Kaspersky Endpoint Security for Windows 11.3.0
- Čeština (Česká republika)
- Deutsch
- Español (España)
- Español (México)
- Français
- Italiano
- Magyar (Magyarország)
- Polski (Polska)
- Português (Brasil)
- Português (Portugal)
- Română (România)
- Tiếng Việt (Việt Nam)
- Türkçe (Türkiye)
- Русский
- العربية (الإمارات العربية المتحدة)
- 한국어 (대한민국)
- 简体中文
- 繁體中文
- 日本語(日本)
- Čeština (Česká republika)
- Deutsch
- Español (España)
- Español (México)
- Français
- Italiano
- Magyar (Magyarország)
- Polski (Polska)
- Português (Brasil)
- Português (Portugal)
- Română (România)
- Tiếng Việt (Việt Nam)
- Türkçe (Türkiye)
- Русский
- العربية (الإمارات العربية المتحدة)
- 한국어 (대한민국)
- 简体中文
- 繁體中文
- 日本語(日本)
- Frequently asked questions
- What's new
- Kaspersky Endpoint Security for Windows
- Installing and removing the application
- Deployment through Kaspersky Security Center
- Installing the application using the Wizard
- Installing the application from the command line
- Remotely installing the application using System Center Configuration Manager
- Description of setup.ini file installation settings
- Changing application components
- Upgrading from a previous version of the application
- Removing the application
- Application licensing
- Managing the application via the local interface
- Application interface
- Starting and stopping the application
- Scanning the computer
- Starting or stopping a scan task
- Changing the security level
- Changing the action to take on infected files
- Generating a list of objects to scan
- Selecting the type of files to scan
- Optimizing file scanning
- Scanning compound files
- Using scan methods
- Using scan technologies
- Selecting the run mode for the scan task
- Starting a scan task under the account of a different user
- Scanning removable drives when they are connected to the computer
- Background scan
- Updating databases and application software modules
- Adding an update source
- Selecting the update server region
- Configuring updates from a shared folder
- Selecting the update task run mode
- Starting an update task under the rights of a different user account
- Configuring application module updates
- Starting and stopping an update task
- Last update rollback
- Configuring proxy server use
- Working with active threats
- Kaspersky Security Network
- Behavior Detection
- Exploit Prevention
- Host Intrusion Prevention
- Limitations of audio and video device control
- Enabling and disabling Host Intrusion Prevention
- Managing application trust groups
- Managing application rights
- Changing application rights for trust groups and groups of applications
- Modifying application rights
- Disabling downloads and updates of application rights from the Kaspersky Security Network database
- Disabling the inheritance of restrictions from the parent process
- Excluding specific application actions from application rights
- Deleting information about unused applications
- Protecting operating system resources and identity data
- Remediation Engine
- File Threat Protection
- Enabling and disabling File Threat Protection
- Automatic pausing of File Threat Protection
- Changing the security level
- Changing the action taken on infected files by the File Threat Protection component
- Forming the protection scope of the File Threat Protection component
- Using heuristic analysis in the operation of the File Threat Protection component
- Using scan technologies in the operation of the File Threat Protection component
- Optimizing file scanning
- Scanning compound files
- Changing the scan mode
- Web Threat Protection
- Enabling and disabling Web Threat Protection
- Changing the web traffic security level
- Changing the action to take on malicious web traffic objects
- Using Web Threat Protection to check links against databases of phishing and malicious web addresses
- Using heuristic analysis in the operation of the Web Threat Protection component
- Creating the list of trusted web addresses
- Mail Threat Protection
- Enabling and disabling Mail Threat Protection
- Changing the mail security level
- Changing the action to take on infected email messages
- Forming the protection scope of the Mail Threat Protection component
- Scanning compound files attached to email messages
- Filtering email message attachments
- Scanning emails in Microsoft Office Outlook
- Network Threat Protection
- Firewall
- BadUSB Attack Prevention
- AMSI Protection Provider
- Application Control
- Device Control
- Enabling and disabling Device Control
- About access rules
- Editing a device access rule
- Adding or excluding records to or from the event log
- Adding a Wi-Fi network to the trusted list
- Editing a connection bus access rule
- Actions with trusted devices
- Obtaining access to a blocked device
- Editing templates of Device Control messages
- Anti-Bridging
- Web Control
- Enabling and disabling Web Control
- Actions with web resource access rules
- Migrating web resource access rules from previous versions of the application
- Exporting and importing the list of web resource addresses
- Monitoring user Internet activity
- Editing masks for web resource addresses
- Editing templates of Web Control messages
- Adaptive Anomaly Control
- Enabling and disabling Adaptive Anomaly Control
