Configuring general settings via the Application Console

General settings and malfunction diagnostics settings of Kaspersky Industrial CyberSecurity for Nodes establish the general operating conditions for the application. These settings allow you to control the number of working processes used by Kaspersky Industrial CyberSecurity for Nodes, enable recovery of Kaspersky Industrial CyberSecurity for Nodes tasks after an abnormal termination, maintain the log, enable creation of dump files of Kaspersky Industrial CyberSecurity for Nodes processes after abnormal termination, and configure other general settings.

Application settings cannot be configured in the Kaspersky Industrial CyberSecurity for Nodes Console if the active Kaspersky Security Center policy blocks changes to these settings.

To configure the general settings of Kaspersky Industrial CyberSecurity for Nodes:

1. In the Application Console tree, select the Kaspersky Industrial CyberSecurity for Nodes node and do one of the following:
   • Click the Application properties link in the results pane of the node.
   • Select Application properties in the node's context menu.

   The Application properties window opens.

2. On the Interface tab, specify which warnings you want to see on the Kaspersky Industrial CyberSecurity for Nodes system tray icon.
3. On the Security settings tab, configure the following settings:
   • In the General section, configure the Start the application on computer startup (recommended) option.
     

     When the check box is selected, Kaspersky Industrial CyberSecurity for Nodes is started after the operating system loads, protecting the computer during the entire session.

     When the check box is cleared, Kaspersky Industrial CyberSecurity for Nodes is not started after the operating system loads, until the user starts it manually. Computer protection is disabled and user data may be exposed to threats.

   • Under Self-Defense, configure the protection of application modules and operating system services.
     

     1. Use the Protect operating system services check box to enable or disable protection of the operating system services.

        If the protection of operating system services is enabled, third-party applications cannot act upon the processes of the operating system.

        If the protection of operating system services is disabled, third-party applications can act upon the processes of the operating system.

        After enabling or disabling the function, you must restart your computer to apply the changes.

     

     If the Protect application processes from external threats function is enabled, the application protects its processes against code injection and accessing of process data.

     When enabling or disabling this function, there is no need to restart the application services for the changes to apply.

     The function is enabled by default.

   • In the Actions when switching to UPS backup power section, specify limitations on protected device load created by Kaspersky Industrial CyberSecurity for Nodes after switching to UPS power:
     • Do not start scheduled scan tasks
       

       This check box enables or disables the start of a scheduled scan task after the protected device switches to a UPS source until the standard power supply is restored.

       If the check box is selected, Kaspersky Industrial CyberSecurity for Nodes does not start scheduled scan tasks after the protected device switches to a UPS source until the standard power supply is restored.

       If the check box is cleared, Kaspersky Industrial CyberSecurity for Nodes starts scheduled scan tasks regardless of the power supply.

       The check box is selected by default.

     • Stop running scan tasks
       

       The check box enables or disables running scan tasks after the protected device switches to a UPS source.

       If the check box is selected, Kaspersky Industrial CyberSecurity for Nodes pauses running scan tasks after the protected device switches to a UPS source.

       If the check box is cleared, Kaspersky Industrial CyberSecurity for Nodes continues running scan tasks after the protected device switches to a UPS source.

       The check box is selected by default.

   • In the Compatibility settings section, configure the Compatibility with remote administration software setting.

     If using Kaspersky Industrial CyberSecurity for Nodes alongside Remote Administration Tools (RAT) causes problems, you can enable the compatibility mode. The problems may be related to the incompatibility of RATs with the Secure Desktop functionality of the application. This purpose of this functionality is to confirm actions that can potentially lower the security level of the computer. This functionality lets an application display a confirmation dialog that is isolated from other processes. This functionality uses elevated rights to secure the request. In this way, only the user can confirm the action and not the malware.

     If the check box is selected, the RAT compatibility mode is enabled. The application displays a confirmation dialog without this functionality. This can reduce the security level of the computer. We do not recommend enabling the compatibility mode if Kaspersky Industrial CyberSecurity for Nodes is not causing problems with your RAT.

