A tenant policy is used only if the application is operating in multitenancy mode. A tenant policy lets you configure the File Threat Protection settings for virtual machines that are part of Cloud Director organizations.
To create a tenant policy:
It is recommended to specify the Integration Server address in the <address:port> format.
The Wizard establishes a connection to the Integration Server to receive information about the VMware virtual infrastructure.
The wizard checks the SSL certificate received from the Integration Server. If the received certificate contains an error, the Certificate verification window containing the error message opens. The SSL certificate is used to establish a secure connection to the Integration Server. If there are problems with the SSL certificate, it is recommended to make sure that the utilized data transfer channel is secure. To view information on the received certificate, click the View the received certificate button in the window containing the error message. You can install the certificate you received as a trusted certificate to avoid receiving a certificate error message at the next connection to the Integration Server. To do so, select the Install received certificate and stop showing warnings for <Integration Server address> check box.
To continue connecting, click the Continue button in the Certificate verification window. If you selected the Install received certificate and stop showing warnings for <Integration Server address> check box, the received certificate is saved in the operating system registry on the computer where the Kaspersky Security Center Administration Console is installed. The application also checks the previously installed trusted certificate for the Integration Server. If the received certificate does not match the previously installed certificate, a window opens to confirm replacement of the previously installed certificate. To replace the previously installed certificate with the certificate received from the Integration Server and continue connecting, click the Yes button in this window.
In the policy located in the Managed devices folder of the virtual Administration Server, the main protection profile is assigned by default to all virtual machines within the protected infrastructure of the tenant.
Proceed to the next step of the wizard.
You will be able to change your decision later if necessary.
KSN usage settings (KSN mode and type) are determined by the main policy whose scope includes the virtual machines of the tenant.
Proceed to the next step of the wizard.
The created tenant policy will be displayed in the list of policies of the administration group on the Policies tab and in the Policies folder of the console tree.
In a tenant policy that is located in the Managed devices folder of the virtual Administration Server, file protection is enabled by default (the main protection profile is used). If you want to configure different file protection settings for different virtual machines within the protected infrastructure, you need to create and assign additional protection profiles in the policy properties.
File protection is disabled by default in a tenant policy that is located in the Managed devices folder of the main Administration Server or in the administration group that contains the VMware Cloud Director Agentless cluster.
The policy will be applied to SVMs after the Kaspersky Security Center Administration Server relays the information to Kaspersky Security at the next SVM connection. Kaspersky Security will start protecting virtual machines according to the policy settings.
Page top