Authentication for Threat Response group tasks at the Administration Server

If you want Kaspersky Endpoint Agent to create group tasks for Threat Response, you must authenticate at the Administration Server — enter the user name and password for connecting to Kaspersky Security Center.

You can authenticate under the "internal KSC user" account created in Kaspersky Security Center or use the "Windows authentication" mechanism.

For more information about creating Kaspersky Security Center user accounts and the "Windows authentication" mechanism, see Kaspersky Security Center Help.

The name of the user account must not be the same as the domain name of the user and must not have the <domain name>\<user name> format.

To authenticate at the Administration Server:

1. Open the Kaspersky Security Center Administration Console.
2. In the console tree, select the Policies folder.
3. Select the necessary policy and double-click it to open its properties.
4. Under Kaspersky Sandbox integration, select Threat response.
5. In the Authentication on Administration Server settings group, in the Administration Server login field, enter the name of the Kaspersky Security Center user account.
6. In the Authentication on Administration Server settings group, in the Administration Server password field, enter the password for accessing Kaspersky Security Center.
7. In the upper right corner of the settings group, move the toggle switch from Unaffected by policy to Under policy.
8. Click OK.

See also Enabling and disabling Threat Response actions Adding Threat Response actions to the action list of the current policy Protection of workstations from legitimate applications that can be exploited by adversaries Configuring the running of IOC scanning tasks

Page top