     If the check box is cleared, the RAT compatibility mode is disabled. By default, the check box is cleared.

     Example: When using the browser in RemoteApp mode, Kaspersky Industrial CyberSecurity for Nodes may not display a confirmation window when visiting a website with an untrusted certificate because RemoteApp does not support the Secure Desktop functionality of the application. This can cause the browser to become unresponsive. For the browser to work correctly in RemoteApp mode, you must enable the compatibility mode.

     You can also try enabling the compatibility mode if you encounter problems with the Secure Desktop functionality when using other third-party software.

   • In the Scan settings section, configure the CPU usage limit for scan tasks and allow conceding resources to other applications.
     

     Consumption of computer resources by Kaspersky Industrial CyberSecurity for Nodes when scanning the computer may increase the load on the CPU and hard drive subsystems. This may slow down other applications. To optimize the performance, Kaspersky Industrial CyberSecurity for Nodes provides a mode for transferring resources to other applications. In this mode, the operating system can decrease the priority of Kaspersky Industrial CyberSecurity for Nodes scan task threads when the CPU load is high. This allows redistributing operating system resources to other applications. Thus, scan tasks will receive less CPU time. As a result, Kaspersky Industrial CyberSecurity for Nodes will take longer to scan the computer. By default, the application is configured to concede resources to other applications.

     Kaspersky Industrial CyberSecurity for Nodes limits its use of the protected device CPU during on-demand scan tasks to the value specified in the Upper limit field.

     However, the application may use much more CPU time because of other components.

     Enabling this functionality may negatively affect the performance of Kaspersky Industrial CyberSecurity for Nodes.

     By default, this function is disabled.

4. On the Network settings tab, configure the following settings:
   • In the Proxy server section, specify the proxy server settings: authentication type and details required for authentication on the proxy server.
   • Under Port for remote connection, if necessary, change the ports that the Application Console uses to connect to the computer with the application installed.

     The default port number for connection with Windows credentials is 13032, and the default port number for connection with credentials of manually created users is 13031. Range of possible port numbers: 1–65535.

     The previously saved port numbers are used until the application is restarted.

5. On the Malfunction diagnosis tab, click Settings and configure the tracing and memory dumping of the application.
   1. Select the Application dump settings tab.
   2. Select or clear the Create dump file check box to enable or disable memory dumping in case of malfunctions.

      By default, memory dump files are stored in the following folder: %ProgramData%\Kaspersky Lab\KICS.4.5\Traces. You can specify another path.

   The Trace files folder field, contains the full path to the local folder in which Kaspersky Embedded Systems Security saves trace files by default. You can specify another path.

   1. In the Level of detail drop-down list, select the level of detail of the debug information:
      • Critical means the trace file saves only messages about fatal errors.
      • Diagnostic means the trace file saves messages about all errors as well as warnings.
      • Important means the trace file saves messages about all errors, warnings, and additional information.
      • Normal means the trace file saves messages about all errors, warnings, as well as information about normal operation of the application (default).
      • Detailed means the trace file saves all information about the operation of the application.

      A Technical Support representative determines the detail level required to resolve any potential issues.

      The default level of detail is set to Normal.

   2. Specify the Maximum size of trace files (MB).

      Available values: from 1 to 4095 MB. By default, the maximum size of trace files is 100 MB.

   3. To delete the old trace files when the maximum number of files is reached, select the Remove older trace files check box.
   4. Specify the Maximum number of files for one trace log.

      Available values: from 1 to 999. By default, the maximum number of files is 5. The field is available if the Remove older trace files check box is selected.

   Kaspersky Industrial CyberSecurity for Nodes writes information to trace files and the dump file in unencrypted form. The folder where files are saved; managed by the operating system configuration and Kaspersky Industrial CyberSecurity for Nodes settings. You can configure access permissions and allow only required users to access logs, trace files and dump files.

6. Click OK.

Kaspersky Industrial CyberSecurity for Nodes settings are saved.

Page top