Kaspersky Secure Mobility Management
5.0
English
Working in Kaspersky Security Center Web Console  >  Getting started  >  Managing mobile devices in Kaspersky Security Center Web Console  >  Configuring policies  >  Configuring policy profiles
Configuring policy profiles

Sometimes it may be necessary to create and centrally modify several instances of a single policy for an administration group. These instances might differ by only one or two settings.

To help you avoid creating several instances of a single policy, Kaspersky Security Center Web Console lets you create policy profiles. Policy profiles are necessary if you want devices within a single administration group to run under different policy settings.

A policy profile is a named subset of policy settings. This subset is distributed on target devices together with the policy, supplementing it under a specific condition called the profile activation condition. Profiles only contain settings that differ from the "basic" policy, which is active on the managed device. Activation of a profile modifies the settings of the "basic" policy that were initially active on the device. The modified settings take values that have been specified in the profile.

You can modify the specific conditions that must affect activation of the policy profile that you are creating. For mobile devices, you can modify the following conditions:

  • Rules for specific device owner

    Profile activation on the device according to its owner.

    • Device owner
    • Device owner is included in an internal security group
  • Rules for role assignment

    Profile activation on the device depending on the owner's role.

    • Activate policy profile by specific role of device owner
  • Rules for tag usage

    Profile activation on the device depending on the tags assigned to the device.

    • Tag list
    • Apply to devices without the specified tags
  • Rules for Active Directory usage

    Policy profile activation on the device based on the device allocation in an Active Directory organizational unit or the membership of that device (or the device owner) in an Active Directory security group. The configuration scope depends on the currently used policy.

    • Device owner's membership in an Active Directory security group
    • Device membership in Active Directory security group
    • Device allocation in Active Directory organizational unit

For detailed information on configuring activation rules, creating, deleting, or copying policy profiles, refer to the Kaspersky Security Center Help.

If you copy a policy profile to an incompatible policy (a policy in which the operating systems and device operating modes of this profile are not configured), such profile will not work properly.

Article ID: 286996, Last review: May 15, 2025
Page top