Configuring the blocking period of an untrusted computer
An untrusted computer is a remote computer that is engaging in malicious activity or data encryption. By default, Kaspersky Endpoint Security blocks the session of the remote user for one hour. When the blocking period expires, Kaspersky Endpoint Security removes the computer from the block list and restores access to the shared folder.
Open the Kaspersky Security Center Administration Console.
In the console tree, select Policies.
Select the necessary policy and double-click to open the policy properties.
In the policy window, select Advanced Threat Protection → Behavior Detection.
Under Protection of shared folders against external encryption, configure the blocking period of an untrusted computer that is engaging in malicious activity or data encryption.
In the main window of the Web Console, select Assets (Devices) → Policies & profiles.
Click the name of the Kaspersky Endpoint Security policy.
The policy properties window opens.
Select the Application settings tab.
Go to Advanced Threat Protection → Behavior Detection.
Under Protection of shared folders against external encryption, configure the blocking period of an untrusted computer that is engaging in malicious activity or data encryption.
In the application settings window, select Advanced Threat Protection → Behavior Detection.
Behavior Detection settings
Under Protection of shared folders against external encryption, configure the blocking period of an untrusted computer that is engaging in malicious activity or data encryption.
Save your changes.
As a result, the remote computer will be locked. To unlock the remote computer, you can restart Kaspersky Endpoint Security.
button.