Viewing the protected infrastructure in a policy

To view the protected infrastructure selected for a policy:

1. Open the Administration Console of Kaspersky Security Center.
2. In the console tree, perform one of the following actions:
   • If you want to view the protected infrastructure in a policy for one KSC cluster, in the Managed devices folder of the console tree select the administration group containing the KSC cluster.
   • If you want to view the protected infrastructure in a policy for all KSC clusters, select the Managed devices folder.
3. In the workspace, select the Policies tab.
4. Select a policy in the list of policies and double-click the policy to open the Properties: <Policy name> window.
5. Select the Protected infrastructure section.
6. The Kaspersky Security administration plug-in attempts to automatically connect to the Integration Server. If the connection fails, the Connection to Integration Server window opens.

   If the computer hosting the Administration Console of Kaspersky Security Center belongs to a domain or your domain user account belongs to the KLAdmins group or to the group of local administrators on the computer hosting the Integration Server, your domain user account is used by default to connect to the Integration Server. The Use domain account check box is selected by default. You can also use the Integration Server administrator account (admin). To do so, clear the Use domain account check box and enter the administrator password in the Password field.

   If the computer hosting the Kaspersky Security Center Administration Console does not belong to a domain, or the computer belongs to a domain but your domain account does not belong to the KLAdmins group or to the group of local administrators on the computer hosting the Integration Server, you can use only the account of the Integration Server administrator (admin) to connect to the Integration Server. Enter the administrator password in the Password field.

   If the connection to the Integration Server is established using the Integration Server administrator account (admin), you can save the administrator password. To do so, select the Save password check box. The saved administrator password will be used the next time a connection is established with this Integration Server. If you clear the check box selected during the previous connection to the Integration Server, Kaspersky Security removes the previously saved password of the Integration Server administrator.

   The Save password check box may be unavailable if Windows updates KB 2992611 and/or KB 3000850 have been installed on the computer hosting the Kaspersky Security Center Administration Console. To restore the capability to save the administrator password, you can uninstall these Windows updates or modify the operating system registry as described in the Knowledge Base.

   In the Connection to Integration Server window, specify the connection settings and click OK.

7. The Kaspersky Security administration plug-in verifies the SSL certificate received from the Integration Server. If the received certificate contains an error, the Certificate verification window containing the error message opens. The SSL certificate is used to establish a secure connection to the Integration Server. If there are problems with the SSL certificate, you are advised to make sure that the utilized data transfer channel is secure. To view information on the received certificate, click the View the received certificate button in the window containing the error message. You can install the certificate you received as a trusted certificate to avoid receiving a certificate error message at the next connection to the Integration Server. To do so, select the Install received certificate and stop showing warnings for <Integration Server address> check box.

   To continue connecting, click the Continue button in the Certificate verification window. If you selected the Install received certificate and stop showing warnings for <Integration Server address> check box, the received certificate is saved in the operating system registry on the computer where the Kaspersky Security Center Administration Console is installed. The application also checks the previously installed trusted certificate for the Integration Server. If the received certificate does not match the previously installed certificate, a window opens to confirm replacement of the previously installed certificate. To replace the previously installed certificate with the certificate received from the Integration Server and continue connecting, click the Yes button in this window.

After connecting to the Integration Server, the right part of the window displays information about the protected infrastructure and the assigned protection profiles.

Information about the protected infrastructure

The protected infrastructure is displayed as a tree of items:

• If you are viewing the properties of a policy for one KSC cluster, you will see the KSC cluster protected infrastructure: the root item is the VMware vCenter Server, and under it you will see Datacenter objects, VMware clusters, resource pools, vApp objects, and virtual machines. Kaspersky Security uses a view of the KSC cluster protected infrastructure in the form of a tree of VMware ESXi hypervisors and VMware clusters (Hosts and Clusters view) (for details, see VMware product documentation).
• If you are viewing the properties of a policy for all KSC clusters, the root item is the Integration Server, and under it you will see all VMware vCenter Servers, each containing the protected infrastructure of the KSC cluster corresponding to the VMware vCenter Server.

If the virtual infrastructure contains two or more virtual machines with the same ID (vmID), only one virtual machine appears in the object tree. If this virtual machine has been assigned a protection profile, the settings of this protection profile are applied to all virtual machines that have the same ID (vmID).

Information about protection profile assignment

The Protection profile column displays information about virtual infrastructure objects' assigned protection profiles whose settings are applied by Kaspersky Security for protection of virtual machines.

The information is displayed as follows:

• The name of an expressly assigned protection profile is highlighted in black.
• The name of a protection profile inherited from a parent object is highlighted in gray. The name is formed as follows: "inherited: <N>", where N represents the name of the protection profile that was inherited from a parent object.
• If no profile has been assigned to an object of the protected infrastructure (the object has been excluded from protection), the Protection profile column displays the value (Not assigned).

Page top