In the main Kaspersky Security Center Web Console window select Devices → Policies and profiles.
Select the policy you want to configure.
In the <Policy name> window that opens, select the Application settings tab.
Select the Execution prevention section.
In the Prevention mode group of settings, select the Enable the prevention of untrusted objects' execution check box.
In the Apply Execution prevention rules drop-down list, select the required mode for applying Execution prevention rules:
Statistics only.
In this mode, Kaspersky Endpoint Agent records to the Windows Event Log and to Kaspersky Security Center an event about attempts to execute objects or open documents that meet the criteria of the Execution prevention rules, but does not block execution or opening these objects.
Active.
In this mode, Kaspersky Endpoint Agent blocks execution of the objects or opening the documents that meet criteria of the Execution prevention rules.
When you enable Execution prevention in Kaspersky Security Center, the Statistics only mode is selected by default.
If you configure the policy settings, in the upper right corner of the group of settings, change the switch from Undefined to Enforce.