- Enabling and disabling an Adaptive Anomaly Control rule
- Modifying the action taken when an Adaptive Anomaly Control rule is triggered
- Creating and editing an exclusion for an Adaptive Anomaly Control rule
- Deleting an Adaptive Anomaly Control rule exclusion
- Importing exclusions for Adaptive Anomaly Control rules
- Exporting exclusions for Adaptive Anomaly Control rules
- Applying updates for Adaptive Anomaly Control rules
- Editing Adaptive Anomaly Control message templates
- Viewing Adaptive Anomaly Control reports
- Network Protection
- Checking the integrity of application modules
- Password protection
- Notification service
- Managing reports
- Managing Backup
- Trusted zone
- Kaspersky Endpoint Security Self-Defense
- Kaspersky Endpoint Security performance and compatibility with other applications
- Creating and using a configuration file
- Managing the application via the Kaspersky Security Center Administration Console
- Special considerations when working with different versions of management plug-ins
- Starting and stopping Kaspersky Endpoint Security on a client computer
- Configuring Kaspersky Endpoint Security settings
- Managing Tasks
- Managing policies
- Data Encryption
- Encryption functionality limitations
- Changing the length of the encryption key (AES56 / AES256)
- Full Disk Encryption
- Full disk encryption using Kaspersky Disk Encryption technology
- Full disk encryption using BitLocker Drive Encryption technology
- Creating a list of hard drives excluded from encryption
- Hard drive decryption
- Restoring access to a drive protected by Kaspersky Disk Encryption technology
- Restore access to a drive encrypted with BitLocker
- Updating the operating system
- Eliminating errors of encryption functionality update
- File Level Encryption on local computer drives
- Encrypting files on local computer drives
- Forming encrypted file access rules for applications
- Encrypting files that are created or modified by specific applications
- Generating a decryption rule
- Decrypting files on local computer drives
- Creating encrypted packages
- Restoring access to encrypted files
- Restoring access to encrypted data after operating system failure
- Editing templates of encrypted file access messages
- Encryption of removable drives
- Using the Authentication Agent
- Enabling Single Sign-On (SSO) technology
- Managing Authentication Agent accounts
- Using a token and smart card with Authentication Agent
- Selecting the Authentication Agent tracing level
- Editing Authentication Agent help texts
- Removing leftover objects and data after testing the operation of Authentication Agent
- Viewing data encryption details
- Working with encrypted devices when there is no access to them
- Application Control
- Managing Application Control rules
- Receiving information about the applications that are installed on users’ computers
- Creating application categories
- Adding executable files from the Executable files folder to the application category
- Adding event-related executable files to the application category
- Adding and modifying an Application Control rule using Kaspersky Security Center
- Changing the status of an Application Control rule via Kaspersky Security Center
- Testing Application Control rules using Kaspersky Security Center
- Viewing events resulting from test operation of the Application Control component
- Viewing a report on blocked applications in test mode
- Viewing events resulting from operation of the Application Control component
- Viewing a report on blocked applications
- Best practices for implementing white list mode
- Managing Application Control rules
- Sending user messages to the Kaspersky Security Center server
- Viewing user messages in the Kaspersky Security Center event storage
- Remote administration of the application through Kaspersky Security Center Web Console and Cloud Console
- About Kaspersky Endpoint Security management web plug-in
- Getting started
- Starting and stopping Kaspersky Endpoint Security
- Updating databases and application software modules
- Managing Tasks
- Managing policies
- Configuring local application settings
- Policy settings
- Kaspersky Security Network
- Behavior Detection
- Exploit Prevention
- Host Intrusion Prevention
- Remediation Engine
- File Threat Protection
- Web Threat Protection
- Mail Threat Protection
- Network Threat Protection
- Firewall
- BadUSB Attack Prevention
- AMSI Protection Provider
- Application Control
- Device Control
- Web Control
- Adaptive Anomaly Control
- Full Disk Encryption
- File Level Encryption
- Encryption of removable drives
- Templates (data encryption)
- Endpoint Sensor
- Managing Tasks
- Scan from context menu
- Removable drives scan
- Background scan
- Application settings
- Network options
- Exclusions
- Reports and Storage
- Interface
- Managing the application from the command line
- Commands
- SCAN. Virus Scan
- UPDATE. Updating databases and application software modules
- ROLLBACK. Last update rollback
- TRACES. Tracing
- START. Start the profile
- STOP. Stopping a profile
- STATUS. Profile status
- STATISTICS. Profile operation statistics
- RESTORE. Restoring files
- EXPORT. Exporting application settings
- IMPORT. Importing application settings
- ADDKEY. Applying a key file.
