Kaspersky Sandbox
- Kaspersky Sandbox Online Help
- About the Kaspersky Sandbox solution
- About the Kaspersky Sandbox application
- What's New
- Distribution kit
- Hardware and software requirements
- Limitations of the current version
- Application licensing
- About the license
- About the End User License Agreement
- About the license certificate
- About the subscription
- About the key
- About the key file
- About the activation code
- Viewing license information in the web interface
- Viewing the text of the End User License Agreement and the Privacy Policy in the web interface
- Activating the application using the web interface
- Activating the application using Kaspersky Security Center Web Console
- Application modes based on the license
- About data provision
- Installing and performing initial configuration of the solution
- Preparing the IT infrastructure for Kaspersky Sandbox installation
- Setting up Kaspersky Sandbox for virtual infrastructure
- Installing and configuring applications of the solution when using EPP applications with built-in Kaspersky Sandbox support
- Installing and configuring applications of the solution when using EPP applications without built-in Kaspersky Sandbox support
- Installing the Kaspersky Sandbox application
- Verifying the digital signature
- Step 1. Starting installation of the Kaspersky Sandbox application and selecting the language for viewing End User License Agreements
- Step 2. Viewing the Kaspersky Sandbox End User License Agreement and the Privacy Policy
- Step 3. Viewing the Microsoft End User License Agreement
- Step 4. Viewing the Adobe End User License Agreement
- Step 5. Basic setup of Kaspersky Sandbox
- Step 6. Completing the installation of Kaspersky Sandbox.
- Scaling Kaspersky Sandbox
- Getting started with Kaspersky Sandbox
- Managing the Kaspersky Sandbox application using the web interface
- Initial configuration of the application
- Monitoring of application operation
- Information about self diagnostics of the application in Kaspersky Sandbox web interface
- Information about database update state in Kaspersky Sandbox web interface
- Information about the application activation state and the license validity period in the Kaspersky Sandbox web interface
- Configuring the data display period on the widget in the Kaspersky Sandbox web interface
- Monitoring the processing of objects received from Kaspersky Endpoint Security in the Kaspersky Sandbox web interface
- Database update
- Configuring network interfaces
- Configuring integration with Kaspersky Security Center
- Creating a TLS certificate of Kaspersky Sandbox web interface
- Setting the date and time
- Installing and configuring images of operating systems and software required for the operation of Kaspersky Sandbox
- Managing the cluster
- Creating a new cluster
- Limitations that apply when adding servers to the cluster
- Viewing the server table of the cluster
- Monitoring the status of servers in the cluster
- Adding a server to the cluster
- Removing a server from a cluster
- Deleting the cluster
- Modifying the IP address of a server that is part of a cluster
- Downloading Kaspersky Sandbox system log to the hard drive
- Restarting Kaspersky Sandbox server
- Shutdown of Kaspersky Sandbox server
- Changing Kaspersky Sandbox administrator account password
- Managing Kaspersky Sandbox using Kaspersky Security Center Web Console
- Installing the Kaspersky Sandbox management web plug-in
- Configuring Kaspersky Sandbox device status display
- Kaspersky Sandbox event configuration
- Getting started with Kaspersky Sandbox in Kaspersky Security Center Web Console
- Viewing information about Kaspersky Sandbox and the database update status
- Going to the Kaspersky Sandbox web interface
- Viewing Kaspersky Sandbox license information
- Displaying information about the Kaspersky Sandbox management web plug-in
- Viewing the threat report
- Monitoring the processing of objects received from Kaspersky Endpoint Security
- Managing Kaspersky Endpoint Security for Windows
- Getting started with Kaspersky Endpoint Security
- Configuring the proxy server connection
- Configuring the integration of Kaspersky Endpoint Security with Kaspersky Sandbox
- Managing stand-alone IOC scanning tasks
- Configuring Threat Response actions of Kaspersky Endpoint Security to respond to threats detected by Kaspersky Sandbox
- Configuring Quarantine settings
- Configuring data synchronization with the Administration Server
- Monitoring the results of sending objects for scanning by Kaspersky Sandbox and running IOC scanning tasks
- Managing Kaspersky Endpoint Agent for Windows
- Getting started with Kaspersky Endpoint Agent
- Configuring Kaspersky Endpoint Agent security settings
- Configuring the proxy server connection
- Configuring the usage of Kaspersky Security Network
- Configuring the integration of Kaspersky Endpoint Agent with Kaspersky Sandbox
- Configuring Threat Response actions of Kaspersky Endpoint Agent to respond to threats detected by Kaspersky Sandbox
- Enabling and disabling Threat Response actions for threats detected by Kaspersky Sandbox
- Adding Threat Response actions to the action list of the current policy
- Authentication for Threat Response group tasks at the Administration Server
- Enabling detection of legitimate applications that can be used by cybercriminals
- Configuring the running of IOC scanning tasks
- Configuring Quarantine settings and restoration of objects from Quarantine
- Configuring data synchronization with the Administration Server
- Managing Kaspersky Endpoint Agent tasks
- Interaction with external systems using the API
- Multitenancy
- Contacting the Technical Support Service
- Glossary
- Basic concepts of Kaspersky Security Center relevant to managing the solution using KSC
- Information about third-party code
- Trademark notices
Creating a database update task
To create a Kaspersky Endpoint Agent database update task in Kaspersky Security Center:
- Open the Kaspersky Security Center Administration Console.
