Enabling and disabling AM-PPL support

Kaspersky Endpoint Security supports Antimalware Protected Process Light technology (hereinafter referred to as "AM-PPL") from Microsoft. AM-PPL protects Kaspersky Endpoint Security processes against malicious actions (for example, terminating the application). AM-PPL allows only trusted processes to run. Kaspersky Endpoint Security processes are signed in accordance with Windows security requirements, and therefore they are trusted. For more details about AM-PPL technology, please visit the Microsoft website. AM-PPL technology is enabled by default.

Kaspersky Endpoint Security also has built-in mechanisms for protecting application processes. AM-PPL support lets you delegate process security functions to the operating system. You can thereby increase the speed of the application and reduce the consumption of computer resources.

The AM-PPL service is available for Windows 10 version 1703 (RS2) or later, and Windows Server 2019 operating systems.

To enable or disable AM-PPL technology:

  1. Turn off the application's Self-Defense mechanism.

    The Self-Defense mechanism prevents modification and deletion of application processes in the computer memory, including changing the AM-PPL status.

  2. Run the command line interpreter (cmd.exe) as an administrator.
  3. Go to the folder where the Kaspersky Endpoint Security executable file is located.
  4. Type the following in the command line:
    • klpsm.exe enable – enable support for AM-PPL technology (see the figure below).
    • klpsm.exe disable – disable support for AM-PPL technology.
  5. Restart Kaspersky Endpoint Security.
  6. Resume the application's Self-Defense mechanism.


    Enabling support for AM-PPL technology

Page top