When migrating policies and tasks, KES is configured in accordance with KSWS settings. Settings of application components that KSWS does not have are set to default values.
Application settings
Scalability, interface and scanning settings
Application settings are not supported in Kaspersky Endpoint Security for Windows.
Application settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Scalability settings |
(does not migrate) Kaspersky Endpoint Security manages all work processes. |
Show System Tray Icon |
(does not migrate) On a client computer, the main window of Kaspersky Endpoint Security and the icon in the Windows notification area are available by default. In the context menu of the icon, the user can perform operations with Kaspersky Endpoint Security. Kaspersky Endpoint Security also displays notifications above the application icon. You can configure user interaction in the application interface settings. |
Restore file attributes after scanning |
(does not migrate) Kaspersky Endpoint Security automatically restores file attributes after scanning a file. |
Limit CPU usage for scanning threads |
(does not migrate) Kaspersky Endpoint Security does not limit CPU usage when scanning. You can configure the task to run when the computer is operating under minimum load. |
Folder for temporary files created during scanning |
(does not migrate) Kaspersky Endpoint Security places the temporary files in the C:\Windows\Temp folder. |
HSM system settings |
(does not migrate) Kaspersky Endpoint Security does not support HSM systems. |
KSWS security settings are migrated to the General settings section, Application settings and Interface subsections.
Application security settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Protect application processes from external threats |
Enable Self-Defense (Application settings subsection) |
Apply password protection |
(does not migrate) Kaspersky Endpoint Security has a built-in Password protection feature (see the Interface subsection). |
Perform task recovery |
(does not migrate) Kaspersky Endpoint Security only automatically restores Malware Scan tasks. Kaspersky Endpoint Security runs other tasks on a schedule. |
Do not start scheduled scan tasks |
Postpone scheduled tasks while running on battery power (Application settings subsection) |
Stop current scan tasks |
(does not migrate) When the computer becomes powered by an UPS, Kaspersky Endpoint Security does not stop scan tasks that are already running. |
Administration Server interaction settings are migrated to the General settings section, Network settings and Application settings subsections.
Administration Server interaction settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Proxy server settings |
Proxy Server Settings (Network settings subsection) |
Do not use proxy server for local addresses |
Bypass proxy server for local addresses (Network settings subsection) |
Proxy server authentication settings |
Use proxy server authentication (Network settings subsection) Kaspersky Endpoint Security does not support NTLM authentication. If NTLM authentication is enabled in KSWS settings, after migration, you must configure proxy server authentication and configure a user name and a password. The proxy server authentication password is not migrated. After a policy is migrated, the password must be entered manually. |
Use Kaspersky Security Center as a proxy server when activating the application |
Use Kaspersky Security Center as proxy server for activation (Application settings subsection) |
Kaspersky Endpoint Security ignores the settings for running local system tasks of Kaspersky Security for Windows Server. You can configure the use of local KES tasks under Local Tasks, Task management. You can also configure a schedule for running the Malware Scan and Update of databases and application modules tasks in the properties of these tasks.
Supplementary
KSWS trusted zone settings are migrated to the General settings section, Exclusions subsection.
Trusted zone settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Object to scan (Exclusions) |
Scan exclusions (Scan exclusions) The methods used by KSWS and KES for selecting objects differ. When migrating, KES supports exclusions defined as individual files or paths to file / folder. If KSWS has exclusions configured as a predefined area or a script URL, such exclusions are not migrated. After migration, you must add such exclusions manually. Exclusions as predefined areas must be configured in the Malware Scan task settings. Exclusions as script web addresses must be added to trusted web addresses for Web Threat Protection. |
Apply also to subfolders (Exclusions) |
Include subfolders (Scan exclusions) |
Objects to detect (Exclusions) |
Object name (Scan exclusions) |
Exclusion usage scope (Exclusions) |
Protection components (Scan exclusions) If at least one component is selected in KSWS, KES applies the exclusions to all application components. |
Comment (Exclusions) |
Comment (Scan exclusions) |
Trusted process (Trusted process) |
Trusted applications Trusted process / application selection methods differ in KSWS and KES. When migrating, KES supports trusted applications configured as a path to the executable file or mask. If KSWS has trusted processes configured as a file hash, such trusted processes are not migrated. After migration, you must add such trusted processes manually. |
Do not check file backup operations (Trusted process) |
Do not monitor application activity (Trusted applications) |
Removable Drives Scan settings are migrated to the Local Tasks section, Removable Drives Scan subsection.
