When the user attempts to access a blocked device, Kaspersky Endpoint Security displays a message stating that access to the device is blocked or that an operation with the device contents is forbidden. Kaspersky experts provide a template of a message to the user describing the reasons why access to the device was blocked (see the figure below).
Special variables are provided for managing the message templates (for example, %USER_NAME%). Variables allow a single message template to be used for different computers. When generating a message, Kaspersky Endpoint Security retrieves the value of the variable from the operating system settings and inserts it into the message matching the specific computer, user, and event.
Device Control notification
If the user believes that access to the device was mistakenly blocked or that an operation with device contents was forbidden by mistake, the user can send a message to the local corporate network administrator by clicking the link in the displayed message about the blocked action. To do so, the user must click Request access or Request temporary access buttons and send a message to the administrator describing the situation. You can also prepare a template of the message to the administrator, adding to it data that may inform your decision to allow or block access to the device. After the user requests to provide access, Kaspersky Endpoint Security sends an event to Kaspersky Security Center: Device access blockage message to administrator. The event description contains a message to administrator with substituted variables. You can view these events in the Kaspersky Security Center console using the predefined event selection User requests. If your organization does not have Kaspersky Security Center deployed or there is no connection to the Administration Server, the application will send a message to administrator to the specified email address.
In the Kaspersky Security Center Administration Console tree, select Policies.
Select the necessary policy and double-click to open the policy properties.
In the policy window, select Security Controls → Device Control.
In the Message template settings block, click the Templates button.
This opens a window; in that window, configure Application Control templates:
Message about blocking. Template of the message that appears when a user attempts to access a blocked device. This message also appears when a user attempts to perform an operation on the device contents that was blocked for this user.
Message to administrator. A template of the message that is sent to the LAN administrator when the user believes that access to the device is blocked or an operation with device content is forbidden by mistake.
To add a variable to the template text, place the cursor in the desired position, click Variable and select the required variable from the list of available options.
In the main window of the Web Console, select Assets (Devices) → Policies & profiles.
Click the name of the Kaspersky Endpoint Security policy.
The policy properties window opens.
Select the Application settings tab.
Go to Security Controls → Device Control.
In the Message templates block, configure templates for Application Control messages:
Message about blocking. Template of the message that appears when a user attempts to access a blocked device. This message also appears when a user attempts to perform an operation on the device contents that was blocked for this user.
Message to administrator. A template of the message that is sent to the LAN administrator when the user believes that access to the device is blocked or an operation with device content is forbidden by mistake.
To add a variable to the template text, place the cursor in the desired position, click Add variable and select the required variable from the list of available options.
In the application settings window, select Security Controls → Application Control.
In the Message templates block, configure templates for Application Control messages:
Message about blocking. Template of the message that appears when a user attempts to access a blocked device. This message also appears when a user attempts to perform an operation on the device contents that was blocked for this user.
Message to administrator. A template of the message that is sent to the LAN administrator when the user believes that access to the device is blocked or an operation with device content is forbidden by mistake.
To add a variable to the template text, place the cursor in the desired position, click Add variable and select the required variable from the list of available options.
button.