Kaspersky Internet Security 2012

 
 
 

How to configure the Applications restriction option of Application Control in Kaspersky Internet Security 2012?

Back to "Application Control"
2012 Aug 15 ID: 6389
 
 
 
 
The Application control component logs actions performed by applications in the system, and manages the applications' activities, based on which group they belong to.

How to enable the option of application status identifying based on Kaspersky Security Network databases

The first stage in defining the application status is searching for information in the Kaspersky Security Network database. The statistics of Kaspersky Security Network make it possible to define the status to applications more accurately when they are launched for the first time and use optimum rules for controlling these applications. If the information about the application was not present in the Kaspersky Security Network database at the time of the first launch but was added later, the rules for controlling this application may be updated automatically. You may disable the rules downloading from Kaspersky Security Network or automatic updates of rules for previously unknown applications.

In order to disable loading rules from Kaspersky Security Network, perform the following actions:

  1. open the main application window
  2. in the right upper corner of the main application window, click Settings
  3. in the upper part of the Settings window, select Protection Center
  4. in the left part of the Settings window, select Application Control
  5. in the right part of the main application window in the Applications restriction section, perform the following actions:
    • if you wish to disable rules downloading, clear the box Load rules for applications from Kaspersky Security Network (KSN)
    • if you wish to disable rules for unknown applications update, clear the box Update rules for previously unknown applications from KSN
    • if you wish you disable automatical status identifying, clear the box Trust application with digital signatures
  6. in the Settings window, click the OK button
  7. close the main application window.

How unknown applications are identified to a specific group of applications

When heuristic analysis is used by default, Application Control inspects each program for 30 seconds. If after that time the component does not complete identification of its threat rating, the program will receive the Low Restricted status (based on the Kaspersky Security Network data). Rating calculation continues in the background and then the final status will be assigned to the program. You can change the time allocated for application analysis. If you are sure that all applications started on your computer do not pose any threat to your computer security, you can decrease the time spent on analysis. If, on the contrary, you are installing the software and are not sure that this is safe, you are advised to increase the time for analysis.

A set of rules is defined for each group of applications. These rules manage applications' access to various resources. Based on the system security factor, all applications can be divided into four pre-set groups of applications:
  • Trusted. Applications with a digital signature by trusted vendors, or applications which are recorded in the base of trusted applications. These applications have no restrictions applied on actions performed in the system. Those applications' activity is monitored by Proactive Defense and File Anti-Virus.
  • Low Restricted. Applications that do not have a digital signature from a trusted vendor, and which are not listed in the base of trusted applications. However, these applications have received low value of the threat rating. They are allowed to perform some operations, such as access to other processes, system control, hidden network access. The user's permission is required for most operations. 
  • High Restricted. Applications without a digital signature and which are not listed in the base of trusted applications. These applications have a high value of the threat rating. The applications of this group require the user's permission for most actions which affect the system: some actions are not allowed for such applications. 
  • Untrusted. Applications without a digital signature and which are not listed in the base of trusted applications. These applications have received a very high value of the threat rating. Application Control blocks any actions performed by such applications.

In order to specify the maximum time to define the application status, perform the following actions:

  1. open the main application window
  2. in the right upper corner of the main application window, click Settings
  3. in the upper part of the Settings window, select Protection Center
  4. in the left part of the Settings window, select Application Control
  5. in the right part of the Settings window in the Applications restriction section, perform the following actions:
    1. if you wish to enable heuristic analysis, select Use the heuristic analysis to define group
    2. if you wish to change time required to define a group, specify the required time for the option Maximum time to define the application status
    3. if you wish Kaspersky Internet Security 2012 to define a specific status to unknown program, select Move to the following group automatically and select the required group from the drop-down menu
  6. in the Settings window, click the OK button
  7. close the main application window.

InformationYou can specify time to define the application status only if the option Use heuristic analysis to define status is enabled.

 
 
 
 
Did the provided info help you?
Yes No
 
 
 

Applies To:

  • Kaspersky Internet Security 2012
  • Windows