Managing the application using Kaspersky Security Center

Kaspersky Security Center allows you to remotely and centrally manage the operation of Kaspersky Embedded Systems Security on client devices. You can remotely install and uninstall, start, and stop Kaspersky Embedded Systems Security; configure settings for the application, as well as for the individual components and tasks of the application; and start and stop tasks on the managed devices.

You can use the following Kaspersky Security Center administration consoles to manage Kaspersky Embedded Systems Security via Kaspersky Security Center:

• Kaspersky Security Center Administration Console (hereinafter also referred to as Administration Console). This is a Microsoft Management Console (MMC) snap-in that is installed on the administrator's workstation and provides a user interface for the Administration Server and Network Agent administrative services.

  The interface for managing Kaspersky Embedded Systems Security via the Kaspersky Security Center Administration Console is provided by the administration MMC plug-in (hereinafter also referred to as the "MMC plug-in").

  This Help describes how to manage the Administration Console of Kaspersky Security Center 14.2 Windows.

• Kaspersky Security Center Web Console (hereinafter also referred to as Web Console). This is a web interface for managing a protection system based on Kaspersky applications. You can work in Kaspersky Security Center Web Console using a browser on any device that has access to the Administration Server.

  The interface for managing Kaspersky Embedded Systems Security via the Kaspersky Security Center Web Console is provided by the administration web plug-in (hereinafter also simply referred to as web plug-in).

  This Help describes how to manage the Web Console of Kaspersky Security Center 15.2 Linux.

• Kaspersky Security Center Cloud Console. This is a cloud-based administration console within the cloud version of the Kaspersky Security Center application, also known as the Kaspersky Security Center Cloud Console. Interface of the Cloud console is similar to Kaspersky Security Center Web Console interface. The interface for managing Kaspersky Embedded Systems Security via the Kaspersky Security Center Cloud Console is also provided by the web plug-in.

The MMC plug-in and web plug-in allow you to create policies and tasks in Kaspersky Security Center for managing the operation of Kaspersky Embedded Systems Security:

• A policy is a set of settings that is applied on all devices in an
  administration group

  A set of devices combined in Kaspersky Security Center in accordance with the functions they perform and the set of Kaspersky applications installed on them. Devices are grouped to simplify administration as the group of devices can be managed as a single entity. An administration group can include other groups. For each application installed in the administration group, group policies and group tasks can be created.

  A set of devices combined in Kaspersky Security Center in accordance with the functions they perform and the set of Kaspersky applications installed on them. Devices are grouped to simplify administration as the group of devices can be managed as a single entity. An administration group can include other groups. For each application installed in the administration group, group policies and group tasks can be created.

  . Policies allow you to apply identical application settings to all client devices within an administration group.

  The Kaspersky Embedded Systems Security policy defines the general settings for the operation of Kaspersky Embedded Systems Security and the settings for the operation of individual functional components of the application on devices where the policy is applied.

• Tasks for Kaspersky Embedded Systems Security created in Kaspersky Security Center run on the protected devices and implement Kaspersky Embedded Systems Security functions such as on-demand scan, application activation, and updates to the databases and modules of the application.

  In Kaspersky Security Center, you can create tasks to be performed on an individual device (local tasks), tasks for all devices in the administration group (group tasks), or tasks for a random selection of devices (tasks for sets of devices).

Regardless of the Kaspersky Security Center administration console that you use, you must assign the devices on which Kaspersky Embedded Systems Security is installed to administration groups in order to manage Kaspersky Embedded Systems Security on these devices using Kaspersky Security Center. You can create administration groups in Kaspersky Security Center before Kaspersky Embedded Systems Security installation and configure rules to automatically move the devices to administration groups. You can also manually move the devices to the administration groups after installing Kaspersky Embedded Systems Security (for details, refer to Kaspersky Security Center documentation).

About Kaspersky Embedded Systems Security management plug-ins

The following management plug-ins are required for managing Kaspersky Embedded Systems Security using Kaspersky Security Center:

• Kaspersky Embedded Systems Security administration web plug-in (hereinafter also referred to as the web plug-in) facilitates interaction between Kaspersky Embedded Systems Security and Kaspersky Security Center using Kaspersky Security Center Web Console and Kaspersky Security Center Cloud Console.

