Application Control enabled / disabled

This toggle switch enables or disables Application Control.

The toggle switch is off by default.

Action on starting applications blocked by rules

The action that Kaspersky Endpoint Security performs upon detecting an attempt to start an application that matches the configured rules:

• Test rules. If you select this option, Kaspersky Endpoint Security tests the rules and generates an event about an attempt to start an application that matches the rules.
• Apply rules (default value). If you select this option, Kaspersky Endpoint Security applies Application Control rules and performs the action specified in the rules.

Application Control mode

Application Control task operation mode:

• Allowlist. If you select this option, Kaspersky Endpoint Security prevents all users from launching any applications except those specified in the Application Control rules.
• Denylist (default value). If you select this option, Kaspersky Endpoint Security allows all users to launch any applications except those specified in the Application Control rules.

Application Control rules

Clicking the Configure rules link opens the Application Control rules window.

Applying rules

In the drop-down list, you can select how rules are added:

• Replace local rules with policy rules. When you select this item, the application applies only the rules specified in the policy.
• Add policy rules to local rules (default value). When you select this item, the application applies the rules specified in the policy together with the local rules configured on the protected device.