Enabling Execution prevention

Expand all | Collapse all

To enable Execution prevention:

1. Do one of the following:
   • Open the application properties window for an individual device.
     1. In the main Kaspersky Security Center Web Console window select Devices → Managed devices.
     2. Select the device.
     3. In the <Device name> window that opens, select the Applications tab.
     4. Select Kaspersky Endpoint Agent.
     5. In the window that opens, select the Application settings tab.
   • Open the policy properties window.
     1. In the main Kaspersky Security Center Web Console window select Devices → Policies and profiles.
     2. Select the policy you want to configure.
     3. In the <Policy name> window that opens, select the Application settings tab.
2. Select the Execution Prevention section.
3. In the Prevention mode group of settings, select the Enable the prevention of untrusted objects execution check box.
4. In the Apply prevention rules in mode drop-down list, select the required mode for applying Execution prevention rules:
   • Statistics only.

     In this mode, Kaspersky Endpoint Agent records to the Windows Event Log and to Kaspersky Security Center an event about attempts to execute objects or open documents that meet the criteria of the Execution prevention rules, but does not block execution or opening these objects.

   • Active.

     In this mode, Kaspersky Endpoint Agent blocks execution of the objects or opening the documents that meet criteria of the Execution prevention rules.

   When you enable Execution prevention in Kaspersky Security Center, the Statistics only mode is selected by default.

5. If you configure the policy settings, in the upper right corner of the group of settings, change the switch from Undefined to Enforce.
6. Click OK.
7. Click the Save button.

Page top