  The web plug-in must be installed on the device that has Kaspersky Security Center Web Console installed. Management of Kaspersky Embedded Systems Security using the web plug-in is available to all administrators who have access to the Kaspersky Security Center Web Console in a browser.

• The Kaspersky Embedded Systems Security administration MMC plug-in (hereinafter also referred to as the MMC plug-in) facilitates interaction between Kaspersky Embedded Systems Security and Kaspersky Security Center using the Administration Console.

  The MMC plug-in must be installed on the device where the Kaspersky Security Center Administration Console is installed.

The Kaspersky Embedded Systems Security management plug-ins let you manage Kaspersky Embedded Systems Security using policies and tasks.

For more details about administration plug-ins, refer to Kaspersky Security Center documentation.

Kaspersky Security Center policies

A policy is a set of Kaspersky Embedded Systems Security settings that are applied to all client devices included in the administration group.

Multiple policies with different values of the settings can be configured for a single application. However, there can be only one active policy at a time for an application within an administration group. When you create a new policy, all other policies within an administration group become inactive. You can change the policy status later.

Policies have a hierarchy, similarly to administration groups. By default, a child policy inherits the settings from the parent policy. A child policy is a policy of a nested hierarchy level, that is, a policy for nested administration groups and secondary Administration Servers. You can enable inheritance of the settings from the parent policy.

You can locally modify the values of the settings specified by the policy for individual devices within the administration group, if modification of these settings is not prohibited by the policy.

Each policy setting has a "lock" attribute that indicates whether child policy settings and local application settings can be modified. The "lock" status of a setting within policy properties determines whether or not an application setting on a client device can be edited:

• When a setting is "locked" (), you cannot edit its value locally or in the policies of the nested hierarchy level. The setting value specified by the policy is used for all client devices within the administration group and nested groups.
• When a setting is "unlocked" (), you can edit its value locally or in the policies of the nested hierarchy level. If setting values are specified locally or in policy properties of a nested hierarchy level for client devices within an administration group, the setting value specified in the policy properties is not applied.

In the web plug-in and in the MMC plug-in, the number of parameters with "locks" is different. The web plug-in includes "locks" that are not present in the MMC plug-in.

Using policy profiles allows you to flexibly configure operation settings for the application. A policy profile may contain settings that differ from the "base" policy settings and apply to client devices when the configured conditions (activation rules) are met. Using policy profiles allows you to flexibly configure operation settings for different devices. You can create and configure profiles in the Policy profiles section of the policy properties.

Profile settings that are locked with a "padlock" override policy settings. That is, if the profile setting locked with a "padlock" is different from the policy setting, the application applies the setting from the profile. However, lists of settings are merged, supplementing each other. That is, if the settings in the list from the profile are missing from the "basic" policy, they are added to the resulting list of settings.

However, some lists are not merged, in which case the settings from the profile override the settings of the "basic" policy:

• Exclusions by process in the File Threat Protection and Behavior Detection components
• Protection scopes in the File Threat Protection and Anti-Cryptor components
• Monitoring scopes in the System Integrity Monitoring component
• List of rules (in the Application Control rules window) in the Application Control component
• Process memory exclusions in application settings
• Trusted domains in network settings
• Trusted root certificates in network settings
• Monitored ports in network settings

After the policy is applied for the first time, the application settings change in accordance with the policy settings.

If the application is not running when the policy is deleted, after application is started, this policy continues to be applied on the device and the application continues to operate with the settings specified by this policy.

For more details about policies and policy profiles, refer to the Kaspersky Security Center Help system.

Tasks for Kaspersky Embedded Systems Security created in Kaspersky Security Center

You can create the following types of tasks in Kaspersky Security Center for Kaspersky Embedded Systems Security:

• local tasks to run on individual devices;
• group tasks to run on devices within an administration group;
• tasks for sets of devices to run on multiple devices, regardless of their inclusion in administration groups.

