To configure some application components, you must add special rules. For example, for Web Control, you must add a rule with a list of web addresses that you want the application to block. In application component rules, you can also configure a schedule for the component or select users to which the application must apply the rule.
Rules must be added to configure the following application components:
Starting with Kaspersky Endpoint Security for Windows 12.5, you can select users not only from Active Directory, but also from the list of users in Kaspersky Security Center. You can also enter local user account data manually. This means you can add users in the following ways:
In order to correctly employ all user selection methods you need to update Kaspersky Endpoint Security application and management plug-in to version 12.5 or higher.
Kaspersky recommends using local user accounts only in special cases when it is not possible to use domain user accounts. For details about the security risks of using local accounts, see the Microsoft Knowledge Base. You bear full responsibility for the security of a computer if local user accounts are used; in particular this includes the responsibility for controlling and restricting access to Kaspersky Endpoint Security settings.
The application uses the SID (Security Identifier) of the user to identify users. When using user accounts from Active Directory or from the Kaspersky Security Center user list, the application determines the SID on the Administration Server. This means the application does not place extra load on the computer to identify a user. If you added more than 1000 local user accounts to an application rule, the applications contacts the domain controller to identify the user. This means the load on the computer is increased. To optimize the performance impact on the computer, we recommend using user accounts from Active Directory or the Kaspersky Security Center user list.
Page top