Kaspersky Endpoint Security uses application rights to control the activities of applications. Application rights are determined by their trust group. Kaspersky Endpoint Security puts an application into a trust group when the application is started for the first time. You can manually change the trust group of an application. You can also manually configure the rights of an individual application. Kaspersky Endpoint Security stores the following information about an application: trust group of the application, and rights of the application.
Kaspersky Endpoint Security automatically deletes information about unused applications to save computer resources. Kaspersky Endpoint Security deletes application information according to the following rules:
If the trust group and rights of an application were determined automatically, Kaspersky Endpoint Security deletes information about this application after 30 days. It is not possible to change the storage term for application information or turn off automatic deletion.
If you manually put an application into a trust group or configured its access rights, Kaspersky Endpoint Security deletes information about this application after 60 days (default storage term). You can change the storage term for application information, or turn off automatic deletion (see the instructions below).
When you start an application whose information has been deleted, Kaspersky Endpoint Security analyzes the application as if it were starting for the first time.
Open the Kaspersky Security Center Administration Console.
In the Managed devices folder in the Administration Console tree, open the folder with the name of the administration group to which the relevant client computers belong.
In the workspace, select the Policies tab.
Select the necessary policy and double-click to open the policy properties.
In the policy window, select Advanced Threat Protection → Host Intrusion Prevention.
In the Application processing rules block, do one of the following:
If you want to configure automatic deletion, select the Delete rules for applications that have not been started for longer thanN days check box and enter the number of days.
Information about the applications that you manually put into a trust group or whose access rights you manually configured will be deleted by Kaspersky Endpoint Security after the defined number of days. Information about applications whose trust group and application rights were automatically determined will also be deleted by Kaspersky Endpoint Security after 30 days.
If you want to turn off automatic deletion, clear the Delete rules for applications that have not been started for longer thanN days check box.
Information about the applications that you manually put into a trust group or whose access rights you manually configured will be stored by Kaspersky Endpoint Security indefinitely, without any storage term limits. Kaspersky Endpoint Security will only delete information about applications whose trust group and application rights were automatically determined after 30 days.
In the main window of the Web Console, select Devices → Policies & Profiles.
Click the name of the Kaspersky Endpoint Security policy.
The policy properties window opens.
Select the Application settings tab.
Go to Advanced Threat Protection → Host Intrusion Prevention.
In the Application processing rules block, do one of the following:
If you want to configure automatic deletion, select the Delete rules for applications that have not been started for longer than (days, 1 to 90) check box and enter the number of days.
Information about the applications that you manually put into a trust group or whose access rights you manually configured will be deleted by Kaspersky Endpoint Security after the defined number of days. Information about applications whose trust group and application rights were automatically determined will also be deleted by Kaspersky Endpoint Security after 30 days.
If you want to turn off automatic deletion, clear the Delete rules for applications that have not been started for longer than (days, 1 to 90) check box.
Information about the applications that you manually put into a trust group or whose access rights you manually configured will be stored by Kaspersky Endpoint Security indefinitely, without any storage term limits. Kaspersky Endpoint Security will only delete information about applications whose trust group and application rights were automatically determined after 30 days.
In the application settings window, select Advanced Threat Protection → Host Intrusion Prevention.
In the Application processing rules block, do one of the following:
If you want to configure automatic deletion, select the Delete rules for applications that have not been started for longer thanN days check box and enter the number of days.
Information about the applications that you manually put into a trust group or whose access rights you manually configured will be deleted by Kaspersky Endpoint Security after the defined number of days. Information about applications whose trust group and application rights were automatically determined will also be deleted by Kaspersky Endpoint Security after 30 days.
If you want to turn off automatic deletion, clear the Delete rules for applications that have not been started for longer thanN days check box.
Information about the applications that you manually put into a trust group or whose access rights you manually configured will be stored by Kaspersky Endpoint Security indefinitely, without any storage term limits. Kaspersky Endpoint Security will only delete information about applications whose trust group and application rights were automatically determined after 30 days.