Initial configuration settings in the Web Console

In Kaspersky Security Center Web Console, you can specify the initial configuration settings for Kaspersky Industrial CyberSecurity for Linux Nodes in the installation package properties on the Settings tab. The created installation packages are available in the main window of the Web Console in one of the following sections:

Device discovery and deployment → Deployment and assignment → Installation packages.
Operations → Repositories → Installation packages.

You can also specify initial configuration settings of the application in the configuration file that is included in the installation package.

Initial configuration settings

Setting	Description
Language of events in KSC	Select the localization language for application events sent to Kaspersky Security Center: System (default) to use the operating system locale. If the application cannot detect the locale of the operating system or this locale is not supported, English is used to localize events. One of the languages supported by Kaspersky Industrial CyberSecurity for Linux Nodes. The application uses the UTF-8 encoding. The locale of the graphical interface and the application command line is taken from the `LANG` environment variable. If the application does not support this localization, it defaults to the English localization.
Activate the application	Select this check box if you want to activate the application during installation. In the displayed field, enter the activation code. This check box is cleared by default. You can also activate the application after installation.
Update source	Select the update source for databases and application modules: Kaspersky update servers (default). Kaspersky Security Center. Other source in the local or global network. If you select this option, enter the address of the update source in the field that opens.
Run database update task after installation	If this check box is selected, after the application is installed, the databases and application modules update task starts. The check box is selected by default.
Protection mode	Select an operating mode for the application: Disable protection components and scan tasks during installation to turn off all application components by default when the application is started after installation. Only service tasks that handle application activation and the functioning of Backup are started. This option is selected by default. Only File Threat Protection in "Notify only" mode if you want only the File Threat Protection component and service tasks that handle application activation and the functioning of Backup to be automatically started when the application is started after installation. The File Threat Protection component operates in "Notify only" mode. Notify-only mode is an operation mode for the application in which, if a threat is detected, application components and tasks do not attempt to disinfect or delete malicious objects, deny access or block the activity of applications. Instead, the application only informs the user about the detected threat. Only File Threat Protection if you want only the File Threat Protection component and service tasks that handle application activation and the functioning of Backup to be automatically started when the application is started after installation. When a threat is detected, the application performs the actions specified in the File Threat Protection settings.
Specify the proxy server settings	Select this check box if you use a proxy server for internet access. In the displayed field, enter the proxy server address in one of the following formats: `<connection protocol>://<IP address of the proxy server>:<port number>` if the proxy server connection does not require authentication `<connection protocol>://<user name>:<password>@<IP address of the proxy server>:<port number>` if the proxy server connection requires authentication. Connecting to a proxy server over HTTPS is not supported.
Install kernel source	If this check box is selected, starting File Threat Protection automatically starts the compilation of the kernel module on operating systems that do not support fanotify. The check box is selected by default.
Use the graphical user interface	Select this check box if you plan to install and use the application graphical interface. Files for installing the graphical interface must be added to the installation package. This check box is cleared by default.
Specify a user with the admin role	Select this check box to specify the user to which you want to assign the admin role. In the displayed field, enter the user name.
Configure SELinux automatically	If this check box is selected, SELinux is automatically configured to work with Kaspersky Industrial CyberSecurity for Linux Nodes. The check box is selected by default.
Remove users from privileged groups	Select this check box to automatically remove users from the 'kicsadmin' and 'kicsaudit' privileged groups before installing the application. This check box is cleared by default. If the check box is selected and the 'nogroup' group does not exist, the installation fails and you are prompted to manually remove users from privileged groups.
Industrial software exclusions	In the drop-down list, you can select a predefined industrial software exclusion profile. Exclusions from the selected profile are added to the application settings. By default, no industrial software exclusions are used (no profile is selected).

Page top