Kaspersky Embedded Systems Security 4.0 now includes the System Integrity Monitoring component instead of the File Integrity Monitor component. System Integrity Monitoring component includes all functionality of File Integrity Monitor and additionally allows to monitor registry changes and connection of external devices.
The System Integrity Monitoring component monitors changes in the operating system that may indicate computer security breaches. When such changes are detected, Kaspersky Embedded Systems Security generates corresponding events and alerts the administrator. System Integrity Monitoring can operate in real-time mode and can also perform system integrity checks on demand.
Real-Time System Integrity Monitoring
In real-time mode, System Integrity Monitoring tracks changes in objects that you included in the component's scope (the monitoring scope). System Integrity Monitoring also allows blocking unauthorized access to such objects in real time.
On-Demand System Integrity Check
On-Demand System Integrity Check is a task that you can run manually or on a schedule. To run the Baseline System Integrity Monitor task, you must configure the scope of the component (the monitoring scope) and create a baseline. A baseline is a recorded state of objects in the system, which the application uses as reference when comparing to the current state. A baseline is created when the task is first started.
Migrating File Integrity Monitor settings
When you update Kaspersky Embedded Systems Security version 3.4 or earlier to version 4.0, File Integrity Monitor and Registry access monitoring settings are migrated automatically. As part of the migration, the application moves the monitoring rules to System Integrity Monitoring.