Default policies and tasks
December 13, 2023
As a result of the Initial Configuration Wizard for the managed application, the following policies and tasks are created in the Managed devices folder of the main Kaspersky Security Center Administration Server.
Default main policy
This policy is displayed in the workspace of the Managed devices folder of the main Administration Server on the Policies tab and is named KSV Agentless 6.1 default policy.
Default policy settings take the following values:
- File Threat Protection disabled (a protection profile is not assigned to objects of the protected infrastructure).
- SNMP monitoring of the status of SVMs is disabled.
- Use of Backup is enabled. Storage period for backup copies of files is 30 days.
- Use of Kaspersky Security Network is disabled.
- Network Threat Protection is disabled.
If you want to use the default main policy for virtual machine protection, you need to enable anti-virus protection and configure Network Threat Protection in this policy.
All settings of the default main policy can be redefined in nested policies (all "locks" are open).
The availability of a default main policy lets you use the following capabilities of Kaspersky Security Center immediately after SVM deployment and before you manually create a policy:
- Display the list of protected virtual machines in KSC cluster properties.
- Register events that occur during scan and protection of virtual machines that are not part of Cloud Director organizations.
- Display information about the virtual machines whose protection involves the use of license keys in a key report.
- Display information about protected virtual machines in a protection status report.
If you want to delete the default main policy, make sure that one of the policies created by you is applied on all SVMs. If the main policy is not applied on an SVM, Kaspersky Security Center does not register the events from this SVM that occur during scan and protection of virtual machines that are not part of Cloud Director organizations, and does not display these virtual machines in reports.
Default tenant policy
This policy is created only on the main Kaspersky Security Center Administration Server if you installed the Kaspersky Security administration plug-in for tenants.
This policy is displayed in the workspace of the Managed devices folder of the main Administration Server on the Policies tab and is named KSV Agentless 6.1 (for tenants) default policy.
The settings of this policy are not used directly for the protection of virtual machines. However, the settings of the main protection profile and KSN usage settings configured in this policy may be inherited in tenant policies located in nested administration groups, for example, in the Managed devices folder of the virtual Administration Server.
If you want to centrally enable KSN usage for protection of all the tenant virtual machines, you need first to obtain the consent of the tenants to send KSN usage information and other information to Kaspersky depending on the KSN usage mode that you select (standard KSN or extended KSN).
All settings of the default tenant policy can be redefined in nested policies (all "locks" are open).
There must be a tenant policy in the Managed devices folder of the main Administration Server of Kaspersky Security Center to register events that occur during scans and protection of virtual machines of tenants, and to display virtual machines of tenants within the protected infrastructure of the KSC cluster and in the list of virtual machines protected by SVMs.
In the default tenant policy, you can configure the settings for notifications about events that occur during scans and protection of virtual machines of tenants.
Application database default update task
This task is displayed in the workspace of the Managed devices folder of the main Administration Server on the Tasks tab and is named Program database update.
The task is started each time an update package is downloaded to the storage of Kaspersky Security Center Administration Server, and it lets you update the databases on all SVMs.
Default Full Scan task
This task is displayed in the workspace of the Managed devices folder of the main Administration Server on the Tasks tab and is named Default Full Scan task.
This task lets you scan all virtual machines that are within the entire protected infrastructure but are not part of a Cloud Director organization.
The settings of the full scan task take the following values:
- Security level – Recommended:
- Archive scanning is disabled.
- Scanning of self-extracting archives and embedded OLE objects is enabled.
- Kaspersky Security does not scan compound files larger than 8 MB.
- File scan duration is unlimited.
- Kaspersky Security scans files of virtual machines to detect viruses, worms, Trojans, malicious tools, auto-dialers, adware, and multi-packed files.
- Kaspersky Security automatically attempts to disinfect infected files. If disinfection fails, the application deletes such files. If deletion fails, Kaspersky Security blocks the infected files.
- Kaspersky Security does not scan powered-off virtual machines, virtual machine templates, or files on optical drives.
- The scan task ends 120 minutes after the task was started.
- Scan task exclusions are not defined.
You can manually run this task.