Participation in Kaspersky Security Network and use of Kaspersky Private Security Network

To protect the user's computer more effectively, Kaspersky Anti Targeted Attack Platform uses data that is obtained from users around the globe. Kaspersky Security Network is designed to obtain such data.

Kaspersky Security Network (hereinafter also "KSN") is an infrastructure of online services that provides users with access to the Kaspersky online knowledge base containing information on the reputation of files, web resources, and software. Use of data from Kaspersky Security Network ensures that Kaspersky Anti Targeted Attack Platform responds faster to new objects that have not yet been added to the anti-virus databases, improves the performance of some protection components, and reduces the likelihood of false alarms.

Thanks to users who participate in Kaspersky Security Network, Kaspersky is able to promptly receive information about the types and sources of objects that have not yet been added to the anti-virus databases, develop solutions for neutralizing them, and minimize the number of false alarms. User participation also helps other users of Kaspersky Security Network promptly receive information about threats to the IT infrastructure of their organizations.

When you participate in Kaspersky Security Network, Kaspersky Anti Targeted Attack Platform sends Kaspersky Security Network requests about the reputation of files, web resources and software, and receives a response containing data about the reputation of those objects.

Personal information of the user is not collected, processed, or stored. For information about data that Kaspersky Anti Targeted Attack Platform sends to Kaspersky Security Network, refer to the KSN Statement.

Participation in Kaspersky Security Network is voluntary. The decision to participate in Kaspersky Security Network is made during installation of Kaspersky Anti Targeted Attack Platform, and that decision can be changed at any time.

If you do not want to participate in KSN, you can use Kaspersky Private Security Network (hereinafter also referred to as "KPSN"). KPSN is a solution that allows users to access the reputation databases of Kaspersky Security Network and other statistical data without actually sending data from their own computers to Kaspersky Security Network.

If you want to purchase Kaspersky Private Security Network, you can contact Kaspersky partners in your region.

Participation in KSN is configured on the Central Node server and is applied to all connected Sensor servers.

If you are using the

distributed solution

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

multitenancy mode

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Viewing the KSN Statement and configuring participation in KSN

To configure the participation in Kaspersky Security Network:

1. Log in to the program web interface with the administrator account.
2. Select the Settings section, KSN/KPSN and MDR subsection.
3. On the right of the Connection type parameter name, click the KSN button.
4. Carefully read the Kaspersky Security Network Statement and select one of the following options:
   • I agree to participate in KSN, if you accept the terms of the KSN Statement and want to participate in KSN.
   • I do not agree to participate in KSN, if you do not accept the terms of the KSN Statement and do not want to participate in KSN.

     If you do not agree with the terms of the Statement, use of Kaspersky Security Network will not be enabled.

5. Click Apply.

Participation in Kaspersky Security Network will be configured.

Enabling the use of KPSN

To enable the use of KPSN:

1. Log in to the program web interface with the administrator account.
2. Select the Settings section, KSN/KPSN and MDR subsection.
3. On the right of the Connection type parameter name, click the KPSN button.
4. In the KPSN configuration files section, upload the kc_private.xms, kh_private.xms and ksncli_private.dat files by clicking Browse.
5. Click Apply.

Use of Kaspersky Private Security Network will be enabled.

Configuring a connection to a local reputation database of KPSN

The program can save information about Sandbox component alerts to the

If you are using the distributed solution and multitenancy mode, use the web interface of the PCN or SCN server for which you want to configure parameters.

To configure the connection of Kaspersky Anti Targeted Attack Platform to a local KPSN reputation database:

1. Log in to the program web interface with the administrator account.
2. Select the Settings section, KPSN reputation database subsection.
3. In the Host field, specify the IP address of the KPSN server on which the local reputation database of KPSN is stored.
4. Click Browse to the right of the TLS certificate field.

   This opens the file selection window.

5. Select the certificate file for user authentication in KPSN and click the Open button.
6. Click Browse to the right of the TLS encryption key field.

   This opens the file selection window.

7. Select the file containing the private encryption key, and click the Open button.

The connection to the local reputation database of KPSN will be configured.

Configuring information to be saved to a local reputation database of KPSN

The program can save MD5 and SHA256 hashes of objects detected by the Sandbox component in the local reputation database of KPSN. In this case, the Untrusted status is assigned to objects. Data of local reputation databases is available only to corporate LAN computers.

To configure the saving of alert details to the local reputation database of KPSN:

1. Log in to the program web interface under the senior security officer account.
2. Select the Settings section, KPSN reputation database subsection.
3. Do one of the following:
   • Turn on the Assign the "Untrusted" status to objects switch if you want the program to set the status of alerts to Untrusted and save information about Sandbox component alerts in the local reputation database of KPSN.
   • Turn off the Assign the "Untrusted" status to objects switch if you do not want to save information about Sandbox component alerts in the local reputation database of KPSN.
4. Click Save.

The saving of information to the local reputation database of KPSN is configured.

Declining participation in KSN and use of KPSN

To decline participation in Kaspersky Security Network and the use of KPSN:

1. Log in to the program web interface with the administrator account.
2. Select the Settings section, KSN/KPSN and MDR subsection.
3. On the right of the Connection type parameter name, click the Not connected button.
4. Click Apply.

You will not participate in KSN and will not use KPSN.