Application Control

for Windows and Linux

Application Control manages the startup of applications on users' computers. This allows you to implement a corporate security policy when using applications. Application Control also reduces the risk of computer infection by restricting access to applications.

The Application Control component uses rules to regulate the launch of applications on protected devices. A rule contains conditions and actions that the Application Control component performs when a rule triggers. For example, the category which an application belongs to. An application category is a group of applications that have something in common. For example, a category that includes executable files of installed applications or a category that includes the standard set of applications used in the organization. You can use a category only in one rule.

The administrator can create many rules. One application may match the criteria of multiple rules. The priority of a block rule is higher than the priority of an allow rule. Kaspersky Endpoint Security checks if an application matches a rule each time it is started. Kaspersky Endpoint Security sequentially matches the application against all Application Control rules.

Application Control settings for Pro View

Settings	OS	Description
Operating mode	`Windows` `Linux`	You can choose one of the following options: Allow all except the rules list. If this option is selected, Application Control allows all users to start any application, except in cases that satisfy the conditions of Application Control block rules. Block all except the rules list. If this option is selected, Application Control blocks all users from starting any application, except in cases that satisfy the conditions of Application Control allow rules. `Windows` When Block all except the rules list mode is selected, two Application Control rules are automatically created: Golden Image (the rule is hidden). Trusted Installation Packages. You cannot edit the settings of or delete automatically created rules. You can enable or disable these rules.
Rules	`Windows` `Linux`	Application Control rules that Kaspersky Endpoint Security uses to control application launch on protected devices. For each Application Control mode, you can add up to five rules.

Settings

Description

Operating mode

Windows

Linux

You can choose one of the following options:

Allow all except the rules list. If this option is selected, Application Control allows all users to start any application, except in cases that satisfy the conditions of Application Control block rules.
Block all except the rules list. If this option is selected, Application Control blocks all users from starting any application, except in cases that satisfy the conditions of Application Control allow rules.

Windows When Block all except the rules list mode is selected, two Application Control rules are automatically created:

Golden Image (the rule is hidden).
Trusted Installation Packages.

You cannot edit the settings of or delete automatically created rules. You can enable or disable these rules.

Rules

Windows

Linux

Application Control rules that Kaspersky Endpoint Security uses to control application launch on protected devices.

For each Application Control mode, you can add up to five rules.

Page top