Creating and modifying Protection Server policy in Web Console

To create a Protection Server policy in the Web Console:

  1. Start the Web Console.
  2. If you want to create a policy for SVMs belonging to a specific administration group, select the name of this group in the tree, in the section with the Administration Server name.
  3. In the Devices section, select Policies and policy profiles.

    A list of policies opens.

  4. Click the Add button.

    The New Policy Wizard starts.

  5. At the first step of the wizard, in the list of applications select Kaspersky Security for Virtualization 5.2 Light Agent – Protection Server.

    Proceed to the next step of the wizard.

  6. Decide on whether or not to participate in Kaspersky Security Network (KSN). To do so, carefully read the Kaspersky Security Network Statement, then perform one of the following actions:
    • If you accept all the terms of the Statement and want the application to use KSN, select the I have read, understand, and accept the terms of this Kaspersky Security Network Statement option.
    • If you do not want to participate in KSN, select the I do not accept the terms of this Kaspersky Security Network Statement option.

    All data transmission and processing conditions set forth in the Kaspersky Security Network Statement for Kaspersky Security for Virtualization 5.2 Light Agent also apply to the Kaspersky Security update 5.2.1.

    If necessary, you can change your decision regarding KSN participation later.

    If you want Kaspersky Security to use the KSN, please make sure the required KSN type is configured in Kaspersky Security Center. To use Global KSN, the KSN proxy server service must be enabled in Kaspersky Security Center. To use the Private KSN, it must be enabled and configured in Kaspersky Security Center. The KSN proxy server service and Private KSN can be configured in the properties of the Kaspersky Security Center Administration Server in the KSN proxy server settings section. See Kaspersky Security Center help for more information.

    Proceed to the next step of the wizard.

  7. Verify the address and port specified for connecting SVMs to the Integration Server. You can change the port and specify the IP address in IPv4 format or the fully qualified domain name (FQDN) of the device on which the Integration Server is installed.

    If the address is specified as a NetBIOS name, localhost or 127.0.0.1, connection to the Integration Server completes with an error.

    Click the Next button.

    The New Policy Wizard checks the SSL certificate received from the Integration Server. If the certificate contains errors or is not trusted, the Integration Server certificate verification group of settings opens. By clicking the View the received certificate link, you can open a window with information about the received certificate. If there are problems with the SSL certificate, it is recommended to make sure that the utilized data transfer channel is secure. To continue connecting to the Integration Server, select the Ignore option.

  8. In the window that opens, specify the Integration Server administrator password (password for the admin account) and click the Validate button.

    Proceed to the next step of the wizard.

  9. On the General tab, specify the name of the new policy, define its status and configure inheritance settings. For details, please refer to the Kaspersky Security Center help.
  10. If required, modify the default policy settings on the Application settings tab.
  11. Click Save to complete the policy creation.

The created policy will be displayed in the list of policies on the Policies and policy profiles tab.

The policy will be applied to SVMs after the Kaspersky Security Center Administration Server relays the information to Kaspersky Security at the next SVM connection. Kaspersky Security starts protecting virtual machines according to the policy settings.

If Network Agent is not running on the SVM, the created policy is not applied on it.

If on the General tab you specified the Inactive policy status, the created policy is not applied to the SVMs.

To modify the Protection Server policy in the Web Console:

  1. Start the Web Console.
  2. If you want to modify the policy settings for SVMs belonging to a specific administration group, select the name of this group in the tree, in the section with the Administration Server name.
  3. In the Devices section, select Policies and policy profiles.

    A list of policies opens.

  4. Open the properties of the required policy using the link in the policy name.
  5. Modify the policy settings on the Application settings tab.

    If you want to configure additional settings of SVM operation, you need to enable the display of advanced Protection Server policy properties in the operating system registry.

  6. To save changes, click the Save button.
Page top