SANDBOX. Managing Sandbox

Commands for managing the Sandbox component:

Enabling or disabling the Sandbox component.
The Sandbox components provides interaction with the Kaspersky Sandbox solution and the KATA Sandbox component, which is part of the Kaspersky Anti Targeted Attack Platform.
Configuring the Kaspersky Sandbox component:
- Connecting the computer to Sandbox servers.
  The servers use deployed virtual images of Microsoft Windows operating systems to run objects that need to be scanned. You can enter an IP address (IPv4 or IPv6) or a fully qualified domain name. For details about deploying virtual images and configuring Sandbox servers, refer to the Kaspersky Sandbox Help and Kaspersky Anti Targeted Attack Platform Help.
- Configuring the connection timeout for the server.
  Connection timeout for the Sandbox server (for Kaspersky Sandbox) or Central Node server (for KATA). After the configured timeout elapses, Kaspersky Endpoint Security sends a request to the next server. You can increase the connection timeout for the server if your connection speed is low or if the connection is unstable. The recommended request timeout is 0.5 seconds or less.
- Configuring a trusted connection between the computer and the servers.
  To configure a trusted connection with the Sandbox server (for Kaspersky Sandbox) or Central Node server (for KATA), you must prepare a TLS certificate. You must then add the certificate to the computer using a policy. You also need to add the certificate to the Sandbox server (for Kaspersky Sandbox) or Central Node server (for KATA).
Displaying the current settings of the component.

To run the command, go to the folder where the Kaspersky Endpoint Security executable file is located. You can also add the executable file path to the %PATH% system variable and run the command without navigating to the application folder.

Command syntax

avp.com stop sandbox [/login=<user name> /password=<password>]

avp.com start sandbox

avp.com sandbox /set [--tls=yes|no] [--servers=<server address>:<port>] [--timeout=<Sandbox server connection timeout (ms)>] [--pinned-certificate=<path to the TLS certificate>][/login=<user name> /password=<password>][--client-certificate=<path to the PFX archive>]

avp.com sandbox /show

Operation
`stop`	Disable the Sandbox component.
`start`	Enable the Sandbox component.
`set`	Configure the Sandbox component. You can modify the following settings: Use a trusted connection (`--tls`) Add a TLS certificate (`--pinned-certificate`) Set the server connection timeout (`--timeout`) Add Sandbox servers (`--servers`) Add a crypto-container (`--client-certificate`)
`show`	Display the current settings of the component. You get the following response: `sandbox.timeout=<Sandbox server connection timeout (ms)>` `sandbox.tls=<trusted connection status>` `sandbox.servers=<list of Sandbox servers>`

Authentication
`/login=<user name> /password=<password>`	User account credentials with the required Password protection permissions.

Example:

avp.com start sandbox

avp.com sandbox /set --tls=yes --pinned-certificate="C:\Users\Admin\certificate.pem"

avp.com sandbox /set --servers=10.10.111.0:147

Page top