Configuring addresses of exclusions from protection of shared folders against external encryption

The Audit Logon service must be enabled to enable exclusions of addresses from protection of shared folders against external encryption. By default, the Audit Logon service is disabled (for detailed information about enabling the Audit Logon service, please visit the Microsoft website).

The functionality for excluding addresses from shared folder protection does not work on a remote computer if the remote computer was turned on before Kaspersky Endpoint Security was started. You can restart this remote computer after Kaspersky Endpoint Security is started to ensure that the functionality for excluding addresses from shared folder protection works on this remote computer.

To exclude remote computers that perform external encryption of shared folders:

1. In the main application window, click the Settings button.
2. In the left part of the window, in the Advanced Threat Protection section, select the Behavior Detection subsection.

   In the right part of the window, the settings of the Behavior Detection component are displayed.

3. In the Protection of shared folders against external encryption section, click the Exclusions button.

   The Exclusions window opens.

4. Do one of the following:
   • If you want to add an IP address or computer name to the list of exclusions, click the Add button.
   • If you want to edit an IP address or computer name, select it in the list of exclusions and click the Edit button.

   The Computer window opens.

5. Enter the IP address or name of the computer from which external encryption attempts must not be handled.
6. In the Computer window, click OK.
7. In the Exclusions window, click OK.
8. To save changes, click the Save button.

Page top