Now you can optimize scans of application log files: you can use the SkipPlainTextFiles setting to exclude text files from scans if they are reused by the same process within 10 minutes after the most recent scan.
The interaction with the operating system's firewall has been updated: Kaspersky Endpoint Security uses the iptables and iptables-restore system utilities when adding rules for the system firewall. On systems with nftables, we fixed a problem with displaying applications' network packet rules using system utilities.
Now you can exclude traffic from scans: in the list in the mangle table of the iptables and ip6tables utilities, we added a special allowing rule chain kesl_bypass, which lets you configure traffic exclusion rules. Exclusions affect the operation of Firewall Management, Web Threat Protection and Network Threat Protection tasks.
The application distribution kit no longer includes a special package for installing the application on the Astra Linux Special Edition operating system. A general deb package for 64-bit operating systems is used.
You can now install and run the application on devices with operating systems for the Arm architecture. The application distribution package now includes a special package to install the application on operating systems for the Arm architecture.
Device Control, Network Threat Protection and Behavior Detection tasks now support the ability to work in notify-only mode, notifying the user when threats are detected or when attempts to access a device are detected without taking any other actions.
KESL containers now let you configure a timeout for application commands and application database update tasks.