You can block applications from running on Windows devices if those applications do not meet your corporate security requirements. Application startup is restricted through Application Control.
This feature is available only if you activated Kaspersky Endpoint Security Cloud under a Kaspersky Endpoint Security Cloud Pro license.
To configure Application Control on Windows devices:
The Security profiles section contains a list of security profiles configured in Kaspersky Endpoint Security Cloud.
The security profile properties window displays settings available for all devices.
The Application Control settings page opens.
This mode is Default allow, which allows users to start an application unless it is on the list of blocked ones.
This mode is Default deny, which prevents users from starting an application unless it is on the list of allowed ones.
For each Application Control mode, you can add up to five exceptions.
Do any of the following:
By default, a newly added exception is enabled.
You cannot edit the predefined exception Trusted installation packages that is displayed if the Application Control mode is Block all applications, except.
You cannot delete the predefined exception Trusted installation packages that is displayed if the Application Control mode is Block all applications, except.
The list of Application Control exceptions is updated.
After the security profile is applied, Application Control is enabled on Windows devices. User access to applications is governed according to the currently defined settings.
To define the settings of an Application Control exception:
You can specify either of the following criteria:
Kaspersky Endpoint Security Cloud manages access to applications from the selected categories.
Do the following:
Kaspersky Endpoint Security Cloud manages access only to the specified applications.
Do the following:
You can use masks:
*
(asterisk) character takes the place of any set of characters. For example, C:\Users\User\Desktop\*.exe
.?
(question mark) character takes the place of any single character. For example, C:\Users\User\Desktop\test?.exe
.Kaspersky Endpoint Security Cloud manages access to all applications that are stored on removable drives.
The defined settings are saved.
Page top