Configuring creation of the threat development chain

To create a threat development chain the following prerequisites must be met.

You can configure the threat development chain for the objects detected on managed devices. The threat development chain is displayed on the incident card.

To configure a threat development chain:

1. Do one of the following:
   • Open the application properties window for an individual device.
     1. In the main Web Console window select Devices → Managed devices.
     2. Select the device.
     3. In the <Device name> window that opens, select the Applications tab.
     4. Select Kaspersky Endpoint Agent.
     5. In the window that opens, select the Application settings tab.
   • Open the policy properties window.
     1. In the main Web Console window select Devices → Policies and policy profiles.
     2. Select the policy you want to configure.
     3. In the <Policy name> window that opens, select the Application settings tab.
2. In the Repositories section select the Synchronization with Administration Server subsection.
3. In the Synchronization with Administration Server settings group of settings, select the Data about objects, quarantined on managed hosts check box.
4. If you configure the policy settings, in the upper right corner of the Synchronization with Administration Server settings group of settings, change the switch from Undefined to Forced.
5. Click OK.
6. Click the Save button.

Data synchronization with the Administration Server is configured.

See also About Kaspersky Endpoint Agent quarantine About quarantine management in Kaspersky Endpoint Agent Configuring quarantine settings and restoration of objects from quarantine Configuring data synchronization with the Administration Server

Page top