Configuring the protection scope for the Real-Time File Protection component
By default, the Real-Time File Protection component uses common security settings for the entire protection scope. These settings correspond to the Recommendedpredefined security level.
The default values of security settings can be modified by configuring them as common settings for the entire protection scope or as different settings for individual items in the device's file resource list.
If the same object is included in multiple protection scope entries and these entries have different security levels, the last rule in the list takes priority. For example, consider a protection scope that includes two entries: All hard drives (security level Inform) and *\Users\*\Downloads\* (security level Custom). The application scans hard drives in accordance with the Inform level, except the Downloads folder. The application scans the Downloads folder in accordance with manually specified settings because this entry is the last in the list of the protection scope.
To configure the security settings of the selected node manually:
In the Kaspersky Security Center Administration Console tree, select the Policies folder.
Select the necessary policy and double-click to open the policy properties.
In the policy properties window, select Real-Time Computer Protection.
In the Real-Time File Protection section, click Settings.
Select the Protection scope tab.
In the list of file resource of the protected device, select items for which you want to set a predefined security level.
If the file share is not in the list, add it manually:
Click Add.
Use the folder tree to specify the path to the required object or enter the path in the Object field.
If necessary, use special characters to enter the object path mask:
The * (asterisk) character, which takes the place of any set of characters, except the \ and / characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\*\*.txt will include all paths to files with the TXT extension located in folders on the C: drive, but not in subfolders.
Two consecutive * characters take the place of any set of characters (including an empty set) in the file or folder name, including the \ and / characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\**\*.txt will include all paths to files with the TXT extension located in folders nested within the Folder, except the Folder itself. The mask must include at least one nesting level. The mask C:\**\*.txt is not a valid mask.
The ? (question mark) character, which takes the place of any single character, except the \ and / characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\???.txt will include paths to all files residing in the folder named Folder that have the TXT extension and a name consisting of three characters.
The This PC object in the list of file resources of the computer includes the following objects: All hard drives, All network drives and All removable drives.
Click OK.
Make sure that the selected file resource is included in the protection scope.
Specify a predefined security level for the selected protection scope by clicking Configure. By default, the same security settings are applied to the whole protection scope. These settings correspond to the Recommended predefined security level. You can also edit the default security settings.
In the main window of the Web Console, select Assets (Devices) → Policies & profiles.
Click the name of the Kaspersky Embedded Systems Security policy.
The policy properties window opens.
Select the Application settings tab.
Go to Real-Time Computer Protection → Real-Time File Protection and click the Configure button.
Select the Protection scope tab.
In the list of file resource of the protected device, select items for which you want to set a predefined security level.
If the file share is not in the list, add it manually:
Click Add.
In the Object type list, select an option:
For the Mask option, use special characters to enter the object path mask:
The * (asterisk) character, which takes the place of any set of characters, except the \ and / characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\*\*.txt will include all paths to files with the TXT extension located in folders on the C: drive, but not in subfolders.
Two consecutive * characters take the place of any set of characters (including an empty set) in the file or folder name, including the \ and / characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\**\*.txt will include all paths to files with the TXT extension located in folders nested within the Folder, except the Folder itself. The mask must include at least one nesting level. The mask C:\**\*.txt is not a valid mask.
The ? (question mark) character, which takes the place of any single character, except the \ and / characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\???.txt will include paths to all files residing in the folder named Folder that have the TXT extension and a name consisting of three characters.
The This PC object in the list of file resources of the computer includes the following objects: All hard drives, All network drives and All removable drives.
Click OK.
Make sure that the selected file resource is included in the protection scope by using the toggle switch next to the list item.
Specify a predefined security level for the selected protection scope by clicking Edit. By default, the same security settings are applied to the whole protection scope. These settings correspond to the Recommended predefined security level. You can also edit the default security settings.
In the Kaspersky Embedded Systems Security Console tree, select Real-Time Computer Protection → Real-Time File Protection.
In the results pane of the Real-Time File Protection node, click Configure protection scope.
The Properties:Real-Time File Protection window opens.
In the list of file resource of the protected device, select items for which you want to set a predefined security level.
If the file share is not in the list, add it manually:
Click Add.
Use the folder tree to specify the path to the required object or enter the path in the Object field.
If necessary, use special characters to enter the object path mask:
The * (asterisk) character, which takes the place of any set of characters, except the \ and / characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\*\*.txt will include all paths to files with the TXT extension located in folders on the C: drive, but not in subfolders.
Two consecutive * characters take the place of any set of characters (including an empty set) in the file or folder name, including the \ and / characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\**\*.txt will include all paths to files with the TXT extension located in folders nested within the Folder, except the Folder itself. The mask must include at least one nesting level. The mask C:\**\*.txt is not a valid mask.
The ? (question mark) character, which takes the place of any single character, except the \ and / characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\???.txt will include paths to all files residing in the folder named Folder that have the TXT extension and a name consisting of three characters.
The This PC object in the list of file resources of the computer includes the following objects: All hard drives, All network drives and All removable drives.
Click OK.
Make sure that the selected file resource is included in the protection scope.
Specify a predefined security level for the selected protection scope by clicking Configure. By default, the same security settings are applied to the whole protection scope. These settings correspond to the Recommended predefined security level. You can also edit the default security settings.