Removable Drives Scan settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Scan removable drives on connection via USB |
Action on a removable drive connection |
Scan removable drives if its stored data volume does not exceed (MB) |
Maximum removable drive size |
Scan with security level:
|
Action on a removable drive connection:
KSWS security levels correspond to KES scan modes as follows:
|
User permissions for application management
Kaspersky Endpoint Security does not support assigning user access permissions for application management and application service management. You can configure access settings for users and user groups for managing the application in Kaspersky Security Center.
User access permissions for Kaspersky Security Service management
Kaspersky Endpoint Security does not support assigning user access permissions for application management and application service management. You can configure access settings for users and user groups for managing the application in Kaspersky Security Center.
KSWS storage settings are migrated to General settings section, Reports and Storage subsection, and to Essential Threat Protection section, Network Threat Protection subsection.
Storage settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Backup folder |
(does not migrate) Kaspersky Endpoint Security saves backup copies of files in the |
Maximum Backup size (MB) |
Limit the size of Backup to N MB (General settings → Reports and Storage section) |
Threshold value for space available (MB) |
(does not migrate) Kaspersky Endpoint Security logs the Quarantine storage is almost out of space event when the 50 % threshold is reached. |
Target folder for restoring objects |
(does not migrate) Kaspersky Endpoint Security restores files to their original folder. |
Quarantine folder |
(does not migrate) Kaspersky Endpoint Security saves backup copies of files in the |
Maximum Quarantine size (MB) |
(does not migrate) Kaspersky Endpoint Security uses Backup to store probably infected objects. During migration, Kaspersky Endpoint Security ignores Quarantine settings. |
Threshold value for space available (MB) |
(does not migrate) Kaspersky Endpoint Security uses Backup to store probably infected objects. During migration, Kaspersky Endpoint Security ignores Quarantine settings. |
Target folder for restoring objects |
(does not migrate) Kaspersky Endpoint Security restores files to their original folder. |
Unblock automatically in N |
Block attacking devices for N min (Essential Threat Protection → Network Threat Protection section) |
Real-time server protection
KSWS Real-Time File Protection settings are migrated to the Essential Threat Protection section, File Threat Protection subsection.
Real-Time File Protection settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Objects protection mode:
|
Scan mode:
|
Deeper analysis of launching processes |
(does not migrate) Kaspersky Endpoint Security supports only one analysis mode, the Optimal mode. |
Heuristic analyzer:
|
Heuristic analysis:
|
Apply Trusted Zone |
(does not migrate) Kaspersky Endpoint Security applies the trusted zone to all components. You can configure exclusions in trusted zone settings. |
Use KSN for protection |
(does not migrate) Kaspersky Endpoint Security uses KSN for all application components. |
Block access to network shared resources for the hosts that show malicious activity |
(does not migrate) By default, Kaspersky Endpoint Security blocks access to network shared resources for hosts that show malicious activity. |
Launch critical areas scan when active infection is detected |
(does not migrate) Kaspersky Endpoint Security does not launch the critical areas scan task when active infection is detected. |
Use Kaspersky Sandbox for protection |
(does not migrate) By default, Kaspersky Endpoint Security sends objects for scanning to Kaspersky Sandbox. |
Protection scope |
Protection scope |
Schedule settings |
(does not migrate) Kaspersky Endpoint Security uses its own schedule for pausing File Threat Protection. |
KSWS settings for Kaspersky Security Network are migrated to the Advanced Threat Protection section, Kaspersky Security Network subsection.