- LICENSE. Licensing
- RENEW. Purchasing a license
- PBATESTRESET. Reset the disk check results before encrypting the disk
- EXIT. Exit the application
- EXITPOLICY. Disabling policy
- STARTPOLICY. Enabling policy
- DISABLE. Disabling protection
- SPYWARE. Spyware detection
- KESCLI commands
- Scan. Virus Scan
- GetScanState. Scan completion status
- GetLastScanTime. Determining the scan completion time
- GetThreats. Obtaining data on detected threats
- UpdateDefinitions. Updating databases and application software modules
- GetDefinitionState. Determining the update completion time
- EnableRTP. Enabling protection
- GetRealTimeProtectionState. File Threat Protection status
- Version. Identifying the application version
- Error codes
- Appendix. Application profiles
- Commands
- Managing the application through the REST API
- Integration with other Kaspersky solutions
- Sources of information about the application
- Contacting Technical Support
- Glossary
- Active key
- Administration group
- Anti-virus databases
- Archive
- Authentication Agent
- Certificate issuer
- Database of malicious web addresses
- Database of phishing web addresses
- Disinfection
- False alarm
- Infected file
- License certificate
- Mask
- Network Agent
- Normalized form of the address of a web resource
- OLE object
- Portable File Manager
- Protection scope
- Reserve key
- Scan scope
- Task
- Trusted Platform Module
- Appendix 1. Application trust groups
- Appendix 2. Web resource content categories
- Information about third-party code
- Trademark notices
Editing masks for web resource addresses
Using a web resource address mask (also referred to as "address mask") may be useful if you need to enter numerous similar web resource addresses when creating a web resource access rule. If crafted well, one address mask can replace a large number of web resource addresses.
When creating an address mask, follow these rules:
- The
*
character replaces any sequence that contains zero or more characters.For example, if you enter the *abc* address mask, the access rule is applied to all web resources that contain the sequence abc. Example: http://www.example.com/page_0-9abcdef.html.
To include the
*
character in the address mask, enter the*
character twice. - The
www.
character sequence at the start of the address mask is interpreted as a*.
sequence.Example: the address mask www.example.com is treated as *.example.com.
- If an address mask does not start with the
*
character, the content of the address mask is equivalent to the same content with the*.
prefix. - A sequence of
*.
characters at the beginning of an address mask is interpreted as*.
or an empty string.Example: the address mask http://www.*.example.com covers the address http://www2.example.com.
- If an address mask ends with a character other than
/
or*
, the content of the address mask is equivalent to the same content with the/*
postfix.Example: the address mask http://www.example.com covers such addresses as http://www.example.com/abc, where a, b, and c are any characters.
- If an address mask ends with the
/
character, the content of the address mask is equivalent to the same content with the /*.
postfix. - The character sequence
/*
at the end of an address mask is interpreted as/*
or an empty string. - Web resource addresses are verified against an address mask, taking into account the protocol (http or https):
- If the address mask contains no network protocol, this address mask covers addresses with any network protocol.
Example: the address mask example.com covers the addresses http://example.com and https://example.com.
- If the address mask contains a network protocol, this address mask only covers addresses with the same network protocol as that of the address mask.
Example: the address mask http://*.example.com covers the address http://www.example.com but does not cover https://www.example.com.
- If the address mask contains no network protocol, this address mask covers addresses with any network protocol.
- An address mask that is in double quotes is treated without considering any additional replacements, except the
*
character if it has been initially included in the address mask. Rules 5 and 7 do not apply to address masks enclosed in double quotation marks (see examples 14 – 18 in the table below). - The user name and password, connection port, and character case are not taken into account during comparison with the address mask of a web resource.
Examples of how to use rules for creating address masks
No.
Address mask
Address of web resource to verify
Is the address covered by the address mask
Comment
1
*.example.com
http://www.123example.com
No
See rule 1.
2
*.example.com
http://www.123.example.com
Yes
See rule 1.
3
*example.com
http://www.123example.com
Yes
See rule 1.
4
*example.com
http://www.123.example.com
Yes
See rule 1.
5
http://www.*.example.com
http://www.123example.com
No
See rule 1.
6
www.example.com
http://www.example.com
Yes
See rules 2, 1.
7
www.example.com
https://www.example.com
Yes
See rules 2, 1.
8
http://www.*.example.com
http://123.example.com
Yes
See rules 2, 4, 1.
9
www.example.com
http://www.example.com/abc
Yes
See rules 2, 5, 1.
10
example.com
http://www.example.com
Yes
See rules 3, 1.
11
http://example.com/
http://example.com/abc
Yes
See rule 6.
12
http://example.com/*
http://example.com
Yes
See rule 7.
13
http://example.com
https://example.com
No
See rule 8.
14
"example.com"
http://www.example.com
No
See rule 9.
15
"http://www.example.com"
http://www.example.com/abc
No
See rule 9.
16
"*.example.com"
http://www.example.com
Yes
See rules 1, 9.
17
"http://www.example.com/*"
http://www.example.com/abc
Yes
See rules 1, 9.
18
"www.example.com"
http://www.example.com; https://www.example.com
Yes
See rules 9, 8.
19
www.example.com/abc/123
http://www.example.com/abc
No
An address mask contains more information than the address of a web resource.