Categorization of applications allows you to optimize management of application runs on devices. You can create an application category and configure Application Control for a policy so only applications from the specified category will be started on devices to which that policy is applied. For example, you have created a category that includes applications named Application_1 and Application_2. After you add this category to a policy, only two applications are allowed to start on devices to which that policy is applied: Application_1 and Application_2. If a user attempts to start an application that has not been included in that category, for example, Application_3, this application is blocked from being started. The user is shown a notification stating that Application_3 is blocked from starting, in accordance with an Application Control rule. You can create a category with content added automatically based on various criteria from a specific folder. In this case, files are automatically added to the category from the specified folder. Executable files of applications are copied to the specified folder and processed automatically; their metrics are added to the category.
To configure the applications run management on client devices:
If such a policy already exists, you can skip this step. You can configure management of the startup of applications in a specified category through the settings of this policy. The newly created policy is displayed in the Managed devices folder on the Policies tab.
The properties window of the policy for Kaspersky Endpoint Security 11 for Windows opens.
The Application Control rule window opens.
For Kaspersky Endpoint Security 10 Service Pack 2 and later, no categories are displayed if they were created upon the criterion of the MD5 hash of an executable file.
We do not recommend that you add any categories created according to the criterion of the SHA-256 hash of an executable file for versions earlier than Kaspersky Endpoint Security 10 Service Pack 2. This may result in application failures.
Detailed instructions on configuring control rules are provided in the Kaspersky Endpoint Security for Windows Online Help.
Applications will be run on devices included in the specified category according to the rule that you created. The newly created rule is displayed in the properties window of the Kaspersky Endpoint Security 11 for Windows policy, in the Application Control section.