Configuring a policy

In the Properties: <Policy name> window of an existing policy, you can configure:

General Kaspersky Industrial CyberSecurity for Nodes settings.
Quarantine and Backup settings.
Trusted Zone, Real-Time Computer Protection, and Local Activity Control settings.
Level of detail for task logs.
User and administrator notifications about Kaspersky Industrial CyberSecurity for Nodes events.
Access privileges for managing the application and the Kaspersky Security Service.

To configure the policy settings:

Expand the Managed devices node in the tree of the Administration Console of Kaspersky Security Center.
Expand the administration group for which you want to configure the associated policy settings, and open the Policies tab in the details pane.
Select the policy you want to configure and open the Properties: <Policy name> window using one of the following methods:
- Selecting the Properties option in the policy context menu.
- Clicking the Configure policy link in the right details pane of the selected policy.
- Double-clicking the selected policy.
On the General tab in the Policy status section, enable or disable the policy. To do so, select one of the options below:
- Active policy, if you want the policy to be applied on all protected devices within the selected administration group.
- Inactive policy, if you want to activate the policy later on all protected devices within the selected administration group.
The Out-of-office policy setting is not available when you manage Kaspersky Industrial CyberSecurity for Nodes.
In the Event notification, Application settings, Supplementary, Logs and notifications, Revision history sections you can modify the application configuration (see table below).
In the Real-Time Computer Protection, Local activity control, Network activity control, and System inspection sections, configure the application settings and application launch settings (see the table below).
You can enable or disable the execution of any task on all protected devices within the administration group by means of a Kaspersky Security Center policy.

You can configure the application of policy settings on all network protected devices for each individual software component.
Click OK.

The configured settings are applied in the policy.

Sections with Kaspersky Industrial CyberSecurity for Nodes policy settings

General

In the General section, you can configure the following policy settings:

Indicate policy status.
Configure the inheritance of settings from parent policies and for child policies.

Event notifications

In the Event notifications section, you can configure settings for the following event categories:

Critical events
Failure
Warning
Informational event
You can use the Properties button to configure the following settings for the selected events:
Indicate the storage location and retention period of information about logged events.
Indicate the method of notification about logged events.

Application settings

Settings of the Application Settings section

Section	Options
Scalability, interface and scan settings	In the Scalability, interface and scan settings subsection, you can click the Settings button to configure the following settings: Choose whether to configure scalability settings automatically or manually. Configure the application icon display settings.
Security	In the Security and reliability subsection, you can click the Settings button to configure the following settings: Configure the task run settings. Specify how the application should behave when the protected device is running on UPS power. Enable or disable password-protection of application functions.
Connections	In the Connections subsection, you can click the Settings button to configure the following proxy server settings for connecting with update servers, activation servers, and KSN: Configure the proxy server settings. Specify the proxy server authentication settings.
Run local system tasks	In the Run local system tasks subsection, you can click the Settings button to allow or block the starting of the following system tasks according to a schedule configured on local computers: On-Demand Scan task. Update and Copying Updates tasks.

Supplementary

Settings of the Supplementary section

Section	Options
Trusted Zone	In the Trusted Zone subsection, you can click the Settings button to configure the following Trusted Zone settings: Create a list of Trusted Zone exclusions. Enable or disable scanning of file backup operations. Create a list of trusted processes.
Removable Drives Scan	In the Removable Drives Scan subsection, you can click the Settings button to configure scan settings for removable USB drives.
User access permissions for application management	In the User access permissions for application management subsection, you can click the Settings button to configure user rights and user group rights to manage Kaspersky Industrial CyberSecurity for Nodes.
User access permissions for Kaspersky Security Service management	In the User access permissions for Kaspersky Security Service management subsection, you can click the Settings button to configure user rights and user group rights to manage the Kaspersky Security Service.
Storages	In the Storages subsection, you can click the Settings button to configure the following Quarantine and Backup settings: Specify the path to the folder into which you want to place Quarantine or Backup objects. Configure the maximum size of Backup and Quarantine and also specify the free space threshold. Specify the path to the folder into which you want to place objects restored from Quarantine or Backup. Configure transmission of information about Quarantine and Backup objects to Administration Server. Configure the host blocking term.

Real-Time Computer Protection

Settings of the Real-time Computer protection section

Section	Options
Real-Time File Protection	In the Real-Time File Protection subsection, you can click the Settings button to configure the following task settings: Indicate the protection mode. Configure use of the Heuristic Analyzer. Configure use of the Trusted Zone. Indicate the protection scope. Set the security level for the selected protection scope: you can select a predefined security level or configure the security settings manually. Configure the task launch settings.
KSN Usage	In the KSN Usage subsection, you can click the Settings or Data processing buttons to configure the following task settings: Indicate the actions to perform on KSN untrusted objects. Configure task performance. Configure settings for using Kaspersky Security Center as a KSN proxy server. Accept the KSN Statement. Configure the task launch settings.
Exploit Prevention	In the Exploit Prevention subsection, you can click the Settings button to configure the following task settings: Select the process memory protection mode. Indicate the actions to reduce exploit risks. Add to and edit the list of protected processes.

Local activity control

Settings of the Local Activity Control section

Section	Options
Applications Launch Control	In the Applications Launch Control subsection, you can click the Settings button to configure the following task settings: Select the task operating mode. Configure settings for controlling subsequent application launches. Indicate the scope for application of the Applications Launch Control rules. Configure use of KSN. Configure the task launch settings.
Device Control	In the Device Control subsection, you can click the Settings button to configure the following task settings: Select the task operating mode. Configure the task launch settings.
Wi-Fi Control	In the Wi-Fi Control subsection, you can click the Settings button to configure the following task settings: Manage the component operating modes. Configure the rules for Wi-Fi control.

Network activity control

Settings of the Network activity control section

Section

Options

Firewall Management

In the Firewall Management subsection, you can click the Settings button to configure the following task settings:

Configure firewall rules.
Configure the task launch settings.

Anti-Cryptor

In the Anti-Cryptor subsection, you can click the Settings button to configure the following task settings:

Select the task operating mode.
Configure the Anti-Cryptor protection scope.
Configure the task launch settings.

System inspection

Settings of the System Inspection section

Section	Options
File Integrity Monitor	In the File Integrity Monitor subsection, you can click the Settings button to configure control over the changes in files that can signify a security violation on a protected device.
Log Inspection	In the Log Inspection subsection, you can click the Settings button to configure a protected device integrity control basing on the results of the Windows Event Log analysis.

Logs and notifications

Settings of the Logs and notifications section

Section	Options
Task logs	In the Task logs subsection, you can click the Settings button to configure the following settings: Specify the importance level of the logged events for the selected software components. Specify the task log storage settings.
Event notifications	In the Event notifications subsection, you can click the Settings button to configure the following settings: Specify the user notification settings for the Object detected event. Specify the administrator notification settings for any event selected in the event list in the Notification settings section.
Interaction with Administration Server	In the Interaction with Administration Server subsection, you can click the Settings button to select the types of objects that Kaspersky Industrial CyberSecurity for Nodes will report to Administration Server.
Incidents	In the Incidents subsection, you can click the Settings button to select the notifications that the application will use as the basis for creating incidents in Kaspersky Security Center.

Revision history

In the Revision history section, you can manage revisions: compare with the current revision or other policy, add descriptions of revisions, save revisions to a file or perform a rollback.

Page top