  The tasks for the sets of devices are performed only on the devices that are specified in the task settings. If new devices are added to the device selection for which the task is created, this task is not applied to the new devices. To apply the task to these computers, you must create a new task or edit the settings of the existing task.

You can create any number of group tasks, tasks for a sets of devices, or local tasks.

The tasks are executed only if Kaspersky Embedded Systems Security is running on the devices.

General information about tasks created in Kaspersky Security Center is provided in Kaspersky Security Center documentation.

The following tasks are provided for managing Kaspersky Embedded Systems Security in Kaspersky Security Center:

• Malware Scan. During the task execution, the application scans the device areas that are specified in the task settings for viruses and other malware.
• Critical Areas Scan. During the task execution, the application scans boot sectors, startup objects, process memory, and kernel memory.
• Inventory. During the task execution, the application receives information about all executable files stored on the devices.
• System Integrity Check. During the task execution, the application determines changes of each object by comparing the current state of the monitored object to its original state, which was previously established as a baseline.
• Add Key. During the task execution, the application adds a key, including a reserve one, to activate the application.
• Update. During the task execution, the application updates the databases in accordance with the configured update settings.
• Rollback. During the task execution, the application rolls back the last database update.

Logging in and out of the Web Console and Cloud Console

Kaspersky Security Center Web Console

To log in to the Web Console, you need to know the web address and the port number of the Administration Server specified during the Web Console installation (port 8080 is used by default). JavaScript must also be enabled in your browser.

To log in to Web Console:

1. In your browser, go to the <Administration Server web address>:<port number> address.

   The login page is displayed.

2. Enter the user name and password for your account.

   It is recommended to make sure that the password complexity and anti-bruteforce mechanisms ensure that the password cannot be guessed within 6 months.

3. Click Log in.

   If the Administration Server is not responding, or if you enter incorrect credentials, an error message is displayed.

After logging in, a dashboard is displayed with the last language and theme used.

For more details about the Web Console interface, refer to Kaspersky Security Center documentation.

To log out of Web Console:

select <Account name> → Exit in the lower left corner of the screen.

The Web Console is closed, and the login page is displayed.

Kaspersky Security Center Cloud Console

For the Kaspersky Security Center Cloud Console, use a web token to log in to your account on the Cloud Console portal.

For detailed information about Kaspersky Security Center Cloud Console, refer to the Kaspersky Security Center Cloud Console documentation.

Managing policies in the Web Console

You can perform the following actions with the policies in the Web Console:

• Create a policy.
• Edit policy settings.

  If the user account which is used to access the Administration Server does not have permissions to edit the settings of certain functional scopes, the settings of these functional scopes are not available for editing.

• Export and import policy settings.
• Copy and move a policy.
• Delete a policy.
• Change a policy status.
• Create policy profiles.

For general information about working with policies, refer to the Kaspersky Security Center Help system.

Creating a policy in the Web Console

To create a policy in the Web Console:

1. In the main window of the Web Console, select Assets (Devices) → Policies and policy profiles.

   A list of policies and policy profiles opens.

2. Select the administration group containing the devices to which the policy should be applied. To do so, click the link in the Current path field located above the list of policies and policy profiles, and select the administration group in the window that opens.
3. Click Add.

   The Policy Wizard starts.

4. In the displayed window, select an application name from the list.

   Proceed to the next step of the wizard.

5. Decide whether you want to use Kaspersky Security Network. Carefully read the Kaspersky Security Network Statement and do one of the following:
   • If you agree with all the terms and conditions of the Statement and want the application to use Kaspersky Security Network, select I confirm that I have fully read, understand, and accept the terms and conditions of Kaspersky Security Network Statement.
   • If you do not want to use Kaspersky Security Network, select I do not accept the terms and conditions of the Kaspersky Security Network Statement and confirm your decision in the window that opens.

   Refusal to use Kaspersky Security Network does not interrupt the policy creation process. At any time, you can enable or disable use of Kaspersky Security Network or change the KSN mode for managed devices in the policy settings.

