The following settings are saved and imported without changing their values:
- Component and task settings
- Task logs and system audit logs
- The contents of Quarantine and Backup
- Accounts whose rights are used to launch tasks
- Rights to control the Kaspersky Security service and application
- Task notifications
When migrating to the new version, the following settings are reset:
- All counters, including the statuses of anti-virus databases and whether updates are needed
- Information about installed software module and anti-virus database updates
- Task execution statuses
- Application and component settings configured through the registry
- Application and component settings changed and configured as a result of the installation of critical fixes
Applications Launch Control rules
When migrating to the new version, the application saves your lists of applications launch control rules without changing them. You don’t need to generate the lists again from scratch. An administrator can also import a configuration file created from rules used in previous versions into the Applications Launch Control task settings in the new version of Kaspersky Security for Windows Server.
When migrating to the new version, we recommend that you stop the Applications Launch Control task if it is running in Active mode, or switch the task to Statistics Only mode. After the migration is complete, we recommend that you use the Statistics Only mode to check the updated lists of rules and verify they work as expected.
List of untrusted computers
The new versions of the application (10.1.0.622, 10.1.1.746) change the mechanism used to block client computers exhibiting harmful file activity or encryption activity:
- The new versions eliminate the Untrusted Hosts Blocking task.
- Blocking is now implemented by a change in the way the Real-Time File Protection and Anti-Cryptor tasks run.
- Lists of compromised client computers are saved in the Blocked Hosts storage.
- Settings for automatically unblocking a compromised client computer are configured in the properties for the Blocked Hosts storage.
After migration from version 10.0.0.486, lists of compromised client computers are not saved. Immediately after migrating and starting real-time protection tasks and the Anti-Cryptor task, the application automatically blocks access to network file resources according to the default settings for protection tasks using the Blocked Hosts storage.
Settings for automatically unblocking access to blocked network file resources are preserved during the migration process.
Changes concerning new application features after migration
- WMI: after upgrading to version 10.1.1, the WMI Provider component is registered in the system.
- AMSI: after upgrading to version 10.1.1, the Script monitoring component registers the AMSI Provider module and starts working through the IAntimalwareProvider interface on a computer running Microsoft Windows Server 2016 and later. If the Script monitoring component was not installed in the old version and was not selected for installation during upgrade, then the AMSI Provider module will not be registered.
- Software Distribution Control (the Application Launch Control subsystem): after upgrading to version 10.1.1, the checkbox Allow launching to all files from this distribution package extraction chain appears. This checkbox is cleared by default.
- PPL and ELAM: by default, the KAVFS service is not registered as PPL immediately after the installation. After upgrading to version 10.1.1 with default parameters, the KAVFS service will continue running without the PPL attribute.
- Compact Diagnostic Interface: after upgrading to 10.1.1, you can open the Compact Diagnostic Interface without entering password even if the password-protection feature is on. The Informational structure that is displayed in the Compact Diagnostic Interface is expanded: a new Statistics tab is available.