Configuring exclusions from network isolation

Expand all | Collapse all

This section provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.

Exclusions specified in the policy properties are applied only if network isolation is automatically enabled by the application in response to detection. Exclusions specified in the device properties are applied only if network isolation is enabled manually.

The active policy does not block the usage of network isolation exclusions specified in the device properties, since the scenarios for applying these settings are different.

To configure the settings of network isolation exclusions:

1. Do one of the following:
   • Open the application properties window for an individual device.
     1. In the Managed devices folder of the Administration Console tree, select the folder with the name of the administration group, which includes the required device.
     2. In the workspace, select the Devices tab.
     3. Select the device for which you want to configure Kaspersky Endpoint Agent settings.
     4. Select Properties in the device context menu.

        The device properties window opens.

     5. Select the Applications section.

        A list of Kaspersky applications installed on the device is displayed in the window.

     6. Select Kaspersky Endpoint Agent and open its properties window in one of the following ways:
        • Double-click the application name.
        • In the application context menu, select Properties.
        • Click the Properties button under the list of Kaspersky applications.

   • Open the policy properties window.
     1. Open Kaspersky Security Center Administration Console.
     2. In the console tree, open the Policies folder.
     3. Select Kaspersky Endpoint Agent policy and open its properties window in one of the following ways:
        • Double-click the policy name.
        • Select Properties in the policy context menu.
        • Select the Configure policy settings item in the right part of the window.

2. If you open the application properties window for an individual device, in the Network Isolation section, select Exclusions.
3. If you open the application policy properties window, in the Network Isolation section, select Isolation on detection.
4. You can perform the following actions:
   • Add custom exclusion

     To add a custom exclusion:

     1. Click Add.
     2. In the drop-down list, select Add a custom rule.

        The Rule properties window opens.

     3. Specify the required exclusion settings and click OK.

        The new rule is added to the exclusion list.

   • Add exclusions from the list of predefined network profiles

     To add exclusions from the list of predefined network profiles:

     1. Click Add.
     2. In the drop-down list, select Add from the network profile dictionary.
     3. In the window that opens, select the required network profile from Predefined network profiles list.

        At the bottom of the window, the description of the selected network profile will be displayed.

     4. If you want to view the exclusions that will be applied with the selected network profile, click the Show rules list button.
     5. If you want to add the selected network profile to the list of applicable profiles, click -->.

        You can add several network profiles at once.

     6. Click the Add selected button.

        Exclusions from the selected network profiles are added to the list of exclusions.

   • Change the settings of the added exclusion

     To change the settings of the added exclusion:

     1. Select the required exclusion in the Exclusions list.
     2. Click the View and edit button.
     3. The Rule properties window opens.
     4. Make the required changes and click OK.

     The selected exclusion is changed.

     If you change the settings of the exclusion that was specified in the network profile, this exclusion will become custom.

   • Enable or disable an exclusion

     To enable an exclusion,

     select the check box next to the exclusion name in the Exclusions list.

     To disable an exclusion,

     clear the check box next to the exclusion name in the Exclusions list.

   • Remove exclusion from the list

     To remove an exclusion from the list:

     1. In the Exclusions list, select the exclusion you want to remove.
     2. Click the Remove button.

     The exclusion is removed from the list of exclusions.

5. To save changes, click Apply.

See also Enabling and disabling network isolation Enabling and disabling user notification about network isolation Configuring automatic disabling of network isolation About network isolation in Kaspersky Endpoint Agent

Page top