Adding an Application Control rule

To add an Application Control rule:

1. In the main application window, click the button.
2. In the application settings window, select Security Controls → Application Control.
3. Click the Blocked applications or Allowed applications button.

   This opens the list of Application Control rules.

4. Click Add.

   This opens the Application Control rule settings window.

5. On the General settings tab, define the main settings of the rule:
   1. In the Rule name field, enter the name of the rule.
   2. In the Description field, enter a description of the rule.
   3. Compile or edit a list of users and/or groups of users who are allowed or not allowed to start applications that meet the rule trigger conditions. To do this, click the Add button in the Subjects and their rights table.

      By default, the Everyone value is added to the list of users. The rule applies to all users.

      If there is no user specified in the table, the rule cannot be saved.

   4. In the Subjects and their rights table, use the toggle to define the right of users to start applications.
   5. Select the Deny for other users check box if you want the application to prevent applications that satisfy rule triggering conditions from running for all users that are not listed in the Subjects and their rights table and are not members of user groups listed in the Subjects and their rights table.

      If the Deny for other users check box is cleared, Kaspersky Endpoint Security does not control the startup of applications by users that are not specified in the Subjects and their rights table and that do not belong to the groups of users specified in the Subjects and their rights table.

   6. Select the Trusted Updaters check box if you want Kaspersky Endpoint Security to consider applications matching the rule trigger conditions as trusted updaters. Trusted Updaters are applications that are allowed to create other executable files that will be allowed to run subsequently.

      If an application triggers multiple rules, Kaspersky Endpoint Security sets the "Trusted Updaters" flag if the following conditions are satisfied:

      • All rules allow the application to run.
      • At least one rule has the Trusted Updaters check box selected.
6. On the Conditions tab, create or edit the list of inclusion conditions for triggering the rule.
7. On the Exclusions tab, create or edit the list of exclusion conditions for triggering the rule.

   When Kaspersky Endpoint Security settings are migrated, the list of executable files created by trusted updaters is migrated as well.

8. Save your changes.

Page top