Users with the Senior security officer role can import, configure, replace, and delete user-defined IDS rules, as well as add Kaspersky-defined IDS rules to exclusions from scanning. Users with the Senior security officer or Security officer roles can use IDS rules to search for signs of targeted attacks, infected and possibly infected objects in the alert database, and to view the IDS rule information.
Depending on the program operating mode and the server on which the IDS rules are created, user-defined IDS rules can have one of the following types: