This component is available if Kaspersky Endpoint Security is installed on a computer that runs on Windows for workstations. This component is unavailable if Kaspersky Endpoint Security is installed on a computer that runs on Windows for servers.
The Host Intrusion Prevention component prevents applications from performing actions that may be dangerous for the operating system, and ensures control over access to operating system resources and personal data. The component provides computer protection with the help of anti-virus databases and the Kaspersky Security Network cloud service.
The component controls the operation of applications by using application rights. Application rights include the following access parameters:
Network activity of applications is controlled by the Firewall using network rules.
During the first startup of the application, the Host Intrusion Prevention component performs the following actions:
You are advised to participate in Kaspersky Security Network to help the Host Intrusion Prevention component work more effectively.
A trust group defines the rights used by Kaspersky Endpoint Security when controlling network activity of applications. Kaspersky Endpoint Security places an application in a trust group depending on the level of danger that this application may pose to the computer.
Kaspersky Endpoint Security places an application in a trust group for the Firewall and Host Intrusion Prevention components. You cannot change the trust group only for the Firewall or Host Intrusion Prevention.
If you refused to participate in KSN or there is no network, Kaspersky Endpoint Security places the application in a trust group depending on the settings of the Host Intrusion Prevention component. After receiving the reputation of the application from KSN, the trust group can be changed automatically.
The next time the application is started, Kaspersky Endpoint Security checks the integrity of the application. If the application is unchanged, the component uses the current application rights for it. If the application has been modified, Kaspersky Endpoint Security analyzes the application as if it were being started for the first time.