Kaspersky Managed Detection and Response
- Kaspersky Managed Detection and Response Help
- What's new
- About Kaspersky Managed Detection and Response
- Hardware and software requirements
- Architecture of Kaspersky Managed Detection and Response
- Interfaces of Kaspersky Managed Detection and Response
- MDR section in Kaspersky Security Center
- Setting up MDR Plug-in in Kaspersky Security Center
- Configuring MDR Plug-in
- Setting access rights in Kaspersky Security Center
- Viewing and editing the MDR settings in Kaspersky Security Center
- Using MDR Plug-in functions on a virtual Administration Server
- Using MDR functions in Kaspersky Security Center through a proxy server
- Changing the certificates to use MDR functions in Kaspersky Security Center with a proxy server or anti-virus software
- Hiding and showing the MDR features in Kaspersky Security Center
- Setting up MDR Plug-in in Kaspersky Security Center
- MDR Web Console
- Switching the interface language in Kaspersky Security Center
- Switching the language for notifications and reports in Kaspersky Security Center
- Switching the interface language in MDR Web Console
- MDR section in Kaspersky Security Center
- Activating Kaspersky Managed Detection and Response
- Deactivating Kaspersky Managed Detection and Response
- Deployment of Kaspersky Managed Detection and Response
- About the MDR configuration file
- Licensing
- Data provision
- About Kaspersky Security Network
- Monitoring dashboards in MDR Web Console
- Receiving summary information
- Receiving notifications
- Managing users
- Managing assets
- Managing incidents
- About the incidents
- Viewing and searching incidents in MDR Web Console
- Filtering incidents in MDR Web Console
- Creating custom incidents in MDR Web Console
- Viewing detailed information about incidents in MDR Web Console
- Response types
- Processing responses to incidents in MDR Web Console
- Auto-accepting responses in MDR Web Console
- Auto-accepting responses in Kaspersky Security Center
- Closing incidents in MDR Web Console
- Using Kaspersky Endpoint Detection and Response Optimum features
- Multitenancy
- Managing the solution through the REST API
- Scenario: performing token-based authorization
- Creating an API connection in Kaspersky Security Center
- Creating an API connection in MDR Web Console
- Editing an API connection in Kaspersky Security Center
- Editing an API connection in MDR Web Console
- Creating an access token in Kaspersky Security Center
- Creating an access token in MDR Web Console
- Working with the REST API
- Revoking a refresh token in Kaspersky Security Center
- Deleting an API connection in Kaspersky Security Center
- Deleting an API connection in MDR Web Console
- Known issues
- Contact Technical Support
- Sources of information about the solution
- Glossary
- Information about third-party code
- Trademark notices
Multitenancy
Multitenancy is a mechanism allowing you to become a Kaspersky Managed Detection and Response supplier for other organizations. Once you have an MDR account, you can create
A tenant is an organization to which you supply Kaspersky Managed Detection and Response.
Your account in Kaspersky Security Center Web Console or Kaspersky Security Center Cloud Console must have a role with the following access rights: Incident access and Tenant management, and the ability to view, add, edit, and delete tenants in the MDR section in Kaspersky Security Center.
If your organization has multiple licenses, you can only manage tenants in Kaspersky Security Center.
To become an MDR supplier, you must have access to your tenant's infrastructure to be able to perform deployment scenarios.
All tenants are independent and isolated, which means no data from one tenant can be accessed by other tenants.
Only users with the MDR Administrator role assigned can add, edit, and delete tenants in MDR Web Console.
You can create up to 100 tenants in your MDR account. Each tenant has the following settings:
- Status
One of the following tenant statuses:
- Active
A tenant can use Kaspersky Managed Detection and Response.
- Inactive
A tenant cannot use Kaspersky Managed Detection and Response.
You can set the inactive status manually in the tenant card. Also, inactive status is set automatically at the end of the tenant's lifetime.
- Active
- Tenant name
An arbitrary, human-readable name of the tenant that you specify while creating or editing the tenant. The tenant name can contain Latin letters, digits, and special characters. It cannot be more than 100 characters long.
- Description
Free-form information that you enter while creating or editing the tenant. The description can contain Latin letters, digits, and special characters. It cannot be more than 2000 characters long.
- Number of assets
The number of assets assigned to the tenant.
- Lifetime
Date when the tenant's configuration file expires.
|
In this section |