At this step, the possibility of using various system event interception mechanisms is determined. If the operating system on the device supports fanotify and satisfies other requirements for installing the updatable kernel module, you can select the system event interception mechanism:
yes if you want to use the updatable kernel module.no if you want to use fanotify.If the operating system on the device supports fanotify, but does not satisft the requirements for installing the updatable kernel module, the application uses fanotify to intercept system events.
If you select the updatable kernel module as the interception mechanism, specify the following settings:
yes if you want the application to fall back to fanotify for system events interception if the updatable kernel module fails to start.no if you want the application to continue running without system event interception if the updatable kernel module fails to start.
If the application does not use system event interception, real-time file scanning is not performed, and the protection level of the device is reduced.
We recommend automatically restarting the application to switch to using the updatable kernel module. Starting the updatable kernel module manually after restarting the application can lead to application errors.
Enter yes if you want to allow automatically restarting the application to run the module.
If the operating system on the device does not support fanotify, the application uses the kernel module for File Threat Protection. If all the dependencies are available, the compilation of the kernel module is started automatically when File Threat Protection starts.
If any dependencies are not found on the device, the Kaspersky Endpoint Security application suggests installing the relevant packages. If the package download fails, an error message will be displayed.
Page top