Configuring the settings for connecting to Kaspersky Private Security Network

To configure the settings for connecting to Kaspersky Private Security Network:

1. Perform the following steps in the Management Console tree:
   • If you want to configure the connection to Kaspersky Private Security Network for an unassigned Security Server, expand the node of the relevant Security Server.
   • If you want to configure the KPSN connection settings for Security Servers belonging to a profile, expand the Profiles node and within it expand the node of the profile for whose Security Servers you want to configure the connection to Kaspersky Private Security Network.
2. Select the Settings node.
3. In the workspace, expand the KSN Settings section of settings.
4. Select the Use Kaspersky Private Security Network (KPSN) check box.

   The Import button becomes activated.

5. Click the Import button.

   The Open folder window opens.

6. In the Open folder window, select the folder containing the files with the settings for connecting to Kaspersky Private Security Network servers.

   The following files are provided by Kaspersky:

   • Files containing the settings for connecting to KPSN servers:
     • kc_private.xms
     • kh_private.xms.
   • ksncli_private.dat – file containing a public RSA key for encrypting the channel used to transmit data between the application and Kaspersky Private Security Network servers.

   For detailed information please refer to Technical Support.

   If you have received files containing settings for connecting to Kaspersky Private Security Network servers and the names of those files differ from the names specified in this reference document, change the file names to match the file names specified in this reference document.

7. Click OK.
8. Click the Save button.

The application imports files containing the connection settings and applies the received settings for the connection with Kaspersky Private Security Network servers.

Starting with the current version of the application 9.0 Maintenance Release 7, KPSN configuration files in PKCS7 format are used to configure the settings for connecting to Kaspersky Private Security Network servers.

If you're using configuration files in the old format (xms + dat) when you upgrade the application to version 9.7, you can continue using them until the configuration files are updated. After that you will be able to select only files in the PKCS7 format.

Before adding a KPSN configuration file in PKCS7 format, verify its authenticity:

1. Download the certificate file kpsn_certs.pem from the Kaspersky update server at http://downloads.kaspersky-labs.com/updates/ksn/kpsn_certs.pem.
2. Run command:

   openssl smime -verify -CAfile kpsn_certs.pem -in <KPSN_configuration_file_name> -inform DER> /dev/null

   The command execution result must be "Verification successful".

   If the command result is "Verification failure", the authentication failed and this configuration file must not be used.

If you are using Kaspersky Private Security Network for the purpose of not transmitting your organization's data over the Internet, make sure that you have disabled other additional Kaspersky Security services such as the Enforced Anti-Spam Update Service that requires an Internet connection to exchange data with Kaspersky servers.