In the Administration Console, you can enable or disable the EDR Expert (on-premise) component and manage the settings for integrating the Kaspersky Endpoint Security application with the Kaspersky Endpoint Detection and Response (KATA) component in the policy properties (Detection and Response → EDR Expert (on-premise)).
If Endpoint Detection and Response Expert (version 8.0 and higher) is selected in the Web Console for the EDR Expert (on-premise) component, that is, the EDR Expert (OSMP) integration mode is selected, the Administration Console displays a warning, and the settings for the Kaspersky Endpoint Detection and Response (KATA) integration are not available. You can change the integration mode in the Web Console.
Kaspersky Endpoint Detection and Response (KATA) integration settings
|
Setting |
Description |
|---|---|
|
Enable Endpoint Detection and Response Expert (on-premise) |
This check box enables or disables the EDR Expert (on-premise) component that provides integration with Kaspersky Endpoint Detection and Response (KATA). The component is disabled by default. |
|
Enable execution prevention for objects |
This check box enables or disables EDR Expert (on-premise) rules for execution prevention for objects. |
|
KATA servers |
The Configure button opens a window where you can configure a connection to KATA servers, as well as view a list of servers to which a connection has been configured. |
|
Server connection settings |
Clicking the Configure button opens a window where you can configure general settings for connecting to KATA servers, add a server certificate, and configure two-way authentication when connecting to KATA servers. |
|
Data transfer settings |
Clicking the Configure button opens a window where you can configure settings for data to KATA servers. |