Kaspersky Security Network settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
I confirm that I have fully read, understood, and accept the terms of participation in Kaspersky Security Network |
Kaspersky Security Network Statement Kaspersky Endpoint Security requests consent to the Kaspersky Security Network Statement when the application is installed, a new policy is created, or Kaspersky Security Network usage is enabled. |
Send data about scanned files |
(does not migrate) Kaspersky Endpoint Security sends data about scanned files automatically if KSN is enabled. |
Send data about requested URLs |
(does not migrate) Kaspersky Endpoint Security sends data about requested URLs automatically if KSN is enabled. |
Send Kaspersky Security Network statistics |
Enable extended KSN mode |
Accept the terms of the Kaspersky Managed Protection Statement |
(does not migrate) Kaspersky Endpoint Security does not include the KMP service. |
Action to perform on KSN untrusted objects |
(does not migrate) You can configure the Action on threat detection in Protection component settings and Scan task settings. |
Do not calculate checksum before sending to KSN if file size exceeds N MB |
(does not migrate) You can configure large file scanning restrictions in Protection component settings and Scan task settings. |
Use Kaspersky Security Center as KSN Proxy |
Use Administration Server as a KSN proxy server |
Schedule settings |
(does not migrate) It is not possible to configure a separate schedule for the component. The component is always on while Kaspersky Endpoint Security is operational. |
KSWS Traffic Security settings are migrated to the Essential Threat Protection section, Web Threat Protection and Mail Threat Protection subsection, Security Controls section, Web Control subsection, General settings section, Network settings subsection.
Traffic Security settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Apply URL-based rules |
Web Control (Web Control subsection) URL-based rules are migrated to separate rules in Kaspersky Endpoint Security. |
Apply certificate-based rules |
(does not migrate) Kaspersky Endpoint Security does not support certificate-based rules. |
Apply rules for web traffic category control |
Web Control (Web Control subsection) Blocking rules for web traffic category control are migrated to a single blocking rule in Kaspersky Endpoint Security. Kaspersky Endpoint Security ignores allowing rules for category control. The correspondence of KSWS and KES categories is listed below. |
Allow access if the web page can not be categorized |
(does not migrate) Kaspersky Endpoint Security allows access if the web page can not be categorized. |
Allow access to legitimate web resources that can be used to damage a protected device |
(does not migrate) Kaspersky Endpoint Security allow access to legitimate web resources that can be used to damage the protected device. |
Allow access to legitimate advertisement |
(does not migrate) You can manage access to legitimate advertisement using the Banners web resource category in Web Control settings. |
Operation mode:
|
(does not migrate) Kaspersky Endpoint Security supports only the Driver Interceptor mode. |
ICAP-service connection settings |
(does not migrate) Kaspersky Endpoint Security does not support ICAP Network Storage Protection. |
Check safe connections through the HTTPS protocol |
Scan encrypted connections / Always scan encrypted connections mode (Network settings subsection) |
Use TLS protocol version |
(does not migrate) Kaspersky Endpoint Security scans encrypted network traffic transmitted over the following protocols:
You can additionally block SSL 2.0 connections in encrypted connections scan settings. |
Do not trust web-servers with invalid certificate |
Address (Network settings subsection) |
Intercept ports (Interception area) |
Monitored ports (Network settings subsection) During migration, KES clears the check boxes Monitor all ports for the applications from the list recommended by Kaspersky and Monitor all ports for specified applications. |
Exclude ports (Interception area) |
(does not migrate) |
Exclude IP addresses (Interception area) |
Configure trusted addresses (Network settings subsection) |
Exclude processes (Interception area) |
Configure trusted applications (Network settings subsection) During migration, KES configures the following settings for the trusted application:
|
Security port |
(does not migrate) |
Use malicious URL database to scan web links |
Check the web address against the database of malicious web addresses (Web Threat Protection subsection) |
Use anti-phishing database to scan web pages |
Check the web address against the database of phishing web addresses (Web Threat Protection subsection) |
Use KSN for protection |
(does not migrate) Kaspersky Endpoint Security uses KSN for all application components. |
Use Trusted Zone |
(does not migrate) Kaspersky Endpoint Security applies the trusted zone to all components. You can configure exclusions in trusted zone settings. |
Use heuristic analyzer |
Use heuristic analysis (Web Threat Protection and Mail Threat Protection subsections) |
Security level |
(does not migrate) Kaspersky Endpoint Security has its own security levels for Web Threat Protection and Mail Threat Protection components. By default, Kaspersky Endpoint Security sets the recommended security level. |
Enable mail threat protection |
Mail Threat Protection (Mail Threat Protection subsection) Connect Microsoft Outlook extension Incoming messages only (Protection scope) Scan when receiving (Email protection) |
Schedule settings |
(does not migrate) It is not possible to configure a separate schedule for the component. The component is always on while Kaspersky Endpoint Security is operational. |
KSWS Exploit Prevention settings are migrated to the Advanced Threat Protection section, Exploit Prevention subsection.
