As a result of the Initial Configuration Wizard for the managed application, the following policies and tasks are created in the Managed devices folder of the main Kaspersky Security Center Administration Server.
Default main policy
This policy is displayed in the workspace of the Managed devices folder of the main Administration Server on the Policies tab and is named KSV Agentless 6.0 default policy.
Default policy settings take the following values:
If you want to use the default main policy for virtual machine protection, you need to enable anti-virus protection and configure Network Threat Protection in this policy.
All settings of the default main policy can be redefined in nested policies (all "locks" are open).
The availability of a default main policy lets you use the following capabilities of Kaspersky Security Center immediately after SVM deployment and before you manually create a policy:
If you want to delete the default main policy, make sure that one of the policies created by you is applied on all SVMs. If the main policy is not applied on an SVM, Kaspersky Security Center does not register this SVM's events that occur during scans and protection of virtual machines that are not part of vCloud Director organizations, and does not display these virtual machines in reports.
Default tenant policy
This policy is created only on the main Kaspersky Security Center Administration Server if you installed the Kaspersky Security administration plug-in for tenants.
This policy is displayed in the workspace of the Managed devices folder of the main Administration Server on the Policies tab and is named KSV Agentless 6.0 (for tenants) default policy.
The settings of this policy are not used directly for the protection of virtual machines. However, the settings of the main protection profile and KSN usage settings configured in this policy may be inherited in tenant policies located in nested administration groups, for example, in the Managed devices folder of the virtual Administration Server.
If you want to centrally enable the use of KSN for protection of all virtual machines of tenants, you need to first obtain the consent of tenants to send KSN usage information and other information to Kaspersky depending on the KSN usage mode that you selected (standard KSN or extended KSN).
All settings of the default tenant policy can be redefined in nested policies (all "locks" are open).
There must be a tenant policy in the Managed devices folder of the main Administration Server of Kaspersky Security Center to register events that occur during scans and protection of virtual machines of tenants, and to display virtual machines of tenants within the protected infrastructure of the KSC cluster and in the list of virtual machines protected by SVMs.
In the default tenant policy, you can configure the settings for notifications about events that occur during scans and protection of virtual machines of tenants.
Application database default update task
This task is displayed in the workspace of the Managed devices folder of the main Administration Server on the Tasks tab and is named Program database update.
The task is started each time an update package is downloaded to the storage of Kaspersky Security Center Administration Server, and it lets you update the databases on all SVMs.
Default Full Scan task
This task is displayed in the workspace of the Managed devices folder of the main Administration Server on the Tasks tab and is named Default Full Scan task.
This task lets you scan all virtual machines that are within the entire protected infrastructure but are not part of a vCloud Director organization.
The settings of the full scan task take the following values:
You can manually run this task.
Page top