the Application settings tab.
2. In the Kaspersky Sandbox integration section select the Connection settings subsection.
3. In the Kaspersky Sandbox integration settings group of settings, select the Use pinned certificate to secure connection check box.
4. Click the Use trusted connection button.

   The Add new TLS certificate window will open.

5. Perform one of the following actions to add a TLS certificate created on Kaspersky Sandbox side:
   • Add a certificate file. Click Upload, and in the window that opens, select the certificate file and click Open.
   • Copy and paste the contents of the certificate file to the TLS certificate data field.

   Kaspersky Endpoint Agent may have only one TLS certificate of Kaspersky Sandbox server. If you have added a TLS certificate before and then add a TLS certificate once again, only the last added certificate is valid.

6. Click OK.

   Information about the added TLS certificate is displayed in the Kaspersky Sandbox integration settings group of settings.

7. If you configure the settings in the policy properties window, in the upper right corner of the group of settings, change the switch from Undefined to Enforce.
8. Click OK.
9. Click the Save button.

The trusted connection to Kaspersky Sandbox server has been configured.

See also Enabling and disabling integration with Kaspersky Sandbox Adding Kaspersky Sandbox servers to Kaspersky Endpoint Agent list Configuring the response timeout of Kaspersky Sandbox and request queue settings Configuring Threat Response actions of Kaspersky Endpoint Agent to respond to threats detected by Kaspersky Sandbox Enabling detection of legitimate applications that can be used by cybercriminals Configuring IOC Scan tasks start

Page top