Exploit Prevention settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Prevent vulnerable processes exploit:
|
On detecting exploit:
|
Notify about abused processes via Terminal Service |
(does not migrate) Kaspersky Endpoint Security does not support terminal services. |
Prevent vulnerable processes exploit even if Kaspersky Security Service is disabled |
(does not migrate) Kaspersky Endpoint Security constantly prevents vulnerable process exploits. |
Protected processes |
Enable system process memory protection Kaspersky Endpoint Security does not support selecting protected processes. You can only enable system processes memory protection. |
Exploit prevention techniques:
|
(does not migrate) Kaspersky Endpoint Security applies all available exploit prevention techniques. |
KSWS Network Threat Protection settings are migrated to the Essential Threat Protection section, Network Threat Protection subsection.
Network Threat Protection settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Operation mode:
|
Network Threat Protection If Pass-through mode is selected, Network Threat Protection is disabled. If Only inform about network attacks mode or Block connections when attack is detected mode is selected, Network Threat Protection is enabled. Kaspersky Endpoint Security always works in the Block connections when attack is detected mode. |
Do not stop traffic analysis when the task is not running |
(does not migrate) Kaspersky Endpoint Security analyses traffic continuously if the component is enabled. |
Do not control excluded IP addresses |
Exclusions |
Schedule settings |
(does not migrate) It is not possible to configure a separate schedule for the component. The component is always on while Kaspersky Endpoint Security is operational. |
Kaspersky Endpoint Security does not support the Script Monitoring component. Script Monitoring is handled by other components, for example, AMSI Protection.
Kaspersky Endpoint Security does not support all categories of Kaspersky Security for Windows Server. Categories that do not exist in Kaspersky Endpoint Security are not migrated. Therefore, web resource classification rules with unsupported categories are not migrated.
Website categories
Kaspersky Security for Windows Server categories |
Kaspersky Endpoint Security for Windows categories |
---|---|
Wargaming |
Video games |
Abortion |
(does not migrate) |
Lotteries (extended) |
Gambling, lotteries, sweepstakes |
Alcohol |
Alcohol, tobacco, drugs |
Anonymous proxy servers |
Anonymizers |
Anorexia |
(does not migrate) |
Rentals for real estate |
(does not migrate) |
Audio, video and software |
Software, audio, video |
Banks |
Banks |
Blogs |
Blogs |
Military |
Weapons, explosives, military |
For children |
(does not migrate) |
Discrimination |
Violence, intolerance |
Home and family |
(does not migrate) |
Hosting and domain services |
Internet communication |
Pets and animals |
(does not migrate) |
Law and politics |
Forbidden by regional laws |
Restricted by Roskomnadzor (RF) |
Forbidden by Russian Federation laws |
Restricted by Federal Law 436 (RF) |
Forbidden by Russian Federation laws |
Restricted by RF legislation |
Forbidden by Russian Federation laws |
Restricted by global legislation |
Forbidden by regional laws |
Adult dating |
Adult content |
Internet services |
(does not migrate) |
Sex shops |
Adult content |
Information technologies |
(does not migrate) |
Casinos, card games |
Gambling, lotteries, sweepstakes |
Books and writing |
(does not migrate) |
Computer games |
Video games |
Health and beauty |
(does not migrate) |
Culture and society |
(does not migrate) |
LGBT |
Adult content |
Lotteries |
Gambling, lotteries, sweepstakes |
Medicine |
(does not migrate) |
Fashion |
(does not migrate) |
Music |
(does not migrate) |
Drugs |
Alcohol, tobacco, drugs |
Violence |
Violence, intolerance |
Discontent |
(does not migrate) |
Illegal drugs |
Alcohol, tobacco, drugs |
Hate and discrimination |
Violence, intolerance |
Obscene vocabulary |
Profanity, obscenity |
Lingerie |
Adult content |
News |
News media |
Nudism |
Adult content |
Education |
(does not migrate) |
Online shopping |
Online stores |
All communication media |
Internet communication |
Payment by credit cards |
Payment systems |
Online shopping (own payment system) |
Online stores |
Online encyclopedias |
(does not migrate) |
Online banking |
Banks |
Weapons |
Weapons, explosives, military |
Fishing and hunting |
(does not migrate) |
Payment systems |
Payment systems |
Job search |
Job search |
Search engines |
(does not migrate) |
Police decision (JP) |
Forbidden by Police of Japan |
Trusted by KPSN |
(does not migrate) |
Untrusted by KPSN |
(does not migrate) |
Porn |
Adult content |
Media hosting and streaming |
News media |
Web Mail |
Web-based email |
Traveling |
(does not migrate) |
TV and radio |
News media |
Teasers and ads services |
Banners |
Religion |
Religions, religious associations |
Restaurants, cafe and food |
(does not migrate) |
Dating sites |
Dating sites |
Sex education |
Adult content |
Social networks |
Social networks |
Sport |
(does not migrate) |
Betting |
Gambling, lotteries, sweepstakes |
Suicide |
Violence, intolerance |
Tobacco |
Alcohol, tobacco, drugs |
