You can import a file with MD5 and SHA256 hashes for files that you want to prevent from running. For each hash, Kaspersky Anti Targeted Attack Platform creates a separate prevention rule.
The maximum size of the imported file is 10 MB. Only one hash per line is allowed.
To import prevention rules:
This opens the prevention rule table.
This opens the prevention rule import window.
The Prevent on field cannot be edited. By default, prevention rules created on a PCN server are applied on all hosts connected to that PCN server and all SCN servers connected to that PCN server (if you are using the distributed solution and multitenancy mode).
This opens the file selection window.
This closes the file selection window.
The rules are imported.
Users with the Security auditor role cannot import file launch prevention rules.
Users with the Security officer role cannot access prevention rules.
Page top