   Proceed to the next step of the wizard.

6. The General tab of the new policy settings window opens. Specify a name for the new policy.

   You can also configure the following policy settings:

   • Policy status:
     • Active. The policy that is currently applied to the device. If this option is selected, this policy becomes active on the device upon the next device synchronization with the Administration Server. This option is selected by default.
     • Inactive. The policy that is not currently applied to the device. If this option is selected, the policy becomes inactive but remains in the Policies folder. You can activate the inactive policy later.
   • Policy settings inheritance:
     • Inherit settings from parent policy. If this option is enabled, the policy settings values are inherited from the upper-level group policy and, therefore, are locked. The check toggle button is switched on by default.
     • Enforce settings inheritance for child policies If this option is enabled, the settings values of the child policies are locked. The toggle button is switched off by default.

   For general information about the policy settings, refer to Kaspersky Security Center Help section.

7. If you want to configure other policy settings, go to the Application settings tab and make the necessary changes.

   You can also change the policy settings later.

8. Click Save.

The created policy will be displayed in the list of policies.

For general information about managing policies, please refer to the Kaspersky Security Center Help.

Changing policy settings in the Web Console

To edit policy settings in the Web Console:

1. In the main window of the Web Console, select Assets (Devices) → Policies and policy profiles.

   The list of policies opens.

2. Select the administration group containing the devices to which the policy is applied. To do so, click the link in the Current path field in the upper part of the window and select the administration group in the window that opens.

   The list displays the policies configured for the selected administration group.

3. Click the name of the required policy in the list.

   The policy properties window opens.

4. Modify the policy settings on the Application settings tab.
5. Click the Save button to save the changes made.

The policy is saved with the updated settings.

Policy settings in the Web Console

You can configure policy settings on the Application settings tab of the policy properties window.

Policy settings

Page top

Managing policies in the Administration Console

You can perform the following actions with the policies in the Kaspersky Security Center Administration Console:

• Create a policy.
• Edit policy settings.

  If the user account which is used to access the Administration Server does not have permissions to edit the settings of certain functional scopes, the settings of these functional scopes are not available for editing.

• Export and import policy settings.
• Delete a policy.
• Change a policy status.
• Create policy profiles.

For general information about working with policies, please refer to the Kaspersky Security Center Help.

Creating a policy using the Administration Console

To create a policy in the Administration Console:

1. In the Administration Console tree, in the Managed devices folder, select the administration group containing the devices to which the policy should be applied.

   You can view the list of devices that are part of an administration group on the Devices tab of the folder with the name of this administration group.

2. In the workspace, select the Policies tab.
3. Click the New policy button to start the New policy wizard.

   You can also start the Wizard by clicking the Create → Policy item in the context menu in the list of policies.

4. In the first step of the Wizard, select Kaspersky Embedded Systems Security 3.4 for Linux from the list.

   Proceed to the next step of the wizard.

5. Enter a name for the new policy.
6. To use the settings from the previous version of Kaspersky Embedded Systems Security policy in the policy being created, select the Use policy settings for the earlier application version check box.

   Proceed to the next step of the wizard.

7. Decide whether you want to use Kaspersky Security Network. Carefully read the Kaspersky Security Network Statement and do one of the following:
   • If you agree with all the terms and conditions of the Statement and want the application to use Kaspersky Security Network, select I confirm that I have fully read, understand, and accept the terms and conditions of Kaspersky Security Network Statement.
   • If you do not want to use Kaspersky Security Network, select I do not accept the terms and conditions of the Kaspersky Security Network Statement and confirm your decision in the window that opens.

   Refusal to use Kaspersky Security Network does not interrupt the policy creation process. At any time, you can enable or disable use of Kaspersky Security Network or change the KSN mode for managed devices in the policy settings.

   Proceed to the next step of the wizard.

8. If necessary, configure the general settings for File Threat Protection.

   Proceed to the next step of the wizard.

9. If necessary, edit the File Threat Protection settings that have been configured by default.

   Proceed to the next step of the wizard.

10. If necessary, configure the exclusions from File Threat Protection.

    Proceed to the next step of the wizard.