Torrents |
Torrents |
Mentioned in Federal list of extremists (RF) |
Forbidden by Russian Federation laws |
File sharing |
File sharing |
Pharmacy |
(does not migrate) |
Hobby and entertainment |
(does not migrate) |
Chats and forums |
Chats, forums, IM |
Schools and universities pages |
(does not migrate) |
Astrology and esoterica |
(does not migrate) |
Extremism and racism |
Violence, intolerance |
E-commerce |
Online stores |
Erotic |
Adult content |
Humor |
(does not migrate) |
Local activity control
KSWS Application Control settings are migrated to the Security Controls section, Application Control subsection.
Application Control settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Operation mode:
|
Action (Application Control):
|
Repeat action taken for the first file launch on all the subsequent launches for this file |
(does not migrate) Kaspersky Endpoint Security scans the application every time it attempts to run. |
Deny the command interpreters launch with no command to execute |
(does not migrate) Kaspersky Endpoint Security allows running command interpreters if they are not prohibited by Application Control. |
Rules |
Application Control rules (supported with limitations) Kaspersky Endpoint Security 11.11.0 introduces support for migrating Applications Launch Control rules. The Applications Launch Control rule migration functionality has some limitations. By default, KSWS Applications Launch Control includes two rules:
If at least one source KSWS rule has the Allow type, during the migration KES creates a new allowing rule, Applications with trusted root certificates. That is, KES Application Control uses a single rule to allow running trusted scripts, MSI packages, and executable files. If both source KSWS rules have the Deny type, KES does not add rules for managing applications with trusted root certificates. |
Apply rules to executable files |
(does not migrate) Rule application scope cannot be configured in KES Application Control settings. KES Application Control applies rules to all types of files: executable files, scripts, and MSI packages. If all file types are included in the rule application scope in KSWS, during migration KES carries over the KSWS rules. If some file type is excluded from the rule application scope in KSWS, during migration KES also carries over KSWS rules, but Test rules is selected as the Application Control action. |
Monitor loading of DLL modules |
Control DLL modules load (significantly increases the load on the system) |
Apply rules to scripts and MSI packages |
(does not migrate) Rule application scope cannot be configured in KES Application Control settings. KES Application Control applies rules to all types of files: executable files, scripts, and MSI packages. If all file types are included in the rule application scope in KSWS, during migration KES carries over the KSWS rules. If some file type is excluded from the rule application scope in KSWS, during migration KES carries over KSWS rules, but Test rules is selected as the Application Control action. |
Deny applications untrusted by KSN |
(does not migrate) Kaspersky Endpoint Security does not take into account the reputation of applications and allows or denies running applications in accordance with rules. |
Allow applications trusted by KSN |
During the migration, KES adds a new allowing rule. The Other Software → Applications trusted according to reputation in KSN KL category is specified as the rule triggering condition. |
Users and / or user groups allowed to run applications trusted by KSN |
Users and their rights in an Application Control allow rule that includes the KL category Other applications → Applications trusted according to reputation in KSN |
Automatically allow software distribution via applications and packages listed |
Software Distribution Control in KSWS and KES works differently. During the migration, KES adds new allowing rules for applications that have automatic software distribution allowed. The file hash is specified as the rule triggering condition. |
Always allow software distribution via Windows Installer |
Use trusted system certificate store (Exclusions subsection) The Trusted system certificate store setting has the Trusted root certification authorities value. |
Always allow software distribution via SCCM using the Background Intelligent Transfer Service |
(does not migrate) |
Software distribution applications and packages allowed |
Software Distribution Control in KSWS and KES works differently. During the migration, KES adds new allowing rules for applications that have automatic software distribution allowed. The file hash is specified as the rule triggering condition. |
Schedule settings |
(does not migrate) If a schedule is configured for the component in KSWS settings, the Application Control component is enabled upon migration. If a schedule is not configured for the component in KSWS settings, Application Control is disabled upon migration. It is not possible to configure a separate schedule for the component. The component is always on while Kaspersky Endpoint Security is operational. |
KSWS Device Control settings are migrated to the Security Controls section, Device Control subsection.
