The new version of Kaspersky Security for Windows Server introduces the following capabilities:
Network Threat Protection: a component that provides analysis of incoming traffic for the signs of network attacks is implemented. If a threat is detected, the Network Threat Protection component blocks the compromised IP address.
The capability to use the Protect computer with Default Deny technology configuration is implemented. Now you can activate the application for a long term, during which it will control launches of restricted applications.
Kaspersky Security Center policy profiles for the Trusted Zone lists: now you can create policy profiles for the lists of trusted processes and for the Trusted Zone exclusion lists using the Management Plug-in version 3.0.
Monitoring of on-demand file changes based on cryptography: the application allows generating baseline lists of files and running checks on the compliance of files on the disk with the baseline parameters. The application detects the following mismatches with the baseline: creation of new files in the monitored areas, deletion of files from the monitored areas, changes of the monitored file checksum.
Control of the network cards and modems connection: the Device Control and Automatic Rule Generator for Device Control tasks support creation and application of rules that block connection of untrusted network cards and modems via USB.
Information about the checksum of the object being processed in detection events, which are published in Kaspersky Security Center reports, is added.
Administration Web-Plug-in is implemented: now you can manage the application using Kaspersky Security Center Web Console.
Generation of Kaspersky Security Center incidents basing on events of blocked application launches and connection of devices in audit mode.
Blocking changes of the important parameters in the USN (Update Sequence Number) log: the application uses USN log entries to monitor file operations. You can prevent deletion of USN log entries and change the threshold for the maximum USN log size.
Notification on changes of the important parameters in the USN (Update Sequence Number) log: if you have not prohibited changes to the important parameters in the USN log, the application will report attempts to delete entries from the USN log by publishing the events in application reports.
Methods of protection against active threats are optimized: now the application notifies you if the signs of active infection are detected during the Real-Time Protection tasks execution. The application marks the detected objects for deletion and deletes such objects from the computer after reboot.
The Real-Time Protection task settings now allow you to enable the launch of the Critical Areas Scan task if signs of active infection are detected. If this option is enabled, the application automatically creates and starts a temporary Critical Areas Scan task on the computer where an active infection was detected.
Anti-virus scan of the tasks created in the System Planner is implemented. Monitoring of tasks created by the System Planner is performed as part of the on-demand scan tasks with the "Startup Objects" scan area enabled.
Processing of persistent WMI subscriptions is implemented: now the application detects suspicious WMI subscriptions in the WMI namespace on the computer with Kaspersky Security for Windows Server installed and deletes them. Monitoring of persistent WMI subscriptions is performed as part of the on-demand scan tasks with the "Startup Objects" scan area enabled.
Triggering criteria for custom rules of the Log Analysis component are enhanced: now you can set the rules for the value of the "Source" parameter in the Windows Event Log entry.
The capability is added to configure the triggering criteria for the applications launch control rule when creating rules based on events of blocked launches in the Kaspersky Security Center Console.
Trace log files rotation options are extended.
The list of supported operating systems is extended.
The application interface is aligned with the new brand policy of the company.
Bugs from the previous versions are fixed: the application includes the bug-fixes, issued for the previous versions.