USB devices identified by the operating system as keyboards and connected to the computer before installation of the BadUSB Attack Prevention component are considered authorized after installation of the component.
Open the Kaspersky Security Center Administration Console.
In the console tree, select Policies.
Select the necessary policy and double-click to open the policy properties.
In the policy window, select Essential Threat Protection → BadUSB Attack Prevention.
Use the BadUSB Attack Prevention check box to enable or disable the component.
In the USB device authorization upon connection block, adjust security settings for entering the authorization code:
Maximum number of USB device authorization attempts. Automatically blocking the USB device if the authorization code is entered incorrectly the specified number of times. Valid values are 1 to 10. For example, if you allow 5 attempts to enter the authorization code, the USB device is blocked after the fifth failed attempt. Kaspersky Endpoint Security displays the blocking duration for the USB device. After this time elapses, you can have 5 attempts to enter the authorization code.
Timeout when reaching the maximum number of attempts (minutes). Blocking duration of the USB device after the specified number of failed attempts to enter the authorization code. Valid values are 1 to 180 (minutes).
Save your changes. To apply the policy on computers, close the padlocks .
In the main window of the Web Console, select Assets (Devices) → Policies & profiles.
Click the name of the Kaspersky Endpoint Security policy.
The policy properties window opens.
Select the Application settings tab.
Go to Essential Threat Protection → BadUSB Attack Prevention.
Use the BadUSB Attack Prevention toggle to enable or disable the component.
In the USB device authorization upon connection block, adjust security settings for entering the authorization code:
Maximum number of USB device authorization attempts (1-10). Automatically blocking the USB device if the authorization code is entered incorrectly the specified number of times. Valid values are 1 to 10. For example, if you allow 5 attempts to enter the authorization code, the USB device is blocked after the fifth failed attempt. Kaspersky Endpoint Security displays the blocking duration for the USB device. After this time elapses, you can have 5 attempts to enter the authorization code.
Timeout when reaching the maximum number of attempts in minutes (1-180). Blocking duration of the USB device after the specified number of failed attempts to enter the authorization code. Valid values are 1 to 180 (minutes).
In the application settings window, select Essential Threat Protection → BadUSB Attack Prevention.
BadUSB Attack Prevention component settings
Use the BadUSB Attack Prevention toggle to enable or disable the component.
In the USB keyboard authorization upon connection block, adjust security settings for entering the authorization code:
Maximum number of USB device authorization attempts. Automatically blocking the USB device if the authorization code is entered incorrectly the specified number of times. Valid values are 1 to 10. For example, if you allow 5 attempts to enter the authorization code, the USB device is blocked after the fifth failed attempt. Kaspersky Endpoint Security displays the blocking duration for the USB device. After this time elapses, you can have 5 attempts to enter the authorization code.
Timeout when reaching the maximum number of attempts. Blocking duration of the USB device after the specified number of failed attempts to enter the authorization code. Valid values are 1 to 180 (minutes).
Save your changes.
As a result, if BadUSB Attack Prevention is enabled, Kaspersky Endpoint Security requires authorization of a connected USB device identified as a keyboard by the operating system. The user cannot use an unauthorized keyboard until it is authorized.