Kaspersky Small Office Security
- Čeština (Česká republika)
- Dansk (Danmark)
- Deutsch
- Eesti
- Español (España)
- Español (México)
- Français
- Italiano
- Latviešu
- Lietuvių
- Magyar (Magyarország)
- Norsk, bokmål (Norge)
- Nederlands (Nederland)
- Polski (Polska)
- Português (Brasil)
- Português (Portugal)
- Română (România)
- Srpski
- Suomi (Suomi)
- Svenska (Sverige)
- Tiếng Việt (Việt Nam)
- Türkçe (Türkiye)
- Русский
- العربية (الإمارات العربية المتحدة)
- 한국어 (대한민국)
- 简体中文
- 繁體中文
- 日本語(日本)
- Čeština (Česká republika)
- Dansk (Danmark)
- Deutsch
- Eesti
- Español (España)
- Español (México)
- Français
- Italiano
- Latviešu
- Lietuvių
- Magyar (Magyarország)
- Norsk, bokmål (Norge)
- Nederlands (Nederland)
- Polski (Polska)
- Português (Brasil)
- Português (Portugal)
- Română (România)
- Srpski
- Suomi (Suomi)
- Svenska (Sverige)
- Tiếng Việt (Việt Nam)
- Türkçe (Türkiye)
- Русский
- العربية (الإمارات العربية المتحدة)
- 한국어 (대한민국)
- 简体中文
- 繁體中文
- 日本語(日本)
- Frequently asked questions
- Data provision
- Data provision under the End User License Agreement
- Data provision under the End User License Agreement on the territory of the European Union, the United Kingdom, Brazil, Vietnam, or by California residents
- Saving data to the application operation report
- Data provision to Kaspersky Security Network
- Locally processed data
- Saving data for Technical Support
- About using the application in the European Union, the United Kingdom, Brazil, Vietnam, or by California residents
- What's new
- Comparison of application functions depending on the type of operating system
- Hardware and software requirements
- Compatibility with other Kaspersky applications
- How to install or remove the application
- Application licensing
- Remote management of computer protection
- Basic functionality of the application
- Assessing computer protection status and resolving security issues
- How to fix security issues on your PC
- Application activity log and detailed report
- How to configure the application interface
- How to restore the default settings of the application
- How to apply the application settings on another computer
- How to pause and resume computer protection
- Searching the functionality of the application
- Security
- Scanning the computer
- How to run a Full Scan
- How to run a Custom Scan
- How to run a Quick Scan
- How to run a removable drive scan
- How to run a Context Menu File or Folder Scan
- How to enable or disable a background scan
- How to create a scan schedule
- How to search for vulnerabilities in applications installed on your computer
- How to exclude a file, folder, or threat type from scanning
- Scanning files in OneDrive cloud storage
- Updating anti-virus databases and application modules
- Intrusion Prevention
- Network Monitor
- Pre-Kaspersky virus removal
- How to restore a deleted or disinfected file
- Protecting email
- Participating in Kaspersky Security Network
- Protection using hardware virtualization
- Protection using Antimalware Scan Interface (AMSI)
- Scanning the computer
- Performance
- App Updater
- Backup and Restore
- About Backup and Restore
- How to create a backup task
- Step 1. Select files
- Step 2. Select folders for backup
- Step 3. Select file types for backup
- Step 4. Select backup storage
- Step 5. Creating a backup schedule
- Step 6. Setting a password to protect backup copies
- Step 7. File versions storage settings
- Step 8. Entering the backup task name
- Step 9. Wizard completion
- How to start a backup task
- Restoring data from a backup copy
- Restoring data from FTP storage
- Restoring data from a backup copy using Kaspersky Restore Utility
- About Online storage
- How to activate Online storage
- Current Activity
- Do not Disturb Mode
- How to reserve operating system resources
- Optimizing the load on the operating system
- Privacy
- Kaspersky VPN
- Private Browsing
- Password Manager
- Safe Money
- Webcam and Mic Control
- Detection of stalkerware and other applications
- Anti-Banner
- Unwanted App Installation Blocker
- Adware Remover
- How to change Application Manager settings
- Secret Vault
- File Shredder
- Privacy Cleaner
- Protecting personal data on the Internet
- About protection of personal data on the Internet
