If you use the NDR functionality, you can configure the integration of Kaspersky Anti Targeted Attack Platform with the Endpoint Agent component represented by Kaspersky Endpoint Security 12.7 for Windows and Kaspersky Endpoint Security 12.2 Linux to receive the following information about the devices on which the component is installed:
You can connect up to 1000 Endpoint Agent components to a single Central Node component.
To integrate with the NDR functionality, Kaspersky Endpoint Security 12.7 for Windows or Kaspersky Endpoint Security 12.2 Linux must be activated using a KESB Advanced or KESB Total license key.
Data from computers with the Endpoint Agent component is sent to Kaspersky Anti Targeted Attack Platform through integration servers. Any server with Kaspersky Anti Targeted Attack Platform component (Central Node or Sensor) installed can function as an integration server. For integration with Endpoint Agent, add integration servers to the servers that receive data from computers with Endpoint Agent.
Computers hosting Endpoint Agent establish secure connections with integration servers over the HTTPS protocol. The connections are secured by certificates issued by the Central Node server. The following certificates can be used for connections:
Certificates and public keys are distributed to Endpoint Agent computers using Kaspersky Endpoint Security for Windows or Kaspersky Endpoint Security for Linux. To upload this data into Kaspersky Endpoint Security, you can use a communication data package, which must be created in Kaspersky Anti Targeted Attack Platform after adding the integration server.
Only users with the Administrator role can configure the receipt of data from Endpoint Agent components. Users with the Security auditor role can view the list of integration servers.