11. If necessary, modify the default actions for infected objects.

    Proceed to the next step of the wizard.

12. Complete the New Policy Wizard.

The created policy is displayed in the list of policies of the administration group on the Policies tab and in the Policies folder of the console tree.

You can change the policy settings later. For general information about managing policies, refer to the Kaspersky Security Center Help system.

Changing policy settings in the Kaspersky Security Center Administration Console

To edit policy settings in the Administration Console:

1. In the tree of the Kaspersky Security Center Administration Console, in the Managed devices folder, open the folder with the name of the administration group that includes the required devices.
2. In the workspace, select the Policies tab.
3. In the list of policies, select the required policy and double-click it to open the Properties: <Policy name> window.

   You can also open the policy properties window by using the Properties item in the policy context menu or by clicking the Configure policy settings link located to the right of the list of policies in the section with the policy settings.

4. Edit the policy settings.
5. In the Properties: <Policy name> window, click OK to save the changes.

Policy settings in the Administration Console

You can configure policy settings in the sections and subsections of the policy properties window. For information about configuring general policy settings and event settings, refer to Kaspersky Security Center Help section.

Policy settings

Page top

Managing tasks in the Web Console

You can perform the following actions with the tasks for Kaspersky Embedded Systems Security in the Web Console:

• Create new tasks.
• Edit task settings.

  If the user account which is used to access the Administration Server does not have permissions to edit the settings of certain functional scopes, the settings of these functional scopes are not available for editing.

• Start, stop, pause, and resume tasks.

  The Update task cannot be paused or resumed, it can only be started or stopped.

• Export and import tasks.
• Delete tasks.

In the list of tasks, you can monitor the task execution results: view the task status and the statistics for task performance on the devices. You can also create a selection of events to monitor the task execution (Monitoring and reports → Event selections). For details on event selection, refer to Kaspersky Security Center documentation.

Task execution results are also saved locally on the device and in Kaspersky Security Center reports.

For general information about task management, refer to the Kaspersky Security Center Help system.

If the device is managed by a policy, it may not be possible to view and manage tasks created in Kaspersky Security Center using the command line or the graphical interface of the application.

Creating tasks in the Web Console

To create a task for a group or set of devices in the Web Console:

1. In the main window of the Web Console, select Assets (Devices) → Tasks.

   The list of tasks opens.

2. Click Add.

   The Task Wizard starts.

3. In the first step of the Wizard, perform the following actions:
   1. In the Application drop-down list, select Kaspersky Embedded Systems Security 3.4 for Linux.
   2. In the Task type drop-down list, select the type of task that you want to create.
   3. In the Task name field, enter a name for the new task.
   4. In the Devices to which the task will be assigned section, select the method for defining the task scope. The task scope comprises the devices on which the task will be run:
      • Select the Assign task to an administration group option if the task is to be run on all devices included in a specific administration group.
      • Select the Specify device addresses manually, or import addresses from a list option if the task is to be run on the specified devices.
      • Select the Assign task to a device selection option if the task is to be run on devices included in the device selection according to a predefined criterion. For information on how to create a device selection, refer to the Kaspersky Security Center Help system.

   Proceed to the next step of the wizard.

4. Depending on the selected method for defining the task scope, perform one of the following actions:
   • In the administration group tree, select the check boxes next to the required administration groups.
   • In the list of devices, select the check boxes next to the required devices. If the required devices are not listed, you can add them in the following ways:
     • Using the Add devices button. You can add devices by name or IP address, add devices from a specified IP range, or select devices from the list of devices detected by the Administration Server when polling the corporate LAN.
     • Using the Import devices from file button. For the import, a TXT file with a list of device addresses is used, where each address must be on a separate line.
   • From the list, select the name of the selection containing the required devices.

   Proceed to the next step of the wizard.

5. To configure the task settings immediately after creation, in the last step of the Wizard, select the Open task properties window after creation check box. A task is created with the default settings.
6. Complete the wizard.

A new task will be displayed in the list of tasks.

