Managing connectors

This section contains information about managing connectors in Kaspersky Anti Targeted Attack Platform. Connectors are special software modules that handle communication with Kaspersky Anti Targeted Attack Platform and can allow to perform management tasks in the application itself or with the help of the application.

Connectors extend the functionality of the application letting it interact with third-party systems. Depending on their functional purpose, connectors can send data to third-party systems (for example, events, application messages, and audit records to a SIEM system) or fetch data from third-party systems. The application can also use connectors for active polling of devices.

Computers on which the connector software modules are running are called connector deployment nodes. You can deploy the connector on any computer that has network access to the Central Node server (including nodes with installed application components, including the Central Node server itself).

The table of connectors and the table of connector types are displayed in the Settings section, Connectors subsection in the application web interface. Only users with the Administrator role can manage connectors and connector types. Users with the Security auditor, Security officer, and Senior security officer roles can view connectors and connector types.

The functionality of the connector depends on the selected connector type. You can select a connector type when adding the connector to the application. The following types of connectors are built into the application out of the box:

If necessary, you can add other connector types that will facilitate data exchange or provide the capabilities for performing management tasks when the application interacts with other recipient systems.

Certain ports and protocols are used for the connections of connectors to the Central Node server.

Third-party systems are connected through the connector on behalf one of the application users. We recommend using a separate user account for each connector. This will help you analyze actions performed through the connectors using audit records.

The maximum number of connectors in the application is 20. The maximum number of connector types is 100.

In this section

Managed and unmanaged connectors

Sending events, application messages, and audit records to third-party systems

Automatic network access control for devices via Cisco Switch connectors

Adding a connector

Viewing the table of connectors

Enabling or disabling a connector

Editing connector settings

Creating a new communication data package for a connector

Deleting a connector

Adding and deleting connector types

Page top