Creating a policy

The process of creating a policy involves the following steps:

1. Creating a policy using the policy wizard. Real-Time Server Protection tasks settings can be configured using the wizard dialogs.
2. Configuring policy settings. In the Properties: <Policy name> window of the created policy, you can define the following:
   • Real-Time Server Protection task settings.
   • General settings of Kaspersky Security for Windows Server.
   • Quarantine and Backup settings.
   • Level of detail for task logs.
   • User and administrator notifications about Kaspersky Security for Windows Server events.

To create a policy for a group of protected devices running the installed Kaspersky Security for Windows Server:

1. Expand the Managed devices node in the Kaspersky Security Center Administration Console tree, then select the administration group containing the protected devices for which you wish to create a policy.
2. In the results pane of the selected administration group, select the Policies tab and click the Create a policy link to start the wizard and create a policy.

   The New Policy Wizard window opens.

3. In the Select the application for which you want to create a group policy window, select Kaspersky Security for Windows Server.
4. Click Next.
5. Enter a group policy name in the Name field.

   The policy name cannot contain the following symbols: " * < : > ? \ | .

6. To apply a policy configuration used in a previous version of the application:
   1. Select the Use settings from policy for previous versions of application check box.
   2. Click the Select button.
   3. Select the policy you want to apply.
   4. Click Next.
7. In the Operation type selection window, select one of the following options:
   • New, to create a new policy with default settings.
   • Import policy created with previous versions of Kaspersky Security for Windows Server, to use the imported policy as a template.
   • Click Browse and select a configuration file with an existing policy.
8. In the Real-time Server Protection window, configure the Real-Time File Protection, KSN Usage tasks, Exploit Prevention, and Script Monitoring as required. Allow or block the use of configured policy tasks on protected devices on the network:
   • Click the button to allow changes to task settings on network protected devices and block the application of task settings configured in the policy.
   • Click the button to deny changes to task settings on network protected devices and allow the application of task settings configured in the policy.

   The newly created policy uses the default settings of Real-Time Server Protection tasks.

   • To edit the default settings of the Real-Time File Protection task:
     • Click the Settings button in the Real-Time File Protection subsection.
     • In the window that opens, configure the task according to your needs.
     • Click OK.
   • To edit the default settings of the KSN Usage task:
     • Click the Settings button in the KSN Usage subsection.
     • In the window that opens, configure the task according to your needs.
     • Click OK.

     To start the KSN Usage task, you need to accept the KSN Statement in the KSN data handling window.

   • To edit the default settings of the Exploit Prevention component:
     • Click the Settings button in the Exploit Prevention subsection.
     • In the window that opens, configure the functionality according to your needs.
     • Click OK.
9. Select one of the following policy statuses in the Create the group policy for the application window:
   • Active policy, if you want to apply the policy immediately after it is created. If an active policy already exists in the group, it is deactivated and a new policy is applied.
   • Inactive policy, if you do not want to apply the created policy immediately. In this case the policy may be activated later.
   • Select the Open policy properties immediately after they are created check box to automatically close the New Policy Wizard and configure the newly created policy after clicking the Next button.
10. Click the Finish button.

The created policy appears in the list of policies on the Policies tab of the selected administration group. In the Properties: <Policy name> window, you can configure other settings, tasks and functions of Kaspersky Security for Windows Server.