Adding trigger conditions for the Applications Launch Control rule

How to add trigger conditions for the Applications Launch Control rule in the Kaspersky Security Center Administration Console

Go to the Applications Launch Control settings in the policy that you want to configure.
1. In the Kaspersky Security Center Administration Console tree, expand the Managed devices node.
2. Select the administration group for which you want to configure the task.
3. Select the Policies tab.
4. Double-click the policy name you want to configure.
5. In the policy properties window, go to the Local activity control section.
6. In the Applications Launch Control block, click the Settings button.
  The Applications Launch Control window opens on the General tab.
Select the Rules tab.
Do one of the following:
1. Click the Add button if you are adding a new Applications Launch Control rule.
2. In the list of Applications Launch Control rules, select the rule for which you want to add triggering conditions, and click the Edit button.
The Applications Launch Control window opens.
On the Conditions tab, in the context menu of the Add button, select a triggering condition for the Applications Launch Control rule:
- Information from file. Information from the selected file is used as the rule triggering condition.
  1. Click the Browse button in the Information from file window.
    The standard Microsoft Windows Open File window opens.
  2. Select the file.
  3. Click Open.
    Information about the selected file is displayed in the Information from file window.
  4. Select at least one option:
    - Certificate details. If this check box is selected, the rule does not control the launch of applications signed with a digital certificate that has the specified data.
    - Metadata. If this check box is selected, the rule does not control the launch of applications that have the specified metadata.
    - File hash. If this check box is selected, the rule does not control the launch of applications that have the specified SHA256 hash.
    - File path. If this check box is selected, the rule does not control the launch of applications at the specified path.
  5. If necessary, in the Command line field, enter the command for starting the application on the command line. The rule controls the launch of this application. You can use ? and * characters to enter a mask.
    Kaspersky Embedded Systems Security does not recognize paths that contain slashes ("/"). Use the backslash character ("\") in paths.
  6. Click OK.
- Drive type. The rule controls the launch of applications from all removable drives connected to the protected computer.
- KL category. The rule controls the launch of applications that belong to the selected KL categories.
- Trusted by KSN. The rule controls the launch of applications that are trusted in KSN.
- Untrusted by KSN. The rule controls the launch of applications that are untrusted in KSN.
- Trusted by OS. The rule controls the launch of applications that are trusted in the operating system.
The added condition will be displayed in the list.
If necessary, perform the previous step of the instructions for each of the subsequent rule triggering conditions.
If necessary, edit rule triggering conditions by clicking the Edit button.
Save your changes.

How to add trigger conditions for the Applications Launch Control rule in the Kaspersky Embedded Systems Security Console

In the Application Console tree, select the Computer Control → Applications Launch Control section.
Click the Properties link in the results pane.
The Applications Launch Control window opens on the General tab.
Select the Rules tab.
Do one of the following:
1. Click the Add button if you are adding a new Applications Launch Control rule.
2. In the list of Applications Launch Control rules, select the rule for which you want to add triggering conditions, and click the Edit button.
The Applications Launch Control window opens.
On the Conditions tab, in the context menu of the Add button, select a triggering condition for the Applications Launch Control rule:
- Information from file. Information from the selected file is used as the rule triggering condition.
  1. Click the Browse button in the Information from file window.
    The standard Microsoft Windows Open File window opens.
  2. Select the file.
  3. Click Open.
    Information about the selected file is displayed in the Information from file window.
  4. Select at least one option:
    - Certificate details. If this check box is selected, the rule does not control the launch of applications signed with a digital certificate that has the specified data.
    - Metadata. If this check box is selected, the rule does not control the launch of applications that have the specified metadata.
    - File hash. If this check box is selected, the rule does not control the launch of applications that have the specified SHA256 hash.
    - File path. If this check box is selected, the rule does not control the launch of applications at the specified path.
  5. If necessary, in the Command line field, enter the command for starting the application on the command line. The rule controls the launch of this application. You can use ? and * characters to enter a mask.
    Kaspersky Embedded Systems Security does not recognize paths that contain slashes ("/"). Use the backslash character ("\") in paths.
  6. Click OK.
- Drive type. The rule controls the launch of applications from all removable drives connected to the protected computer.
- KL category. The rule controls the launch of applications that belong to the selected KL categories.
- Trusted by KSN. The rule controls the launch of applications that are trusted in KSN.
- Untrusted by KSN. The rule controls the launch of applications that are untrusted in KSN.
- Trusted by OS. The rule controls the launch of applications that are trusted in the operating system.
The added condition will be displayed in the list.
If necessary, perform the previous step of the instructions for each of the subsequent rule triggering conditions.
If necessary, edit rule triggering conditions by clicking the Edit button.
Save your changes.

How to add trigger conditions for the Applications Launch Control rule in the Kaspersky Security Center Web Console

Go to the Applications Launch Control settings in the policy that you want to configure.
1. In the main window of the Web Console, select Assets (Devices) → Policies & profiles.
2. Click the name of the Kaspersky Embedded Systems Security policy.
  The policy properties window opens.
3. Select the Application settings tab.
4. Select the Local activity control section.
5. In the Applications Launch Control block, click the Configure button.
  The Applications Launch Control window opens on the General tab.
Select the Rules tab.
Click Add.
The Rule settings window opens.
On the Conditions tab, click the Add button.
The Rule settings window opens.
Select a triggering condition for the Applications Launch Control rule:
- Information from file. Information from the file is used as the rule triggering condition.
  1. Under Rule triggering criteria, specify a value for at least one criterion:
    - Digital certificate. If this check box is selected, the rule does not control the launch of applications signed with a digital certificate that has the specified data.
    - Metadata. If this check box is selected, the rule does not control the launch of applications that have the specified metadata.
    - SHA256 hash. If this check box is selected, the rule does not control the launch of applications that have the specified SHA256 hash.
    - File path. If this check box is selected, the rule does not control the launch of applications at the specified path.
  2. Click OK.
- From KL category. The rule controls the launch of applications that belong to the selected KL categories.
- Removable drive. The rule controls the launch of applications from all removable drives connected to the protected computer.
- Trusted by OS. The rule controls the launch of applications that are trusted in the operating system.
The added condition will be displayed in the list.
If necessary, perform steps 4 through 5 of the instructions for each of the subsequent rule triggering conditions.
If necessary, edit rule triggering conditions by clicking the Edit button.
Save your changes.

Page top