To create a local task in the Web Console:

1. In the main window of the Web Console, select Assets (Devices) → Managed devices.

   The list of managed devices opens.

2. Select the administration group containing the necessary device. To do so, click the link in the Current path field above the list of managed devices and select an administration group in the window that opens.

   The list displays only the managed devices for the selected administration group.

3. In the list, find the device for which you want to create a task and click the device name.
4. This opens a managed device properties window; in that window, go to the Tasks tab.

   The list of tasks created for this device is displayed.

5. Click Add.

   The Task Wizard starts.

6. In the first step of the Wizard, perform the following actions:
   1. In the Application drop-down list, select Kaspersky Embedded Systems Security 3.4 for Linux.
   2. In the Task type drop-down list, select the type of task that you want to create.
   3. In the Task name field, enter a name for the new task.
7. To configure the task settings immediately after creation, in the last step of the Wizard, select the Open task properties window after creation check box. A task is created with the default settings.
8. Complete the wizard.

A new task will be displayed in the list of tasks.

Page top

Changing task settings in the Web Console

To edit task settings in the Web Console:

1. In the main window of the Web Console, select Assets (Devices) → Tasks.

   The list of tasks opens.

2. Do one of the following:
   • To edit the settings of a task that is run on all devices included in a specific administration group, click the link in the Current path field in the upper part of the window and select the administration group in the window that opens.

     The list displays only tasks configured for the selected administration group.

   • To edit the settings of a task that is run on one or multiple devices (a task for a set of devices), click the link in the Current path field in the upper part of the window and select the top node with the name of the Administration Server in the window that opens.

     The list displays all tasks created on the Administration Server.

3. In the list of tasks, select the required task and open the task properties window by clicking the link in the task name.
4. Configure the task settings:
   • On the General tab, you can edit the name of the task.
   • On the Application settings tab, you can configure specific task settings. The availability of configurable settings depends on the type of task.
   • On the Schedule tab, you can configure the task run schedule and additional settings for starting and stopping the task.

   The General, Results, Settings, Schedule, and Revision history tabs of the task properties window are standard for Kaspersky Security Center; for more details, refer to the Kaspersky Security Center Help system.

5. Click the Save button to save the changes made.

Starting, stopping, pausing, and resuming tasks in the Web Console

To start, stop, pause, or resume a task in the Web Console:

1. In the main window of Kaspersky Security Center Web Console, select Assets (Devices) → Tasks.

   The list of tasks opens.

2. Do one of the following:
   • To start or stop a task that is run on all devices included in a specific administration group, click the link in the Current path field in the upper part of the window and select the administration group in the window that opens.

     The list displays only the tasks created for the selected administration group.

   • To start or stop a task that is run on one or multiple devices (a task for a set of devices), click the link in the Current path field in the upper part of the window and select the top node with the name of the Administration Server in the window that opens.

     The list displays all tasks created on the Administration Server.

3. In the list of tasks, check the box next to the name of the required task and click the action button above the list of tasks.

Managing tasks in the Administration Console

You can perform the following actions with the tasks for Kaspersky Embedded Systems Security in the Administration Console:

• Create new tasks.
• Edit task settings.

  If the user account which is used to access the Administration Server does not have permissions to edit the settings of certain functional scopes, the settings of these functional scopes are not available for editing.

• Start, stop, pause, and resume tasks.

  The Update task cannot be paused or resumed, it can only be started or stopped.

• Export and import tasks.
• Delete tasks.

In the list of tasks, you can monitor the task execution results: view the task status and the statistics for task performance on the devices.

Information on the progress and results of task execution can be viewed in the list of events that Kaspersky Embedded Systems Security sends to the Kaspersky Security Center Administration Server (on the Events tab in the workspace of the Administration Server <server name> node). You can also create a selection of events to monitor the execution of tasks. For details on event selection, refer to Kaspersky Security Center documentation.

Task execution results are also saved locally on the device and in Kaspersky Security Center reports.

For general information about task management, refer to the Kaspersky Security Center Help system.

If the device is managed by a policy, it may not be possible to view and manage tasks created in Kaspersky Security Center using the command line or the graphical interface of the application.

