Interceptor settings

You can configure the way Kaspersky Endpoint Security monitors namespaces and Docker containers.

When managing the application through Kaspersky Security Center Cloud Console, only the Block files during scan setting is available.

Interceptor settings

Setting

Description

Namespaces and Docker containers monitoring enabled / disabled

This toggle button enables or disables namespaces and Docker containers monitoring.

The toggle button is switched on by default.

Action on threat detection

In this section, you can select an action to be performed when an infected object is detected during the scan:

  • Skip threat option does not perform any action on the Docker container when an infected object is detected.
  • Stop Docker container option stops the Docker container when an infected object is detected.
  • Stop Docker container if failed to disinfect or remove a threat option stops the Docker container if the disinfection of an infected object failed.

    The Stop Docker container if failed to disinfect or remove a threat option is selected by default.

Docker socket

Entry field for a Docker socket path.

The default value is /var/run/docker.sock.

Block files during scan

This check box enables or disables blocking of files during the scan for all monitoring tasks (File Threat Protection, Removable Drives Scan, and Anti-Cryptor).

Page top