The optimal application rights are created for different trust groups by default. The settings of rights for application groups that are in a trust group inherit values from the settings of the trust group rights.
Open the Kaspersky Security Center Administration Console.
In the Managed devices folder in the Administration Console tree, open the folder with the name of the administration group to which the relevant client computers belong.
In the workspace, select the Policies tab.
Select the necessary policy and double-click to open the policy properties.
In the policy window, select Advanced Threat Protection → Host Intrusion Prevention.
In the Application rights block, click the Settings button.
This opens the application rights configuration window and the list of protected resources.
Select the Application rights tab.
Select the necessary trust group.
Select Group rights from the context menu of the trust group.
This opens the trust group properties.
Do one of the following:
If you want to edit trust group rights that regulate operations with the operating system registry, user files, and application settings, select the Files and system registry tab.
If you want to edit trust group rights that regulate access to operating system processes and objects, select the Rights tab.
Network activity of applications is controlled by the Firewall using network rules.
For the relevant resource, in the column of the corresponding action, right-click to open the context menu and select the necessary option: Inherit, Allow () or Forbid ().
If you want to monitor the use of computer resources, select Write to report ( / ).
Kaspersky Endpoint Security will record information about the operation of the Host Intrusion Prevention component. Reports contain information about operations with computer resources performed by the application (allowed or forbidden). Reports also contain information about the applications that utilize each resource.
In the Application rights and protected resources block, click the Application rights and protected resources link.
This opens the application rights configuration window and the list of protected resources.
Select the Application rights tab.
You will see a list of trust groups on the left side of the window and their properties on the right side.
In the left part of the window, select the relevant trust group.
In the right part of the window, in the drop-down list, do one of the following:
If you want to edit trust group rights that regulate operations with the operating system registry, user files, and application settings, select Files and system registry.
If you want to edit trust group rights that regulate access to operating system processes and objects, select Rights.
Network activity of applications is controlled by the Firewall using network rules.
For the relevant resource, in the column of the corresponding action, select the necessary option: Inherit, Allow (), or Forbid ().
If you want to monitor the use of computer resources, select Write to report ( / ).
Kaspersky Endpoint Security will record information about the operation of the Host Intrusion Prevention component. Reports contain information about operations with computer resources performed by the application (allowed or forbidden). Reports also contain information about the applications that utilize each resource.
In the lower part of the main application window, click the button.
In the application settings window, select Protection → Advanced Threat Protection → Host Intrusion Prevention.
Click the Manage applications button.
This opens the list of installed applications.
Select the necessary trust group.
In the context menu of the trust group, select Details and rules.
This opens the trust group properties.
Do one of the following:
If you want to edit trust group rights that regulate operations with the operating system registry, user files, and application settings, select the Files and system registry tab.
If you want to edit trust group rights that regulate access to operating system processes and objects, select the Rights tab.
Network activity of applications is controlled by the Firewall using network rules.
For the relevant resource, in the column of the corresponding action, right-click to open the context menu and select the necessary option: Inherit, Allow (), or Forbid ().
If you want to monitor the use of computer resources, select Write to report ().
Kaspersky Endpoint Security will record information about the operation of the Host Intrusion Prevention component. Reports contain information about operations with computer resources performed by the application (allowed or forbidden). Reports also contain information about the applications that utilize each resource.
Save your changes.
The trust group rights will be changed. Kaspersky Endpoint Security will then block the actions of the application depending on the trust group. The status (User settings) will be assigned to the trust group.