Creating a policy using the Administration Console

To create a policy in the Administration Console:

1. In the Administration Console tree, in the Managed devices folder, select the administration group containing the devices to which the policy should be applied.

   You can view the list of devices that are part of an administration group on the Devices tab of the folder with the name of this administration group.

2. In the workspace, select the Policies tab.
3. Click the New policy button to start the New policy wizard.

   You can also start the Wizard by clicking the Create → Policy item in the context menu in the list of policies.

4. At the first step of the wizard, select Kaspersky Industrial CyberSecurity for Linux Nodes in the list.

   Proceed to the next step of the wizard.

5. Enter a name for the new policy.
6. If you want to transfer the settings from the policy of the previous version of Kaspersky Industrial CyberSecurity for Linux Nodes to the policy being created, select the Use policy settings from the previous version of the application check box.

   Proceed to the next step of the wizard.

7. If necessary, select an industrial software exclusion profile. Exclusions from the specified exclusion profile are added to the policy.

   If the selected exclusion profile contains mount point exclusions, you need to ensure that the excluded mount points exist, or add new mount point settings to the /etc/fstab configuration file on the device. You can view the mount point exclusions being added in the policy using the Web Console or Administration Console, or in the general application settings on the command line (the ExcludedMountPoint.item_# setting).

   You can view other recommendations for configuring the application by clicking the link in this window.

8. Decide whether you want to use Kaspersky Security Network. Carefully read the Kaspersky Security Network Statement and do one of the following:
   • If you agree with all the terms and conditions of the Statement and want the application to use Kaspersky Security Network, select I confirm that I have fully read, understand, and accept the terms and conditions of Kaspersky Security Network Statement.
   • If you do not want to use Kaspersky Security Network, select I do not accept the terms and conditions of the Kaspersky Security Network Statement and confirm your decision in the window that opens.

   Refusal to use Kaspersky Security Network does not interrupt the policy creation process. At any time, you can enable or disable use of Kaspersky Security Network or change the KSN mode for managed devices in the policy settings.

   Proceed to the next step of the wizard.

9. If necessary, configure the general settings for File Threat Protection.

   Proceed to the next step of the wizard.

10. If necessary, edit the File Threat Protection settings that have been configured by default.

    Proceed to the next step of the wizard.

11. If necessary, configure the exclusions from File Threat Protection.

    Proceed to the next step of the wizard.

12. If necessary, modify the default actions for infected objects.

    Proceed to the next step of the wizard.

13. If necessary, edit the Kaspersky Industrial CyberSecurity for Networks integration settings.

    Proceed to the next step of the wizard.

14. Complete the New Policy Wizard.

The created policy is displayed in the list of policies of the administration group on the Policies tab and in the Policies folder of the console tree.

You can change the policy settings later. For general information about managing policies, refer to the Kaspersky Security Center Help.

Page top