Kaspersky Security Center

Synchronization with Cloud: configuring the moving rule

14 April 2024

ID 199139

Expand all | Collapse all

During the Configure cloud environment operation, the Synchronize with Cloud rule is created automatically. This rule allows you to automatically move devices detected in each poll from the Unassigned devices group to the Managed devices\Cloud group, to make these devices available for centralized management. By default, the rule is active after it is created. You can disable, modify, or enforce the rule at any time.

To edit the properties of the Synchronize with Cloud rule and/or enforce the rule:

  1. In the main menu, go to Discovery & deployment → Deployment & assignmentMoving rules.

    This opens a list of moving rules.

  2. In the list of moving rules, select Synchronize with cloud.

    This opens the rule properties window.

  3. If necessary, specify the following settings in the Rule conditions tab, in the Cloud segments tab:
    • Device is in a cloud segment
    • Include child objects
    • Move devices from nested objects to corresponding subgroups
    • Create subgroups corresponding to containers of newly detected devices
    • Delete subgroups for which no match is found in the cloud segments

    If you enabled the Synchronize administration groups with cloud structure option when using the Configure cloud environment, the Synchronize with cloud rule is created with the Create subgroups corresponding to containers of newly detected devices and Delete subgroups for which no match is found in the cloud segments options enabled.

    If you did not enable the Synchronize administration groups with cloud structure option, the Synchronize with cloud rule is created with these options disabled (cleared). If your work with Kaspersky Security Center requires that the structure of subgroups in the Managed devices\Cloud subgroup matches the structure of cloud segments, enable the Create subgroups corresponding to containers of newly detected devices and Delete subgroups for which no match is found in the cloud segments options in the rule properties, and then enforce the rule.

  4. In the Device discovered by using the API drop-down list, select one of the following values:
    • No. The device cannot be detected by using AWS, Azure, or Google API, that is, it is either outside the cloud environment, or it is in the cloud environment but it cannot be detected by using an API for some reason.
    • AWS. The device is discovered by using AWS API, that is, the device definitely is in the AWS cloud environment.
    • Azure. The device is discovered by using Azure API, that is, the device definitely is in the Azure cloud environment.
    • Google Cloud. The device is discovered by using Google API, that is, the device definitely is in the Google cloud environment.
    • No value. This criterion cannot be applied.
  5. If necessary, set up other rule properties in the other sections.

The moving rule is configured.

See also:

Step 4. Segment polling, configuring synchronization with Cloud and choosing further actions

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.