To select the Application Control mode:
In the right part of the window, the settings of the Application Control component are displayed.
The initially defined rules for white list mode are the Golden Image rule, which allows the startup of applications that are included in the "Golden Image" category, and the Trusted Updaters rule, which allows the startup of applications that are included in the "Trusted Updaters" KL category. The "Golden Image" KL category includes programs that ensure normal operation of the operating system. The "Trusted Updaters" KL category includes updaters for the most reputable software vendors. You cannot delete these rules. The settings of these rules cannot be edited. By default, the Golden Image rule is enabled, and the Trusted Updaters rule is disabled. All users are allowed to start applications that match the trigger conditions of these rules.
All rules created during the selected mode are saved after the mode is changed so that the rules can be used again. To revert to using these rules, all you have to do is select the necessary mode in the Application Control mode drop-down list.
Information about the module and the application that loaded the module will be saved to a report.
Kaspersky Endpoint Security monitors only the DLL modules and drivers loaded since the Control DLL and drivers check box was selected. Restart the computer after selecting the Control DLL and drivers check box if you want Kaspersky Endpoint Security to monitor all DLL modules and drivers, including ones loaded before Kaspersky Endpoint Security is started.
When enabling the function for controlling which DLL modules and drivers are loaded, make sure that the Application Control section has enabled the default Golden Image rule or another rule that contains the Trusted certificates KL category and ensures that trusted DLL modules and drivers are loaded before Kaspersky Endpoint Security is started. Enabling control of the loading of DLL modules and drivers when the Golden Image rule is disabled may cause instability in the operating system.
Application Control rules that were created based on other KL categories (except for the Trusted certificates KL category) are not used for startup control of DLL modules and drivers.
We recommend password protection be turned on to configure program settings so that it is possible to turn off allow rules blocking the launch of critically important DLL modules and drivers while not changing Kaspersky Security Center policy settings in the process.