Device Control settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Operation mode:
|
(does not migrate) Application Control operates in the Active mode. Device connection statistics is continuously provided by Audit. |
Allow using all external devices when the Device Control task is not running |
(does not migrate) Device Control is always on while Kaspersky Endpoint Security is running. |
Device Control rules |
Trusted devices During migration, Kaspersky Endpoint Security ignores disabled KSWS rules. |
Schedule settings |
(does not migrate) Kaspersky Endpoint Security uses its own schedule for gaining access to certain device types. |
Network-Attached Storages Protection
RPC Network Storage Protection
Kaspersky Endpoint Security does not support Network-Attached Storages Protection components. If you need these components, you can continue using Kaspersky Security for Windows Server.
ICAP Network Storage Protection
Kaspersky Endpoint Security does not support Network-Attached Storages Protection components. If you need these components, you can continue using Kaspersky Security for Windows Server.
Kaspersky Endpoint Security does not support Anti-Cryptor for NetApp. Anti-Cryptor functionality is provided by other application components, such as Behavior Detection.
Network activity control
Kaspersky Endpoint Security does not support KSWS Firewall Management. KSWS Firewall functions are performed by the system-level Firewall. After migration, you can configure the Kaspersky Endpoint Security Firewall.
Network Anti-Cryptor settings are migrated to the Advanced Threat Protection section, Behavior Detection subsection.
Anti-Cryptor settings
KSWS settings |
KES settings |
---|---|
Operation mode:
|
Upon detection of external encryption of shared folders:
|
Heuristic analyzer |
(does not migrate) Kaspersky Endpoint Security does not use Heuristic Analysis for Behavior Detection. |
Configuration of protection scope:
|
(does not migrate) Kaspersky Endpoint Security prevents encryption of all shared network folders of the protected computer. |
Exclusions |
(does not migrate) Kaspersky Endpoint Security has its own exclusions for the Behavior Detection component. You can manually add exclusions after migration. |
Schedule settings |
(does not migrate) It is not possible to configure a separate schedule for the component. The component is always on while Kaspersky Endpoint Security is operational. |
System Inspection
File Integrity Monitor settings from KSWS are migrated to the Security Controls section, System Integrity Monitoring subsection.
File Integrity Monitor settings
KSWS settings |
KES settings |
---|---|
Log information about file operations that appear during the monitor interruption period |
(does not migrate) Kaspersky Endpoint Security does not log events for file operations performed during the monitor interruption period. |
Block attempts to compromise the USN log |
(does not migrate) Kaspersky Endpoint Security does not block attempts to compromise the USN log. |
Monitoring scope |
Monitoring scope → File (supported with limitations) Disabled monitoring scope records are not migrated to KES. Kaspersky Endpoint Security adds only enabled records to the monitoring scope. |
Trusted users |
Trusted users and / or user groups |
File operation markers |
File operation markers |
Calculate checksum for the file if possible |
Hashing |
Exclusions |
Exclusions → File |
KSWS Log Inspection settings are migrated to the Security Controls section, Log Inspection subsection.
