Protecting application services with PPL technology
November 17, 2023
ID 193458
The protection of application services using the Protected Process Light (PPL) technology is implemented in Kaspersky Endpoint Agent.
The protection of application services using the Protected Process Light (PPL) technology is only available on the following operating systems:
- For workstations: Windows 10 version 1703 RS2 and above
- For servers: Windows Server 2016 version 1709 and above
Processes that are running with the PPL flag cannot be stopped or changed by other processes without the PPL flag.
Usage of the PPL flag for the application services allows you to protect the services from malicious external influences and attempts to compromise the application.
To configure protection of application services by the PPL technology using the command line interface:
- On the device, run a command line interpreter (for example, Command Prompt cmd.exe) with the permissions of the local administrator.
- Using the
cdcommand, navigate to the folder where the Agent.exe file is located.For example, enter the command
cd "C:\Program Files (x86)\Kaspersky Lab\Endpoint Agent\"and press ENTER. - Enter one of the following commands and press ENTER:
agent.exe --ppl=show [--pwd=<current user password>]shows the current status of application services protection by the PPL technology.agent.exe --ppl=disable [--pwd=<current user password>]disables application services protection by the PPL technology.
Return codes of the --ppl command:
- 0 – command successfully executed.
- 2 – general error.
- 4 – syntax error.
- 8 – permission error.
