Scenario: Application Management

You can manage applications startup on user devices. You can allow or block applications to be run on managed devices. This functionality is realized by the Application Control component.

Application Control component is available for Kaspersky Endpoint Security 11.2 for Linux and later versions.

Prerequisites

Stages

The Application Control usage scenario proceeds in stages:

  1. Forming and viewing the list of executable files on client devices

    This stage helps you find out what executable files are found on managed devices. View the list of executable files and compare it with the lists of allowed and prohibited executable files. The restrictions on executable files usage can be related to the information security polices in your organization. You can skip this stage if you know exactly what executable files are installed on managed devices.

    How-to instructions: Obtaining and viewing a list of executable files stored on client devices

  2. Creating application categories for the applications used in your organization

    Analyze the lists of executable files stored on managed devices. Basing on the analysis, create application categories. It is recommended to create a "Work applications" category that covers the standard set of applications that are used at your organization. If different security groups use different sets of applications in their work, a separate application category can be created for each security group.

    How-to instructions: Creating application category with content added manually

  3. Configuring Application Control in the Kaspersky Endpoint Security for Linux policy

    Configure the Application Control component in Kaspersky Endpoint Security for Linux policy using the application categories you have created on the previous stage.

  4. Verifying Application Control configuration

    Be sure that you have done the following:

    • Created application categories.
    • Configured Application Control using the application categories.

Results

When the scenario is complete, applications startup on managed devices is controlled. The users can start only those applications that are allowed in your organization and cannot start applications that are prohibited in your organization.

For detailed information about Application Control, refer to the Kaspersky Endpoint Security for Linux Help.

Page top