Log Inspection settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Apply custom rules for log inspection |
(does not migrate) Kaspersky Endpoint Security applies all enabled custom rules. |
Custom rules |
Custom rules The A service was installed in the system (for Server 2003 OS) predefined rule is not migrated to KES. |
Apply predefined rules for log inspection |
(does not migrate) Kaspersky Endpoint Security applies all enabled predefined rules. |
Predefined rules |
Predefined rules |
Password brute-force detection |
Brute-force attack detection |
Network logon detection |
Network logon detection |
Exclusions (IP addresses) |
Exclusions (IP address) |
Exclusions (users) |
Exclusions (Users) |
Schedule settings |
(does not migrate) It is not possible to configure a separate schedule for the component. The component is always on while Kaspersky Endpoint Security is operational. |
Logs and notifications
KSWS Logs settings are migrated to the General settings section, Interface and Reports and Storage subsections.
Logs settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Event logging |
Notifications (Interface subsection) |
Logs folder |
(does not migrate) Kaspersky Endpoint Security saves reports in the |
Remove task logs older than N day(s) |
(does not migrate) You can configure the storage period for KES reports under General settings, Reports and Storage. |
Remove from the audit log events N day(s) |
(does not migrate) Kaspersky Endpoint Security applies report storage limitations to all reports including system audit reports. |
SIEM Integration |
(does not migrate) You can configure SIEM integration in Kaspersky Security Center. |
KSWS Notifications settings are migrated to the General settings section, Interface subsection.
Notifications settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Notifications |
Notifications |
Notify users:
|
(does not migrate) Kaspersky Endpoint Security does not support modifying notification text. Kaspersky Endpoint Security displays standard notifications. |
Notify administrators:
|
Only email notification settings are migrated to Kaspersky Endpoint Security – Email notification settings (Notifications block). Other methods of notifying administrators are not supported. |
Application database is out of date |
Send the "Databases out of date" notification if databases were not updated |
Application database is extremely out of date |
Send the "Databases extremely out of date" notification if databases were not updated |
Critical areas scan has not been performed for a long time |
(does not migrate) Kaspersky Endpoint Security generates a missed Critical Areas Scan event after three days. |
Interaction with Administration Server
KSWS Administration Server interaction settings are migrated to the General settings section, Reports and Storage subsection.
Administration Server interaction settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Quarantined files |
About Quarantine files |
Backed up files |
About files in Backup |
Blocked hosts |
(does not migrate) Kaspersky Endpoint Security automatically sends data about blocked hosts. |
Tasks
Kaspersky Endpoint Security does not support the Application activation task (KSWS). You can create a Add key task (KES), add a license key to the Installation package, or enable automatic license key distribution.
The Copying Updates task settings (KSWS) are migrated to the Update of databases and application modules task (KES).
Copying Updates task settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Update source:
|
Update source:
|
Use Kaspersky update servers if specified servers are not available |
(does not migrate) Kaspersky Endpoint Security allows selecting multiple update sources, including Kaspersky update servers. If the first update source is not available, Kaspersky Endpoint Security lets you obtain updates from another source in the list. |
Use proxy server settings to connect to Kaspersky update servers |
(does not migrate) Kaspersky Endpoint Security uses the proxy server for all components. You can configure the proxy server connection in network options of the application. |
Use proxy server settings to connect to other servers |
(does not migrate) Kaspersky Endpoint Security uses the proxy server for all components. You can configure the proxy server connection in network options of the application. |
Copying updates settings:
|
(does not migrate) Kaspersky Endpoint Security copies database updates and critical updates of application modules as a single package. |
Folder for local storage of copied updates |
Copy updates to folder |
Baseline File Integrity Monitor
The Baseline File Integrity Monitor task settings (KSWS) are migrated to the System Integrity Check task and to the policy section Security Controls, subsection System Integrity Monitoring.
Baseline File Integrity Monitor task settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Hash calculation algorithm:
|
(does not migrate) Kaspersky Endpoint Security uses the SHA256 algorithm for checksum calculation. |
Scan scope |
Monitoring scope (System Integrity Monitoring subsection) |
The Database Update task settings (KSWS) are migrated to the Update of databases and application modules task (KES).
