About Application Control operating modes

The Application Control component operates in two modes:

• Black List. In this mode, Application Control allows all users to start all applications, except for applications that are specified in Application Control block rules.

  This mode of Application Control is enabled by default.

• White List. In this mode, Application Control blocks all users from starting any applications, except for applications that are specified in Application Control allow rules.

  If the allow rules of Application Control are fully configured, the component blocks the startup of all new applications that have not been verified by the LAN administrator, while allowing the operation of the operating system and of trusted applications that users rely on in their work.

  You can read the recommendations on configuring application control rules in white list mode.

Each mode has two actions that can be taken on started applications that meet the conditions of Application Control rules: Kaspersky Endpoint Security can block the startup of applications or notify the user about the startup of applications.

Application Control can be configured to operate in these modes both by using the Kaspersky Endpoint Security local interface and by using Kaspersky Security Center.

However, Kaspersky Security Center offers tools that are not available in the Kaspersky Endpoint Security local interface, such as the tools that are needed for the following tasks:

• Creating application categories.

  Application Control rules created in the Kaspersky Security Center Administration Console are based on your custom application categories and not on inclusion and exclusion conditions as is the case in the Kaspersky Endpoint Security local interface.

• Gathering information about applications that are installed on LAN computers.

This is why it is recommended to use Kaspersky Security Center to configure the operation of the Application Control component.

Page top