- In the console tree, select the Tasks folder.
- Click New task.
The task creation wizard starts.
- Select the Kaspersky Endpoint Agent task type block and the Databases and Modules Update task type.
- Click Next.
The wizard for creating the database update task is started.
The database update task creation wizard consists of the following steps:
- Selecting a database update source
Do the following:
- Under Database update source, select a database update source:
- Kaspersky Security Center Administration Server
- Kaspersky update servers
- Custom HTTP or FTP servers or network folders
- If required, select the Use Kaspersky update servers if specified servers are not available check box.
- If you select Kaspersky update servers as the database update source and want to use a proxy server for database updates, under Update source connection, select the Use proxy server settings to connect to Kaspersky update servers check box.
- If you select Custom HTTP or FTP servers or network folders as database update source, do the following:
- Click the Custom HTTP or FTP servers or network folders link.
- Add update servers to the list:
- Click the Update servers button.
- In the new line, enter the address of the update server (HTTP or FTP), or the path to the network or local folder containing the update files.
- If you want to use the server for updating the databases, select the check box next to its IP address. You can also add servers to the list and clear the check boxes next to IP addresses of servers that you do not want to use right now but plan to use in the future.
Do the same to add each server.
- Click OK.
- The Update servers window closes.
- To use a proxy server to connect to update servers, select the Use proxy server settings to connect to other servers check box in the Update source connection settings section.
- Under Database update source, select a database update source:
- Configuring the application modules update settings
Do the following:
- In the Update settings section, select the conditions for the application to check for the availability of application module updates:
- Do not check for updates. Kaspersky Endpoint Agent will not check the availability of application module updates.
- Only check for availability of critical software modules updates. Kaspersky Endpoint Agent will check the availability only for important application module updates.
- Download and install critical application module updates. Kaspersky Endpoint Agent will check the availability of application module updates and download and install critical application module updates.
- If you want the application to display a notification about all scheduled application modules updates available in the update source, select the Receive information about available scheduled application module updates check box.
- In the Update settings section, select the conditions for the application to check for the availability of application module updates:
- Configuring the database update schedule
Do the following:
- In the Task schedule section, select the Run by schedule check box.
- In the Frequency list select one of the following options to run the tasks: At specified time, Every hour, Every day, Every week, On application launch or After the application database update.
- If you select the At specified time option, specify the day and time to start the task in the Run by schedule section.
- If you select one of the following options: Every hour, Every day or Every week, configure the following settings in the Run by schedule section:
- In the Every list, select the task run frequency. For example, 1 time per day or 2 times per week on Tuesdays and Thursdays.
- In the Time and Date lists, select the date and time from which the schedule applies.
- To configure advanced schedule settings, click the Advanced button and perform the following actions in the Advanced window:
- If you want to set maximum timeout for the task execution, select the Stop tasks that run longer than check box and specify the number of hours and minutes after which the task will automatically terminate.
- If you want the task schedule to be valid until a certain date, select the Cancel schedule from check box and specify the expiration date for the schedule.
- If you want the application to run missed database update tasks at the earliest opportunity, select the Run missed tasks check box.
- If you want to avoid simultaneous access of a large number of workstations to the Administration Server as well as to run the task on workstations not precisely according to the schedule, but randomly within a certain time interval, select the Randomize the task start time within the interval check box and specify the start interval in minutes.
- Click OK.
Click OK.
- Selecting devices to which the task is assigned
This opens the device selection window; in that window, select devices to which you want to assign the task and click Next.
For example, you can select the Assign the task to an administration group option and select an administration group from the list.
- Selecting the Kaspersky Security Center user account that you want to use to run the task
In the Selecting an account to run the task window, do one of the following:
- Select the default account and click Next.
- Enter the user name and password to be used to run the task and click Next.
- Assigning a name to the task
In the Set the task name window, in the Name field, enter the task name and click Next.
- Running the task immediately after it is created
If you want the task to run immediately after it is created, select the Run task after the wizard finishes check box and click Finish.
See also |