Database Update task settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Update source:
|
Update source:
|
Use Kaspersky update servers if specified servers are not available |
(does not migrate) Kaspersky Endpoint Security allows selecting multiple update sources, including Kaspersky update servers. If the first update source is not available, Kaspersky Endpoint Security lets you obtain updates from another source in the list. |
Use proxy server settings to connect to Kaspersky update servers |
(does not migrate) Kaspersky Endpoint Security uses the proxy server for all components. You can configure the proxy server connection in network options of the application. |
Use proxy server settings to connect to other servers |
(does not migrate) Kaspersky Endpoint Security uses the proxy server for all components. You can configure the proxy server connection in network options of the application. |
Lower the load on the disk I/O |
(does not migrate) |
The Software Modules Update task settings (KSWS) are migrated to the Update of databases and application modules task (KES).
Software Modules Update task settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Update source:
|
Update source:
|
Use Kaspersky update servers if specified servers are not available |
(does not migrate) Kaspersky Endpoint Security allows selecting multiple update sources, including Kaspersky update servers. If the first update source is not available, Kaspersky Endpoint Security lets you obtain updates from another source in the list. |
Use proxy server settings to connect to Kaspersky update servers |
(does not migrate) Kaspersky Endpoint Security uses the proxy server for all components. You can configure the proxy server connection in network options of the application. |
Use proxy server settings to connect to other servers |
(does not migrate) Kaspersky Endpoint Security uses the proxy server for all components. You can configure the proxy server connection in network options of the application. |
Copy and install critical software modules updates |
Install critical and approved updates |
Only check for critical software updates available |
(does not migrate) Kaspersky Endpoint Security continually checks the availability of critical updates for application modules. |
Allow operating system restart |
(does not migrate) Kaspersky Endpoint Security prompts the user for permission to restart the computer. |
Receive information about available scheduled software modules updates |
(does not migrate) Kaspersky Endpoint Security displays notifications about software module updates. |
Rollback of Application Database Update
The Rollback of Application Database Update task settings (KSWS) are migrated to the Update rollback task (KES). The new Update rollback task (KES) has a task start schedule – Manually.
The On-Demand Scan task settings (KSWS) are migrated to the Malware Scan task (KES).
Virus Scan task settings
Kaspersky Security for Windows Server settings |
Kaspersky Endpoint Security for Windows settings |
---|---|
Scan scope |
Scan scope |
Protection level:
|
Security level:
Security level settings are different in KSWS and KES. |
Objects to scan:
|
File types:
Kaspersky Endpoint Security does not allow creating custom extension lists. Kaspersky Endpoint Security replaces the Objects scanned by specified list of extensions value with the Files scanned by extension value. |
Subfolders |
Include subfolders |
Subfiles |
(does not migrate) |
Scan disk boot sectors and MBR |
(does not migrate) |
Scan alternate NTFS streams |
(does not migrate) |
Scan only new and modified files |
Scan only new and modified files |
Scan of compound objects:
|
Scan of compound files:
|
Action to perform on infected and other objects:
|
Action on threat detection:
|
Action to perform on probably infected objects:
|
(does not migrate) Kaspersky Endpoint Security applies the action if any threat is detected. |
Perform actions depending on the type of object detected |
(does not migrate) |
Entirely remove compound file that cannot be modified by the application in case of embedded object detection |
(does not migrate) |
Exclude files |
(does not migrate) Kaspersky Endpoint Security applies the trusted zone to all components. You can configure exclusions in trusted zone settings. |
Do not detect |
(does not migrate) |
Stop scanning if it takes longer than N sec |
Skip files that are scanned for longer than N sec |
Do not scan compound objects larger than N MB |
Do not unpack large compound files |
Use iSwift technology |
iSwift Technology |
Use iChecker technology |
iChecker Technology |
Action on the offline files:
|
(does not migrate) Kaspersky Endpoint Security scans offline files in their entirety.
|
The Application Integrity Control task settings (KSWS) are migrated to the Application Integrity Check task (KES).
Rule Generator for Applications Launch Control
Kaspersky Endpoint Security does not support the Applications Launch Control Generator task. You can generate rules in Application Control settings.
Rule Generator for Device Control
Kaspersky Endpoint Security does not support the Rule Generator for Device Control task. You can generate access rules in Device Control settings.