You can manage applications startup on user devices. You can allow or block applications to be run on managed devices. This functionality is realized by the Application Control component.
Application Control component is available for Kaspersky Endpoint Security 11.2 for Linux and later versions.
Prerequisites
Stages
The Application Control usage scenario proceeds in stages:
This stage helps you find out what executable files are found on managed devices. View the list of executable files and compare it with the lists of allowed and prohibited executable files. The restrictions on executable files usage can be related to the information security polices in your organization. You can skip this stage if you know exactly what executable files are installed on managed devices.
How-to instructions: Obtaining and viewing a list of executable files stored on client devices
Analyze the lists of executable files stored on managed devices. Basing on the analysis, create application categories. It is recommended to create a "Work applications" category that covers the standard set of applications that are used at your organization. If different security groups use different sets of applications in their work, a separate application category can be created for each security group.
How-to instructions: Creating application category with content added manually
Configure the Application Control component in Kaspersky Endpoint Security for Linux policy using the application categories you have created on the previous stage.
Be sure that you have done the following:
Results
When the scenario is complete, applications startup on managed devices is controlled. The users can start only those applications that are allowed in your organization and cannot start applications that are prohibited in your organization.
For detailed information about Application Control, refer to the Kaspersky Endpoint Security for Linux Help.
Page top