Configuring Application Control in the Administration Console

In the Administration Console, you can configure Application Control settings in the policy properties (Security ControlsApplication Control).

Application Control component settings

Setting

Description

Enable Application Control

The check box enables the Application Control component.

This check box is cleared by default.

Action on application startup attempt

The action that Kaspersky Endpoint Security performs upon detecting an attempt to start an application that matches the configured rules:

  • Apply rules (default value). If you select this option, Kaspersky Endpoint Security applies Application Control rules and performs the action specified in the rules.
  • Test rules. If you select this option, Kaspersky Endpoint Security tests the rules and generates an event about an attempt to start an application that matches the rules.

Application Control mode

Application Control task operation mode:

  • Allowlist. If you select this option, Kaspersky Endpoint Security prevents all users from launching any applications except those specified in the Application Control rules.
  • Denylist (default value). If you select this option, Kaspersky Endpoint Security allows all users to launch any applications except those specified in the Application Control rules.

Application Control rules

This group of settings contains the Configure button. Clicking this button opens the Application Control rules window.

Applying rules

In the drop-down list, you can select how rules are added:

  • Replace local rules with policy rules. When you select this item, the application applies only the rules specified in the policy.
  • Add policy rules to local rules (default value). When you select this item, the application applies the rules specified in the policy together with the local rules configured on the protected device.

Page top