Kaspersky Machine Learning for Anomaly Detection

Configuring the main settings of Kaspersky MLAD

Kaspersky MLAD lets you specify the name of the monitored asset, web address and IP address for connecting users to the application web interface, and the frequency of receiving new data from the monitored asset. The name of the monitored asset will be displayed in each section of the Kaspersky MLAD web interface.

Configuration of the main parameters of Kaspersky MLAD is performed by an administrator (Kaspersky employee or certified integrator).

To configure the main settings of Kaspersky MLAD:

1. In the administrator menu, select System parameters → Main.

   A list of options appears on the right.

2. In the Name of monitored object field, specify the name of the monitored asset.
3. In the Application web address field, specify the web address of the application.
4. In the Application connection IP address field, specify the IP address of the application.
5. In the Interval for receiving data from the Message Broker service (ms) field, specify the interval for updating telemetry data in the application web interface.

   The higher the specified parameter value, the less frequently the data is updated.

6. In the Interval for receiving incident statistics from the database (ms) field, indicate how frequently data on incidents registered by the application should be updated in the application web interface.
7. In the Number of authentication attempts field, specify the number of unsuccessful authorization attempts. When this number is reached, Kaspersky MLAD blocks the corresponding user account.
8. In the User lock duration (sec) field, specify the period in seconds to block a user account after reaching the specified number of unsuccessful authorization attempts.
9. Click the Save button.