Configuring traffic redirection from Kaspersky Endpoint Agent to the Sensor server

You can use the server hosting the Sensor component as a proxy server during data exchange between the Kaspersky Endpoint Agent program and the Central Node component to decrease the load on the Central Node component.

When configuring the traffic redirection, keep in mind the following limitations:

• The maximum incoming traffic volume for the Sensor component should not exceed 1 Gbit/s.
• The recommended channel capacity between servers hosting the Central Node and Sensor components should be 15% of the SPAN port traffic.
• The maximum allowed packet loss between servers hosting the Sensor and Central Node components should be 10% with a packet delay up to 100 ms.

You can only use the Sensor component as a proxy server if the Sensor and Central Node components are located on different servers.

If you are using the Sensor component as a proxy server, make sure to enter the IP address of the Sensor component instead of the IP address of Central Node when configuring the integration of Kaspersky Anti Targeted Attack Platform with Kaspersky Endpoint Agent on the Kaspersky Endpoint Agent side.

Enabling traffic redirection from Kaspersky Endpoint Agent to the Sensor server

To enable the use of the Sensor component as a proxy server for communication between Kaspersky Endpoint Agent and the Central Node component, do the following in the administrator menu of the server with the Sensor component:

1. In the main window of the administrator menu, select Program settings.
2. Press ENTER.

   This opens the next window of the administrator menu.

3. Select Configure Central Node.
4. Press ENTER.

   This opens a window with information about the current state of connection of the Sensor component to the Central Node component.

5. Click Change.
6. In the Input Central Node IP address window, enter the IP address of the server hosting the Central Node component.
7. Click Ok.

   This opens a window containing information on the Central Node component certificate.

8. Make sure that the displayed certificate matches the Central Node component certificate.
9. Click Ok.

   This opens a window with information about the current state of connection of the Sensor component to the Central Node component.

10. Click Cancel.

Using the Sensor component as a proxy server will be enabled after authorization confirmation on the server hosting the Central Node component.

Authorizing the Sensor component on a Central Node server

To authorize the Sensor component on the Central Node server, do the following in the web interface under the local administrator account:

1. Select the Sensor servers section in the window of the program web interface.

   The Server list table displays the already connected Sensor components, and connection requests.

2. Select the IP address of the server hosting the Sensor component, the request for authorization of which you want to confirm or reject.
3. Do one of the following:
   • If you want to authorize the selected server hosting the Sensor component, click Accept.
   • If you want to reject the authorization of the selected server hosting the Sensor component, click Reject.

The authorization request will be accepted or rejected.