- About On-Screen Keyboard
- How to open On-Screen Keyboard
- How to configure the display of the On-Screen Keyboard icon
- About protection of data entered on the computer keyboard
- How to configure protection of data entered on the computer keyboard
- Checking a website for safety
- How to change encrypted connections settings
- Configuring notifications of vulnerabilities in Wi-Fi networks
- How to uninstall incompatible applications
- Using the application from the command prompt
- Contact Technical Support
- Limitations and warnings
- Other sources of information about the application
- Network settings for interaction with external services
- Glossary
- Activating the application
- Activation code
- Anti-virus databases
- Application modules
- Backup and Restore
- Blocking an object
- Compressed file
- Database of malicious web addresses
- Digital signature
- Disk boot sector
- Exploit
- False positive
- File mask
- Heuristic analyzer
- Hypervisor
- iChecker Technology
- Incompatible application
- Infected object
- Kaspersky Security Network (KSN)
- Kaspersky update servers
- Keylogger
- License term
- Miners
- Phishing
- Probable spam
- Probably infected object
- Protected Browser
- Protection components
- Protocol
- Quarantine
- Rootkit
- Script
- Secret Vault
- Security level
- Spam
- Startup objects
- Task
- Task settings
- The database of phishing links and fake cryptocurrency exchanges
- Threat level
- Traces
- Traffic scanning
- Trust group
- Trusted process
- Unknown virus
- Update
- Update package
- Virus
- Vulnerability
- Information about third-party code
- Trademark notices
About Intrusion Prevention
The Intrusion Prevention component prevents applications from performing actions that may be dangerous for the operating system, and controls access to operating system resources (including file resources located on remote computers) and your personal data.
Intrusion Prevention tracks actions performed in the operating system by applications installed on the computer and regulates them based on rules. These rules restrict suspicious activity of applications, including access by applications to protected resources, such as files and folders, registry keys, and network addresses.
On 64-bit operating systems, applications' rights for the following actions cannot be configured:
- Direct access to physical memory
- Managing printer driver
- Service creation
- Service reading
- Service editing
- Service reconfiguration
- Service management
- Service start
- Service removal
- Access to internal browser data
- Access to critical objects of the operating system
- Access to password storage
- Setting debug privileges
- Use of program interfaces of the operating system
- Use of program interfaces of the operating system (DNS)
- Use of program interfaces of other applications
- Change system modules (KnownDlls)
- Start drivers
On 64-bit Microsoft Windows 8 and Microsoft Windows 10, applications' rights for the following actions cannot be configured:
- Sending windows messages to other processes
- Suspicious operations
- Installation of keyloggers
- Interception of inbound stream events
- Making of screenshots
Applications' network activity is controlled by the Firewall component.
When an application is started on the computer for the first time, Intrusion Prevention checks the safety of the application and assigns it to a group (Trusted, Untrusted, High Restricted, or Low Restricted). The group defines the rules that Kaspersky Small Office Security applies for controlling the activity of the application.
Kaspersky Small Office Security assigns applications to trust groups (Trusted, Untrusted, High Restricted, or Low Restricted) only if Intrusion Prevention or Firewall is enabled, and also when both these components are enabled. If both these components are disabled, the functionality that assigns applications to trust groups does not work.
You can edit application control rules manually.
The rules you create for applications are inherited by child applications. For example, if you deny all network activity for cmd.exe, that activity will also be denied for notepad.exe when it is started using cmd.exe. When an application is not a child of the application it runs from, rules are not inherited.