Managing the solution using Kaspersky Security Center policies
You can use the Kaspersky Security Center Administration Console or Kaspersky Security Center Web Console to work with policies.
You can perform the following policy management operations:
- Create a policy.
- Edit policy settings.
- Delete a policy.
- Change policy status.
- Copy and move a policy.
- Export and import a policy.
The policy settings and groups of settings have a lock attribute, which shows whether a setting or group of settings can be changed in task settings or in policies of the nested hierarchy level (for nested administration groups and virtual and secondary Administration Servers).
The following Kaspersky Security Center policies are used to manage Kaspersky Security solution settings:
- A Protection Server policy (Kaspersky Security <version number> Light Agent – Protection Server policy) is applied to SVMs. The policy defines the operating settings of Protection Servers on all SVMs included in the administration group for which the policy is configured.
The Kaspersky Security Center Initial Configuration Wizard lets you automatically create a default policy for the Protection Server. A default policy is created for the Managed devices administration group with the name Kaspersky Security for Virtualization 6.2 Light Agent – Protection Server and is applied on all SVMs placed in the Managed devices administration group or to any nested administration group.
You can change the default values of this policy's settings.
- A Light Agent for Linux policy (Kaspersky Endpoint Security for Linux <version number> policy) is applied to virtual machines with Linux guest operating systems and defines the settings of the Kaspersky Endpoint Security for Linux application used in Light Agent mode. The policy is applied on all protected virtual machines belonging to the administration group for which the policy is configured.
With a Light Agent for Linux policy, you can configure:
- Kaspersky Endpoint Security for Linux application settings
- settings for connecting Light Agent for Linux to SVMs and to the Integration Server, which are required for Kaspersky Endpoint Security for Linux to operate in Light Agent mode for protecting virtual infrastructure.
For detailed information about Kaspersky Endpoint Security for Linux policy settings, see the Kaspersky Endpoint Security for Linux Help of the relevant version.
- A Light Agent for Windows policy (Kaspersky Endpoint Security for Windows <version number> policy) is applied to virtual machines with Windows guest operating systems and defines the settings of the Kaspersky Endpoint Security for Windows application used in Light Agent mode. The policy is applied on all protected virtual machines belonging to the administration group for which the policy is configured.
With a Light Agent for Windows policy, you can configure:
- Kaspersky Endpoint Security for Windows application settings
- settings for connecting Light Agent for Windows to SVMs and to the Integration Server, which are required for Kaspersky Endpoint Security for Windows to operate in Light Agent mode for protecting virtual infrastructure.
For detailed information about Kaspersky Endpoint Security for Windows policy settings, see the Kaspersky Endpoint Security for Windows Help of the relevant version.
In the Light Agent policy for Windows and in the Light Agent policy for Linux, you can create policy profiles. Using policy profiles allows more flexibility in configuring the Light Agent settings on different virtual machines. A policy profile may contain settings that differ from the settings of a basic policy and that are applied to protected virtual machines when your own defined conditions (activation rules) are met.
You can create and configure policy profiles in policy properties for a Light Agent in the Policy profiles section.
For more information about managing policies and policy profiles, please refer to the Kaspersky Security Center help.