Creating tasks in the Administration Console

To create a task for a group or set of devices in the Administration Console:

1. In the Administration Console, perform one of the following actions:
   • To create a task that will be run on devices included in the selected administration group, select this administration group in the console tree in the Managed devices folder, then select the Tasks tab in the workspace and click the New task button.

     The New task wizard starts for devices of the selected administration group.

   • To create a task that will be performed on one or multiple devices (a task for a set of devices), select the Tasks folder in the console tree and click the New task button in the workspace.

     The New task wizard starts for the set of devices.

2. At the first step of the wizard, select Kaspersky Embedded Systems Security 3.4 for Linux and the type of the task.

   Proceed to the next step of the wizard.

3. If you are creating a task for a set of devices, the Wizard prompts you to define the task scope. The task scope comprises the devices on which the task will be run.
   1. Specify the method for defining the task scope: select devices from the list of devices detected by the Administration Server; set device addresses manually; import a list of devices from a file or specify a previously configured selection of devices (for more details, refer to the Kaspersky Security Center Help system).
   2. Depending on the method you have specified for defining the task scope, in the window that opens, perform one of the following actions:
      • In the list of detected devices, specify the devices on which the task will be run. To do so, select the check box in the list to the left of the device name.
      • Click the Add or Add IP range button and enter the device addresses manually.
      • Click the Import button and select the TXT file containing the list of device addresses in the window that opens.
      • Click the Browse button and, in the window that opens, specify the name of the selection containing the devices on which the task will be run.

   Proceed to the next step of the wizard.

4. Configure the available task settings by following the instructions in the Wizard.
5. Enter the name of the new task and proceed to the next step in the Wizard.
6. To start the task immediately after the Wizard finishes, in the final step, select the Run task after the wizard finishes check box.
7. Complete the wizard.

   A new task will be displayed in the list of tasks.

To create a local task in the Administration Console:

1. In the Administration Console tree, in the Managed devices folder, select the administration group containing the necessary device.
2. In the workspace, select the Devices tab.
3. In the list of managed devices, select the required device and double-click it to open the Properties: <Task name> window.
4. In the displayed window with the properties of the managed device, select the Tasks section.

   The list of tasks created for this device is displayed.

5. Click Add.

   The Task Wizard starts.

6. At the first step of the wizard, select Kaspersky Embedded Systems Security 3.4 for Linux and the type of the task.

   Proceed to the next step of the wizard.

7. Enter a name for the new task and configure the available task settings following the instructions of the wizard.
8. Complete the wizard.

   A new task will be displayed in the list of tasks.

Changing task settings in the Administration Console

To edit task settings in the Administration Console:

1. In the Administration Console, perform one of the following actions:
   • To edit the settings of a task that is run on devices included in the specified administration group, select this administration group in the console tree, then select the Tasks tab in the workspace.
   • To edit the settings of a task that is run on one or multiple devices (a task for a set of devices), select the Tasks folder in the console tree.
2. In the list of tasks, select the required task and double-click it to open the Properties: <Task name> window.

   You can also open the task properties window using the Properties item in the task context menu.

3. Edit the task settings. The availability of configurable settings depends on the type of task.

   The General, Notification, Schedule, and Revision history tabs of the task properties window are standard for Kaspersky Security Center; for more details, refer to the Kaspersky Security Center Help system.

4. Click Apply or OK in the Properties: <Task name> window to save the changes made.

Starting, stopping, pausing, and resuming tasks in the Administration Console

To start, stop, pause, or resume a task in the Administration Console:

1. In the Administration Console, perform one of the following actions:
   • To start or stop a task that is run on devices included in the specified administration group, select this administration group in the console tree, then select the Tasks tab in the workspace.

     The list of tasks created for the selected administration group opens.

   • To start or stop a task that is run on one or multiple devices (a task for a set of devices), select the Tasks folder in the console tree.

     The list of all tasks created on the Administration Server opens.

2. In the list of tasks, select the required task, open the context menu of the task, and select the action that you want to perform.