Kaspersky Industrial CyberSecurity for Nodes policy settings sections

General

In the General section, you can configure the following policy settings:

Event notification

In the Event notification section, you can configure settings for the following event categories:

Application settings

Settings of the Application Settings section

Section

Options

Scalability, interface and scan settings

In the Scalability, interface and scan settings subsection, you can click the Settings button to configure the following settings:

  • Choose whether to configure scalability settings automatically or manually.
  • Configure the application icon display settings.

Security and reliability

In the Security and reliability subsection, you can click the Settings button to configure the following settings:

  • Configure the task run settings.
  • Specify how the application should behave when the protected device is running on UPS power.
  • Enable or disable password-protection of application functions.

Connections

In the Connections subsection, you can use the Settings button to configure the following proxy server settings for connecting with update servers, activation servers, and KSN:

  • Configure the proxy server settings.
  • Specify the proxy server authentication settings.

Run local system tasks

In the Run local system tasks subsection, you can use the Settings button to allow or block the start of the following local system tasks according to a schedule configured on protected devices:

  • On-Demand Scan task.
  • Update tasks and Copying Update task.

Supplementary

Settings of the Supplementary section

Section

Options

Trusted Zone

Click the Settings button on the Trusted Zone subsection to configure the following Trusted Zone application settings:

  • Create a list of Trusted Zone exclusions.
  • Enable or disable scanning of file backup operations.
  • Create a list of trusted processes.

Removable Drives Scan

In the Removable Drives Scan subsection, you can use the Settings button to configure scan settings for removable drives.

User access permissions for application management

In the User access permissions for application management subsection, you can configure user rights and user group rights to manage Kaspersky Industrial CyberSecurity for Nodes.

User access permissions for Kaspersky Security Service management

In the User access permissions for Kaspersky Security Service management subsection, you can configure user rights and user group rights to manage the Kaspersky Security Service.

Storages

In the Storages subsection, click the Settings button to configure the following Quarantine, Backup and Blocked network sessions settings:

  • Specify the path to the folder where you want to place Quarantine or Backup objects.
  • Configure the maximum size of Backup and Quarantine and also specify the free space threshold.
  • Specify the path to the folder where you want to place objects restored from Quarantine or Backup.
  • Configure how long network sessions are blocked.

Real-Time Computer Protection

Settings of the Real-Time Computer Protection section

Section

Options

Real-Time File Protection

In the Real-Time File Protection subsection, you can click the Settings button to configure the following task settings:

  • Indicate the protection mode.
  • Configure use of the Heuristic Analyzer.
  • Configure use of the Trusted Zone.
  • Indicate the protection scope.
  • Set the security level for the selected protection scope: you can select a predefined security level or configure the security settings manually.
  • Configure the task start settings.

KSN Usage

In the KSN Usage subsection, you can click the Settings button to configure the following task settings:

  • Indicate the actions to perform on KSN untrusted objects.
  • Configure data transfer and usage of Kaspersky Security Center as a KSN proxy server.

    Click the Data processing button to accept or reject the KSN Statement, and configure data exchange settings.

Exploit Prevention

In the Exploit Prevention subsection, you can click the Settings button to configure the following task settings:

  • Select the process memory protection mode.
  • Indicate the actions to reduce exploit risks.
  • Add to and edit the list of protected processes.

Local activity control

Settings of the Local Activity Control section

Section

Options

Applications Launch Control

In the Applications Launch Control subsection, you can use the Settings button to configure the following task settings:

  • Select the task operating mode.
  • Configure settings for controlling subsequent application launches.
  • Indicate the scope of the Applications Launch Control rules.
  • Configure use of KSN.
  • Configure the task start settings.

Device Control

In the Device Control subsection, you can click the Settings button to configure the following task settings:

  • Select the task operating mode.
  • Configure the task start settings.

Wi-Fi Control

In the Wi-Fi Control subsection, you can click the Settings button to configure the following task settings:

  • Manage the component operating modes.
  • Configure the rules for Wi-Fi control.

Network activity control

Settings of the Network activity control section

Section

Options

Firewall Management

In the Firewall Management subsection, you can click the Settings button to configure the following task settings:

  • Configure firewall rules.
  • Configure the task start settings.

Anti-Cryptor

In the Anti-Cryptor subsection, you can click the Settings button to configure the following task settings:

  • Select the task operating mode.

    Configure the Anti-Cryptor protection scope.

  • Configure the task launch settings.

System inspection

Settings of the System Inspection section

Section

Options

File Integrity Monitor

In the File Integrity Monitor subsection, you can configure control over changes in files that can signify a security breach on a protected device.

Log Inspection

In the Log Inspection section, you can configure protected device integrity monitoring based on the results of an analysis of the Windows Event Log.

Logs and notifications

Settings of the Logs and Notifications section

Section

Options

Task logs

In the Task logs subsection, you can click the Settings button to configure the following settings:

  • Specify the importance level of the logged events for the selected software components.
  • Specify the task log storage settings.
  • Specify the SIEM integration with Kaspersky Security Center settings.

Event notifications

In the Event notifications subsection, you can click the Settings button to configure the following settings:

  • Specify the user notification settings for the Object detected, Untrusted external device detected and restricted, and Host listed as untrusted events.
  • Specify the administrator notification settings for any event selected in the event list in the Notification settings section.

Interaction with Administration Server

In the Interaction with Administration Server section, you can click the Settings button to select the types of objects (including Quarantine and Backup objects) that Kaspersky Industrial CyberSecurity for Nodes will report to Administration Server.

Incidents

In the Incidents subsection, you can click the Settings button to select the notifications that the application will use as the basis for creating incidents in Kaspersky Security Center.

Revision history

In the Revision history section, you can manage revisions: compare with the current revision or other policy, add descriptions of revisions, save revisions to a file or perform a rollback.

Page top