To create a Light Agent for Windows policy:
On the Devices tab of the folder with the name of the administration group, you can view a list of protected virtual machines that belong to this administration group.
Go to the next step in the wizard.
Go to the next step in the wizard.
To import settings, click the Select button and, in the Please select a configuration file window that opens, select a file with the .cfg extension. The path to the configuration file is shown in the Configuration file field.
You can use a configuration file only from the Kaspersky Security for Virtualization 5.0 Light Agent application version.
You can edit these settings imported from the configuration file at subsequent steps of the Policy Wizard.
Go to the next step in the wizard.
If you are using Kaspersky Security Center 10 Service Pack 2 Maintenance Release 1, by default the settings of control components cannot be configured in the New Policy Wizard. You need to first enable the display of control settings in the settings of the Kaspersky Security Center Administration Console interface.
You can perform the following actions:
If you want to allow editing of control component settings through the local interface, select this component in the list and click the Open button located above the list of components, or click the lock icon to the left of the component name.
If the editing of component settings via the local interface is blocked, Kaspersky Security uses the policy-configured component operation settings on all protected virtual machines. If the editing of component settings via the local interface is allowed, Kaspersky Security uses local component settings instead of the policy-configured settings.
Go to the next step in the wizard.
You can perform the following actions:
If you want to allow editing of protection component settings through the local interface, select this component in the list and click the Open button located above the list of components, or click the lock icon to the left of the component name.
If the editing of component settings via the local interface is blocked, Kaspersky Security uses the policy-configured component operation settings on all protected virtual machines. If editing of component settings through the local interface is allowed, Kaspersky Security uses the local component settings instead of the settings configured in the policy.
Go to the next step in the wizard.
If the computer hosting the Kaspersky Security Center Administration Console does not belong to a domain or your account does not belong to the KLAdmins group or to the group of local administrators, when proceeding to the next step of the wizard specify the administrator password of the Integration Server (password of the admin account) in the opened window.
The New Policy Wizard checks the SSL certificate received from the Integration Server. If the certificate contains an error or is not trusted, the Integration Server certificate verification window opens. You can click the button in the window to view the details of the received certificate. To continue connecting to the Integration Server, click the Ignore button. The received certificate will be installed as a trusted certificate on the computer where the Kaspersky Security Center Administration Console is installed.
Go to the next step in the wizard.
If the check box is selected, files, folders, and processes recommended for these applications are included in the trusted zone, and the executable files of these applications are automatically added to the list of trusted applications.
The Citrix EdgeSight, Citrix Profile Manager, Citrix Provisioning Services, Citrix XenApp, and Citrix XenDesktop check boxes are selected by default to improve performance of these applications. The full list of recommended exclusions can be viewed on the Citrix website.
Go to the next step in the wizard.
To ensure that Kaspersky Security can operate on a virtual machine that uses Windows Terminal Services technology or on a virtual machine with a Microsoft Windows desktop operating system employing Citrix XenApp technology, you must clear the Start the local interface of the application check box.
If you use Light Agent on temporary virtual machines, you are advised to clear the Start the local interface of the application check box to improve virtual infrastructure performance.
Go to the next step in the wizard.
Go to the next step in the wizard.
The created policy will be displayed in the list of policies of the administration group on the Policies tab and in the Policies folder of the console tree.
The policy will be applied to protected virtual machines after the Kaspersky Security Center Administration Server relays the information to Kaspersky Security. Kaspersky Security starts protecting virtual machines on the hypervisor according to the policy settings.
If Network Agent is not running on a protected virtual machine, the created policy is not applied on this protected virtual machine.
If you chose the Inactive policy option during the previous step of the New Policy Wizard, the created policy is not applied on the protected virtual machines.