The Trusted Zone is a list of exclusions from the protection or scan scope that you can generate and apply to On-Demand Scan and Real-Time File Protection tasks.
If you selected the Add Microsoft recommended files to exclusions list and Add Kaspersky recommended files to exclusions list check boxes when installing Kaspersky Industrial CyberSecurity for Nodes, Kaspersky Industrial CyberSecurity for Nodes adds files recommended by Microsoft and Kaspersky for Real-Time Computer Protection tasks to the Trusted Zone.
You can create a Trusted Zone in Kaspersky Industrial CyberSecurity for Nodes according to the following rules:
You can apply the Trusted Zone in the Real-Time File Protection task, Network Threat Protection task, newly created custom On-Demand Scan tasks, and all system On-Demand Scan tasks, except for the Quarantine Scan task.
The Trusted Zone is applied in Real-Time File Protection and On-Demand Scan tasks by default.
The list of rules for generating the Trusted Zone can be exported to an XML configuration file in order to then import it into Kaspersky Industrial CyberSecurity for Nodes running on another protected device.
Trusted processes
Applies to the Real-Time File Protection and Traffic Security tasks.
Some applications on the protected device may be unstable if the files that they access are intercepted by Kaspersky Industrial CyberSecurity for Nodes. Such applications include, for example, system domain controller applications.
To avoid disrupting the operation of such applications, you can disable protection of files accessed by the running processes of these applications (thereby creating a list of trusted processes within the Trusted Zone).
Microsoft Corporation recommends excluding some Microsoft Windows operating system files and Microsoft application files from Real-Time File Protection as programs that cannot be infected. The names of some of these are listed on the Microsoft website (article code: KB822158).
You can enable or disable the use of trusted processes in the Trusted Zone.
If an executable file is modified, for example, through an update, Kaspersky Industrial CyberSecurity for Nodes will exclude it from the list of trusted processes.
The application does not use the file's path on a protected device to trust the process. The path to the file on the protected device is used only to search for the file, calculate a checksum, and provide the user with the information about the source of the executable file.
Backup operations
Applies to Real-Time Computer Protection tasks.
When data stored on hard drives is backed up to external devices, you can disable protection of objects that are accessed during the backup operations. Kaspersky Industrial CyberSecurity for Nodes will scan objects which the backup application opens for reading with the FILE_FLAG_BACKUP_SEMANTICS attribute.
Exclusions
Applies to Real-Time File Protection and On-Demand Scan tasks.
You can select tasks for which you want to use every exclusion added to the Trusted Zone. Also, you can exclude objects from scans in the security level settings of every single Kaspersky Industrial CyberSecurity for Nodes task.
You can add exclusions to the Trusted Zone by their location on the protected device, by name or name mask of the object detected, or by using both criteria.
Based on the exclusion, Kaspersky Industrial CyberSecurity for Nodes can skip objects while performing the specified tasks according to the following settings: