Trusted zone

A trusted zone is a system administrator-configured list of objects and applications that Kaspersky Endpoint Security does not monitor when active.

The administrator forms the trusted zone independently, taking into account the features of the objects that are handled and the applications that are installed on the computer. It may be necessary to include objects and applications in the trusted zone when Kaspersky Endpoint Security blocks access to a certain object or application, if you are sure that the object or application is harmless. An administrator can also allow a user to create their own local trusted zone for a specific computer. This way, users can create their own local lists of exclusions and trusted applications in addition to the general trusted zone in a policy.

Starting with Kaspersky Endpoint Security 12.5 for Windows, you can add EDR telemetry to the trusted zone. This allows to optimize data that the application sends to the Telemetry server for the Kaspersky Anti Targeted Attack Platform (EDR) solution.

Starting with Kaspersky Endpoint Security 12.6 for Windows, scan exclusions and trusted applications are added to the trusted zone. Predefined scan exclusions and trusted applications help quickly configure Kaspersky Endpoint Security on SQL servers, Microsoft Exchange servers, and System Center Configuration Manager. This means you do not need to manually set up a trusted zone for the application on servers.

In this section

Creating a scan exclusion

Selecting types of detectable objects

Editing the list of trusted applications

Creating a local trusted zone

Exporting and importing the trusted zone

Using trusted system certificate storage

Appendix. Predefined scan exclusions and trusted applications

Page top