Application Control

During operation of the Application Control component, Kaspersky Industrial CyberSecurity for Linux Nodes controls launches of applications on the user computers. This helps reduce the risk of computer infection by restricting access to applications. Application launching is regulated by application control rules.

Application Control can operate in two modes:

Thus, if the application control rules are created to the fullest extent possible, Kaspersky Industrial CyberSecurity for Linux Nodes prohibits the launching of all new applications that are not verified by the administrator of the organization's local network, but ensures the performance of the operating system and verified applications that users need to perform their job duties.

For each operation mode of the Application Control task, separate rules can be created and the action can be specified: apply the rule or test the rule. Kaspersky Industrial CyberSecurity for Linux Nodes performs this action when it detects an attempt to start an application.

The Application Control settings are described in the following table.

Application Control settings

Setting

Description

Application Control enabled / disabled

This toggle button enables or disables Application Control.

This toggle switch is turned off by default.

Application Control action

You can select the action to be performed by Application Control upon detection of an attempt to start the application that matches the configured rules:

  • Test rules (default value). If you select this option, Application Control checks the application control rules and generates an event about detection of applications that match the rules.
  • Apply rules. If you select this option, Application Control applies the application control rules and performs the action specified in the rules.

Application Control mode

You can select the mode of the Application Control component operation:

  • Allowlist. If you select this option, Application Control prevents all users from launching any applications except those specified in the application control rules.
  • Denylist (default value). If you select this option, Application Control allows all users to launch any applications except those specified in the application control rules.

Application Control rules

Clicking the Configure rules link opens the Application Control rules window.

Page top