- Kaspersky Endpoint Security overview
- What's new in this version
- Comparison of Kaspersky Endpoint Security functions depending on the Kaspersky Security Center management tool
- Install and uninstall the application
- Start the application for the first time
- Kaspersky Endpoint Security application interface
- About notifications
- Kaspersky Endpoint Security application licensing
- Perform common tasks
- Open and quit the application
- View the status of computer protection
- View the operating status of installed components
- Disable and resume computer protection
- Use Protection Center
- Perform scan tasks
- Configure the automatic start of a scheduled scan task
- Update application databases
- What to do if file access is blocked
- Restore a file that has been deleted or disinfected by the application
- View the application operation report
- What to do if notification windows appear
- Advanced configuration of the application
- Computer protection scope
- File Threat Protection
- Web Threat Protection
- Network Threat Protection
- Scan
- Update tasks
- Local tasks
- Backup
- Reports
- Managed Detection and Response
- Endpoint Detection and Response (KATA)
- Endpoint Detection and Response Optimum
- FileVault Disk Encryption
- Password protection
- Behavior Detection
- Participate in Kaspersky Security Network
- Check the integrity of application components
- Manage the application via Kaspersky Security Center Administration Console
- Deploy Kaspersky Endpoint Security on a corporate network
- Update Kaspersky Endpoint Security version 11.1 or later to version 12.1
- Prepare for remote installation of Kaspersky Endpoint Security
- Manage Network Agent from the command line
- Install and uninstall Kaspersky Endpoint Security
- Start and stop the application via Kaspersky Security Center
- Create and manage tasks
- Create and manage policies
- Create and manage policy profiles
- Generate a report on detected objects
- Get a recovery key for an encrypted disk
- Remote administration of the application via Kaspersky Security Center Web Console and Cloud Console
- Install the Kaspersky Endpoint Security web plug-in
- Create policies
- Create tasks
- Get a recovery key for an encrypted drive
- Manage the application from the command line
- View command line help
- Run malware scan
- Update the application
- Roll back the last update
- Start/stop a component or task
- View status and statistics of a component or task
- Export protection settings
- Activate the application
- Install the system extension
- Configure network connections
- Remove license keys
- Return codes of the command line
- Quit the application
- Uninstall the application
- Detection and Response management commands
- Contact Technical Support
- Sources of information about the application
- Appendices
- Information about third-party code
- Trademark notices
Remote administration of the application via Kaspersky Security Center Web Console and Cloud Console > Create policies > Configure Detection and Response settings > Configure Endpoint Detection and Response
Configure Endpoint Detection and Response
Configure Endpoint Detection and Response
In the Endpoint Detection and Response window, do the following if necessary:
- Enable or disable the Endpoint Detection and Response component.
- Configure the Network isolation settings for the user device:
- Specify the delay for automatically turning off Network isolation.
- Configure the Network isolation exclusions.
- Enable or disable Execution prevention.
- Select an action to be performed on execution or opening of forbidden object.
- Create a list of Execution prevention rules.
- Enable or disable Cloud Sandbox technology.
The Endpoint Detection and Response component combines automatic detection of threats with the ability to react to these threats to counteract advanced attacks including new exploits, ransomware, fileless attacks, as well as methods using legitimate system tools.
By default, Endpoint Detection and Response is disabled.
Article ID: 280800, Last review: Oct 7, 2024