The main policy determines the File Threat Protection settings for virtual machines that are not part of vCloud Director organizations, the Network Threat Protection settings for virtual machines, and the application operating settings.
To create the main policy:
If the computer hosting the Administration Console of Kaspersky Security Center belongs to a domain or your domain user account belongs to the KLAdmins group or to the group of local administrators on the computer hosting the Integration Server, your domain user account is used by default to connect to the Integration Server. The Use domain account check box is selected by default. You can also use the Integration Server administrator account (admin). To do so, clear the Use domain account check box and enter the administrator password in the Password field.
If the computer hosting the Kaspersky Security Center Administration Console does not belong to a domain, or the computer belongs to a domain but your domain account does not belong to the KLAdmins group or to the group of local administrators on the computer hosting the Integration Server, you can use only the account of the Integration Server administrator (admin) to connect to the Integration Server. Enter the administrator password in the Password field.
If the connection to the Integration Server is established using the Integration Server administrator account (admin), you can save the administrator password. To do so, select the Save password check box. The saved administrator password will be used the next time a connection is established with this Integration Server. If you clear the check box selected during the previous connection to the Integration Server, Kaspersky Security removes the previously saved password of the Integration Server administrator.
The Save password check box may be unavailable if Windows updates KB 2992611 and/or KB 3000850 have been installed on the computer hosting the Kaspersky Security Center Administration Console. To restore the capability to save the administrator password, you can uninstall these Windows updates or modify the operating system registry as described in the Knowledge Base.
Proceed to the next step of the Policy Wizard.
The wizard checks the SSL certificate received from the Integration Server. If the received certificate contains an error, the Certificate verification window containing the error message opens. The SSL certificate is used to establish a secure connection to the Integration Server. If there are problems with the SSL certificate, it is recommended to make sure that the utilized data transfer channel is secure. To view information on the received certificate, click the View the received certificate button in the window containing the error message. You can install the certificate you received as a trusted certificate to avoid receiving a certificate error message at the next connection to the Integration Server. To do so, select the Install received certificate and stop showing warnings for <Integration Server address> check box.
To continue connecting, click the Continue button in the Certificate verification window. If you selected the Install received certificate and stop showing warnings for <Integration Server address> check box, the received certificate is saved in the operating system registry on the computer where the Kaspersky Security Center Administration Console is installed. The application also checks the previously installed trusted certificate for the Integration Server. If the received certificate does not match the previously installed certificate, a window opens to confirm replacement of the previously installed certificate. To replace the previously installed certificate with the certificate received from the Integration Server and continue connecting, click the Yes button in this window.
After the connection is established, the Choice of protected infrastructure window opens. Select one of the following options:
If the selected VMware vCenter Server does not correspond to the administration group that contains the policy, Kaspersky Security does not protect virtual machines.
Click OK in the Choice of protected infrastructure window.
If a policy is being created in a group that contains the "VMware vCenter Agentless" cluster, the main protection profile is assigned to the VMware vCenter Server by default and is inherited by all child objects of the virtual infrastructure.
Proceed to the next step of the wizard.
To prevent unauthorized access to the SNMP service, you can create a list of IP addresses to which the SNMP Agent must relay SVM status information.
Proceed to the next step of the wizard.
If you want the application to use Private KSN in its operations, select the Use Private KSN check box.
If you want Kaspersky Security to use the KSN, please make sure the required KSN type is configured in Kaspersky Security Center. To use Global KSN, the KSN proxy server service must be enabled in Kaspersky Security Center. To use Private KSN, it must be enabled and configured in Kaspersky Security Center. See Kaspersky Security Center documentation for more information.
If necessary, you will be able to change the settings for KSN usage in the application at a later time.
Proceed to the next step of the wizard.
The created policy will be displayed in the list of policies of the administration group on the Policies tab and in the Policies folder of the console tree.
After creating a policy, you can assign protection profiles to virtual machines that you want to protect.
In a policy located in an administration group that contains the "VMware vCenter Agentless" cluster, file protection is enabled by default (the main protection profile is used). In policies located in the Managed devices folder or in the administration group that contains the "VMware vCloud Director Agentless" cluster, file protection is disabled by default.
Network protection is disabled by default in all policies. You can configure Network Threat Protection settings in policy properties.
The policy will be applied to SVMs after the Kaspersky Security Center Administration Server relays the information to Kaspersky Security at the next SVM connection. Kaspersky Security will start protecting virtual machines according to the policy settings.
If no license key has been added on an SVM or the application databases are missing, the SVM does not protect the virtual machines.
Page top