Configuring Application Control in the Kaspersky Endpoint Security for Windows policy

After you create Application Control categories, you can use them for configuring Application Control in Kaspersky Endpoint Security for Windows policies.

To configure Application Control in Kaspersky Endpoint Security for Windows policy:

  1. In the main menu, go to DEVICES → POLICIES & PROFILES.

    A page with a list of policies is displayed.

  2. Click Kaspersky Endpoint Security for Windows policy.

    The policy settings window opens.

  3. Select the Application settings tab, Security Controls section, Application Control subsection.

    The Application Control window with Application Control settings is displayed.

  4. Switch the toggle button to enable the Application Control option.
  5. If you want to test Application Control rules, switch the toggle button to enable the Test Mode option.

    If you want to apply Application Control rules, switch the toggle button to disable the Test Mode option.

  6. Enable the Control DLL and drivers option if you want Kaspersky Endpoint Security for Windows to monitor the loading of DLL modules when applications are started by users.

    Information about the module and the application that loaded the module will be saved to a report.

    Kaspersky Endpoint Security for Windows monitors only the DLL modules and drivers loaded after the Control DLL and drivers option is selected. Restart the computer after selecting the Control DLL and drivers option if you want Kaspersky Endpoint Security for Windows to monitor all DLL modules and drivers, including those loaded before Kaspersky Endpoint Security for Windows is started.

  7. (Optional) In the Message templates block, change the template of the message that is displayed when an application is blocked from starting and the template of the email message that is sent to you.
  8. In the Application Control Mode block settings, select Denylist or Allowlist mode.

    By default, Denylist mode is selected.

  9. Click the Rules Lists Settings link.

    The Denylists and allowlists window opens to let you add an application category. By default, the Denylist tab is selected if the Denylist mode is selected, and the Allowlist tab is selected if the Allowlist mode is selected.

  10. In the Denylists and allowlists window, click the Add button.

    The Application Control rule window opens.

  11. Click the Category is not defined link.

    The Application Category window opens.

  12. Add the application category (or categories) that you created earlier.

    You can edit the settings of a created category by clicking the Edit button.

    You can create a new category by clicking the Add button.

    You can delete a category from the list by clicking the Delete button.

  13. After the list of application categories is complete, click the OK button.

    The Application Category window closes.

  14. In the Application Control rule window, in the Subjects and their rights section, create the list of users and groups of users to apply the Application Control rule.
  15. Click the OK button to save the settings and to close the Application Control rule window.
  16. Click the OK button to save the settings and to close the Denylists and allowlists window.
  17. Click the OK button to save the settings and to close the Application Control window.
  18. Click the Close button (Close button) to close the window with the Kaspersky Endpoint Security for Windows policy settings.

Application Control is configured. After the policy is propagated to the client devices, the startup of executable files is managed.

For detailed information about Application Control, refer to Kaspersky Endpoint Security for Windows Online Help and to the Kaspersky Security for Virtualization Light Agent.

See also:

Scenario: Application Management

Page top