Kaspersky Security for Windows Server policy settings sections

General

In the General section, you can configure the following policy settings:

Event configuration

In the Event configuration section, you can configure settings for the following event categories:

Application settings

Application Settings

Section

Options

Scalability, interface and scan settings

In the Scalability, interface and scan settings subsection, you can click the Settings button to configure the following settings:

  • Choose whether to configure scalability settings automatically or manually.
  • Configure the application icon display settings.

Security and reliability

In the Security and reliability subsection, you can click the Settings button to configure the following settings:

  • Configure the task run settings.
  • Specify how the application should behave when the protected device is running on UPS power.
  • Enable or disable password-protection of application functions.

Connections

In the Connections subsection, you can use the Settings button to configure the following proxy server settings for connecting with update servers, activation servers and KSN:

  • Configure the proxy server settings.
  • Specify the proxy server authentication settings.

Run local system tasks

In the Run local system tasks subsection, you can use the Settings button to allow or block the start of the following local system tasks according to a schedule configured on protected devices:

  • On-Demand Scan task.
  • Update tasks and Copying Update task.

Supplementary

Supplementary settings

Section

Options

Trusted Zone

Click the Settings button in the Trusted Zone subsection to configure the following Trusted Zone application settings:

  • Create a list of Trusted Zone exclusions.
  • Enable or disable scanning of file backup operations.
  • Create a list of trusted processes.

Removable Drives Scan

In the Removable Drives Scan subsection, you can use the Settings button to configure scan settings for removable drives.

User access permissions for application management

In the User access permissions for application management subsection, you can configure user rights and user group rights to manage Kaspersky Security for Windows Server.

User access permissions for Kaspersky Security Service management

In the User access permissions for Kaspersky Security Service management subsection, you can configure user rights and user group rights to manage the Kaspersky Security Service.

Storages

In the Storages subsection, click the Settings button to configure the following Quarantine, Backup and Blocked Hosts settings:

  • Specify the path to the folder where you want to place Quarantine or Backup objects.
  • Configure the maximum size of Backup and Quarantine and also specify the free space threshold.
  • Specify the path to the folder where you want to place objects restored from Quarantine or Backup.
  • Configure transmission of information about Quarantine and Backup objects to Administration Server.
  • Configure how long hosts are blocked.

Real-time Server Protection

Real-Time Server Protection settings

Section

Options

Real-Time File Protection

In the Real-Time File Protection subsection, you can click the Settings button to configure the following task settings:

  • Indicate the protection mode.
  • Configure use of the Heuristic Analyzer.
  • Configure use of the Trusted Zone.
  • Indicate the protection scope.
  • Set the security level for the selected protection scope: you can select a predefined security level or configure the security settings manually.
  • Configure the task start settings.

KSN Usage

In the KSN Usage subsection, you can click the Settings button to configure the following task settings:

  • Indicate the actions to perform on KSN untrusted objects.
  • Configure data transfer and usage of Kaspersky Security Center as a KSN proxy server.

    Click the Data processing button to accept or reject the KSN Statement and KMP Statement, and configure data exchange settings.

Traffic Security

In the Traffic Security subsection, you can click the Settings button to configure the following task settings:

  • Configure the task mode.
  • Configure the malware protection.
  • Enable mail threat protection, anti-phishing and URL processing.

    Click the Rules list to set up web control rules or apply predefined categorization rules.

Exploit Prevention

In the Exploit Prevention subsection, you can click the Settings button to configure the following task settings:

  • Select the process memory protection mode.
  • Indicate the actions to reduce exploit risks.
  • Add to and edit the list of protected processes.

Script Monitoring

In the Script Monitoring subsection, click the Settings button to configure the following task run settings:

  • Allow or block execution of probably dangerous scripts.
  • Configure the use of Heuristic Analyzer.
  • Configure application of the trusted zone.
  • Configure the task run settings.

Local activity control

Local Activity Control settings

Section

Options

Applications Launch Control

In the Applications Launch Control subsection, you can use the Settings button to configure the following task settings:

  • Select the task operating mode.
  • Configure settings for controlling subsequent application launches.
  • Indicate the scope of the Applications Launch Control rules.
  • Configure use of KSN.
  • Configure the task start settings.

Not available under some license types

In the Not available under some license types subsection, you can click the Settings button to configure the following task settings:

  • Select the task operating mode.
  • Configure the task start settings.

Network attached storage protection

Network Attached Storage Protection settings

Section

Options

ICAP Network Storage Protection

In the ICAP Network Storage Protection subsection, you can click the Settings button to configure the following settings:

  • Heuristic analyzer usage.
  • Network attached storage connection settings.
  • Task protection scope.

- Form protection scope

In the - Form protection scope subsection, you can click the Settings button to configure the following settings:

  • ICAP service connection settings.
  • Integration with other components.
  • Security level.

Anti-Cryptor for NetApp

In the Anti-Cryptor for NetApp subsection, you can click the Settings button to configure the following settings:

  • Task mode.
  • Heuristic analyzer usage.
  • Connection and authentication settings.
  • Specify exclusions from the protection scope.

Network activity control

Network activity control settings

Section

Options

Firewall Management

In the Firewall Management subsection, you can click the Settings button to configure the following task settings:

  • Configure firewall rules.
  • Configure the task start settings.

Anti-Cryptor

In the Anti-Cryptor subsection, you can click the Settings button to configure the following task settings:

  • Configure the Anti-Cryptor protection scope.
  • Configure the task start settings.

System inspection

System Inspection settings

Section

Options

File Integrity Monitor

In the File Integrity Monitor subsection, you can configure control over changes in files that can signify a security breach on a protected device.

Log Inspection

In the Log Inspection section, you can configure protected device integrity monitoring based on the results of an analysis of the Windows Event Log.

Logs and notifications

Logs and Notifications settings

Section

Options

Task logs

In the Task logs subsection, you can click the Settings button to configure the following settings:

  • Specify the importance level of the logged events for the selected software components.
  • Specify the task log storage settings.
  • Specify the SIEM integration with Kaspersky Security Center settings.

Event notifications

In the Event notifications subsection, you can click the Settings button to configure the following settings:

  • Specify the user notification settings for the Object detected, Untrusted mass storage detected and restricted, and Host listed as untrusted events.
  • Specify the administrator notification settings for any event selected in the event list in the Notification settings section.

Interaction with Administration Server

In the Interaction with Administration Server subsection, you can click the Settings button to select the types of objects that Kaspersky Security for Windows Server will report to Administration Server.

To review detailed information about Network Attached Storage Protection tasks, see Kaspersky Security for Windows Server Implementation Guide for Network Storages Protection.

Revision history

In the Revision history section, you can manage revisions: compare with the current revision or other policy, add descriptions of revisions, save revisions to a file or perform a rollback.

Page top