Configuring trusted connection with Kaspersky Industrial CyberSecurity for Networks

To configure trusted connection between Kaspersky Endpoint Agent and Kaspersky Industrial CyberSecurity for Networks, perform the following actions on Kaspersky Endpoint Agent side:

1. Expand the Managed devices node in the Kaspersky Security Center Administration Console tree.
2. Select the administration group for which you want to configure application settings.
3. Perform one of the following actions in the details pane of the selected administration group:
   • To configure application settings for a group of protected devices, select the Policies tab and open the Properties: <Policy name> window.
     1. In the tree of Kaspersky Security Center Administration Console, expand the Managed devices node.
     2. Expand the administration group whose policy settings you want to configure, and select the Policies tab in the results pane.
     3. Select the policy you want to configure.
     4. Open the Properties: <Policy name> window in one of the following ways:
        • Select the Properties option in the context menu of the policy.
        • Click the Configure policy settings link in the results pane of the selected policy.
        • Double-click the required policy.

        The Properties: <Policy name> window opens.

   • To configure the settings of a task or application for an individual protected device, select the Devices tab and go to the settings of a local task or the application settings.
4. In the KATA integration section select the KICS for Networks subsection.
5. In the Connection settings group of settings, select the Use trusted connection check box.
6. Click the Add new TLS certificate button.

   The Adding new TLS certificate window will open.

7. Perform one of the following actions to add a TLS certificate:
   • Add a certificate file. Click Browse, and in the window that opens, select the certificate file and click Open.
   • Copy and paste the contents of the certificate file to the Paste TLS certificate data field.

   Kaspersky Endpoint Agent may only have one TLS certificate for the Kaspersky Industrial CyberSecurity for Networks server. If you have added a TLS certificate before and then add a TLS certificate once again, only the last added certificate is valid.

8. Click Add.

   Information about the added TLS certificate is shown in the TLS certificate data group of settings.

9. If you want to configure additional connection protection by a user certificate, click the Advanced connection protection button.
10. In the Advanced connection protection window that opens, do the following:
    1. Select the Secure connection with the client certificate check box.
    2. Click the Upload button and in the window that opens select the PFX archive and click Open.
    3. Enter the password for the PFX archive.
    4. Click OK.
11. In the upper right corner of the settings group, change the switch from Unaffected by policy to Under policy.
12. Click OK.

The trusted connection to Kaspersky Industrial CyberSecurity for Networks server is now configured.

See also Enabling integration with Kaspersky Industrial CyberSecurity for Networks Configuring synchronization settings between Kaspersky Endpoint Agent and Kaspersky Industrial CyberSecurity for Networks About integration with Kaspersky Anti Targeted Attack Platform

Page top