In the Administration Console, you can enable or disable the EDR (KATA) and NDR (KATA) components and configure the integration of the Kaspersky Endpoint Security application with the Kaspersky Anti Targeted Attack Platform in the policy properties (Detection and Response → Endpoint Detection and Response (KATA) and Detection and Response → Network Detection and Response (KATA)).
Kaspersky Anti Targeted Attack Platform integration settings
|
Setting |
Description |
|---|---|
|
Enable Endpoint Detection and Response (KATA) / Enable Network Detection and Response (KATA) |
This check box enables or disables the EDR (KATA) component or the NDR (KATA) component. The components are disabled by default. |
|
Enable execution prevention for objects |
This check box enables or disables EDR (KATA) rules for execution prevention for objects. Execution prevention rules for objects can be applied only if the EDR (KATA) component is enabled. The check box is displayed only when integrating with Kaspersky Endpoint Detection and Response (KATA). |
|
KATA servers / NDR servers |
The Configure button opens a window where you can configure a connection to KATA/NDR servers, as well as view a list of servers to which a connection has been configured. |
|
Server connection settings |
Clicking the Configure button opens a window where you can configure general settings for connecting to KATA/NDR servers, add a server certificate, and configure two-way authentication when connecting to KATA/NDR servers. |
|
Data transfer settings |
Clicking the Configure button opens a window where you can configure settings for transfer of data to KATA/NDR servers. |