Configuring a trusted connection with Kaspersky Endpoint Security

To configure a trusted connection, you must perform actions both on the Kaspersky Anti Targeted Attack Platform side and on the Kaspersky Endpoint Security side.

You can use one of the following options to configure a trusted connection:

• Configuring the connection with the Central Node server without validating the TLS certificate of Kaspersky Endpoint Security in Kaspersky Anti Targeted Attack Platform.

  Kaspersky Endpoint Security establishes a trusted connection with Kaspersky Anti Targeted Attack Platform using the TLS certificate of the Central Node server. Kaspersky Anti Targeted Attack Platform does not validate the TLS certificate of Kaspersky Endpoint Security when Kaspersky Endpoint Security tries to connect.

  If you are using this alternative configuration for the trusted connection, the procedure is as follows:

  1. Generate or upload an independently prepared TLS certificate of the Central Node server in the web interface of Central Node (if the TLS certificate of the Central Node has not been previously created).
  2. Downloading the TLS certificate of the Central Node server.
  3. Connecting a computer with Kaspersky Endpoint Security to the Central Node server:
     • Connecting Kaspersky Endpoint Security for Windows.
     • Connecting Kaspersky Endpoint Security for Linux.
     • Connecting Kaspersky Endpoint Security for Mac.
• Configuring the connection with the Central Node server with validation of the TLS certificate of Kaspersky Endpoint Security on the Kaspersky Anti Targeted Attack Platform side.

  Kaspersky Endpoint Security establishes a trusted connection with Kaspersky Anti Targeted Attack Platform using the TLS certificate of the Central Node server. Additional security of the connection is configured in Kaspersky Endpoint Security and the TLS certificate of Kaspersky Endpoint Security is uploaded. Kaspersky Anti Targeted Attack Platform validates the TLS certificate of Kaspersky Endpoint Security when Kaspersky Endpoint Security tries to connect.

  If you are using this alternative configuration for the trusted connection, the procedure is as follows:

  1. Generate or upload an independently prepared TLS certificate of the Central Node server in the web interface of Central Node (if the TLS certificate of the Central Node has not been previously created).
  2. Downloading the TLS certificate of the Central Node server.
  3. Enabling the validation of the Kaspersky Endpoint Security TLS certificate in the web interface of Kaspersky Anti Targeted Attack Platform
  4. Generating and downloading the crypto container with the TLS certificate of Kaspersky Endpoint Security or uploading an independently prepared TLS certificate of Kaspersky Endpoint Security using the web interface of Kaspersky Anti Targeted Attack Platform.

     If you want to prepare the TLS certificate of Kaspersky Endpoint Security on your own, you must create a PFX crypto container with your certificate. For details on managing TLS certificates, see the OpenSSL documentation.

  5. Connecting a computer with Kaspersky Endpoint Security to the Central Node server:
     • Connecting Kaspersky Endpoint Security for Windows.
     • Connecting Kaspersky Endpoint Security for Linux.
     • Connecting Kaspersky Endpoint Security for Mac.

Page top