Configuring the Integration Server connection settings to the Kaspersky Security Center Administration Server
For the Integration Server REST API interaction with the Kaspersky Security Center Administration Server during execution of requests, an account is required that has the following permissions in the Kaspersky Security Center:
- Permissions in the functional areas of the Administration Server:
- General functionality → Basic functionality: Read, Modify
- General functionality → Administration group management: Modify
- General functionality → User permissions: Modify access control lists
- General functionality → Virtual Administration Servers: Read, Modify, Execute, Manage
- Permissions to read and modify objects in the functional areas related to Light Agent settings.
You can create and configure an account to connect the Integration Server to Kaspersky Security Center:
- In Kaspersky Security Center Administration Console, in the Security section of the Kaspersky Security Center Administration Server properties window.
By default, the Security section is not displayed in the Administration Server properties window. To enable the display of the Security section, you must select the Display security settings sections check box in the Configure interface window (View → Configure interface menu) and restart the Kaspersky Security Center Administration Console.
- In Kaspersky Security Center Web Console, in the Users and roles → Users and groups section of the main window.
For more information on creating and configuring account rights in Kaspersky Security Center, see the Kaspersky Security Center Help.
How to configure the Integration Server's connection to Kaspersky Security Center Administration Server in Integration Server Web Console
To configure the Integration Server's connection to the Administration Server:
- Open Integration Server Web Console and connect to the Integration Server.
- Go to the Multitenancy mode section.
- Click the Connect button located in the Kaspersky Security Center connection settings block.
- In the window that opens, specify the connection settings:
- IP address in IPv4 format or fully qualified domain name (FQDN) of the Kaspersky Security Center Administration Server.
- Name and password of the account that will be used for interaction between the Integration Server REST API and the Kaspersky Security Center Administration Server.
- Click the Save button.
The Integration Server performs a connection attempt to verify the specified connection settings. If the SSL certificate received from the Kaspersky Security Center Administration Server is not trusted by the Integration Server, the Verify certificate window opens with a corresponding message. Click the link in this window to view the details of the received certificate. If the certificate complies with the security policy of your organization, you can confirm the authenticity of the certificate and continue connecting to Administration Server. If you do not consider this certificate is authentic, click the Cancel connection button to terminate the connection.
After the connection is established, the Integration Server saves the connection settings. The address of the Kaspersky Security Center Administration Server to which the connection is established is displayed in the Multitenancy mode window in the Kaspersky Security Center connection settings block. Using the buttons to the right of the Administration Server address, you can:
- Open the Kaspersky Security Center connection settings window to change the connection settings
- Terminate the connection between the Integration Server and the Kaspersky Security Center Administration Server and delete the configured connection settings
How to configure the Integration Server's connection to Kaspersky Security Center Administration Server in Integration Server Console
To configure the Integration Server's connection to the Administration Server:
- Open Integration Server Console and connect to the Integration Server.
- In the list on the left, select the Kaspersky Security Center connection settings section.
- Specify the following connection settings:
- IP address in IPv4 format or fully qualified domain name (FQDN) of the Kaspersky Security Center Administration Server.
- Name and password of the account that will be used for interaction between the Integration Server REST API and the Kaspersky Security Center Administration Server.
- Click the Save button.
The Integration Server performs a connection attempt to verify the specified connection settings. If the SSL certificate received from the Kaspersky Security Center Administration Server is not trusted for the Integration Server, a notification is displayed. Click the link in this window to view the details of the received certificate. If the received certificate complies with the security policy of your organization, you can confirm the certificate authenticity by clicking the Install certificate button. The received certificate is saved as a trusted certificate for the Integration Server.
After the connection is established, the Integration Server saves the connection settings. If necessary, you can edit connection settings in the same section.
By clicking Delete, you can terminate the connection of the Integration Server with the Kaspersky Security Center Administration Server and delete the configured connection settings.