The entire protected device, excluding virtual drives.
Use this option to change the protection scope.
Security settings
Common settings for the entire protection scope correspond to the Recommended security level.
For nodes selected in the protected device's file resource list or tree, you can:
Select a different predefined security level
Manually change security settings
You can save a group of security settings for a selected node as a template to use later for a different node.
Objects protection mode
Smart mode
Use this option to select the protection mode, i.e. define the type of access attempts for which Kaspersky Industrial CyberSecurity for Nodes scans objects.
Heuristic analyzer
The Medium security level is applied.
The Heuristic Analyzer can be enabled or disabled and the analysis level can be configured.
Block access to network shared resources for the sessions that show malicious activity
Not applied.
Use this option to block current session and to add host IP or host LUID for which malicious activity was detected in the Blocked hosts storage section.
Launch critical areas scan when active infection is detected
Applied.
When active infection is detected, Kaspersky Industrial CyberSecurity for Nodes creates and launches Critical Areas Scan task.
Stop the container if disinfection fails
Applied.
The application may not have read and write permissions for the detected object. In this case it is not possible to disinfect or delete the detected object. If the check box is selected, the application blocks the detected object and stops the container. If the check box is cleared, the application only blocks the detected object.
Do not scan file operations executed in Windows containers
Applied.
If the check box is selected, the application scans the container only at the container startup. If the check box is cleared, the application scans the container continuously in real-time.
In the Kaspersky Security Center Administration Console tree, select the Policies folder.
Select the necessary policy and double-click to open the policy properties.
In the policy properties window, select Real-Time Computer Protection.
In the Real-Time File Protection settings section, click Settings.
Select the Real-Time File Protection check box.
In the Objects protection mode block, on the General tab, select the Real-Time File Protection operation mode:
Smart mode. Kaspersky Industrial CyberSecurity for Nodes selects objects to be scanned on its own. An object is scanned on being opened and then again after being saved if the object has been modified. If the object is accessed multiple times and modified by the process, Kaspersky Industrial CyberSecurity for Nodes rescans the object only after the object is saved by the process for the last time.
On access and modification. Kaspersky Industrial CyberSecurity for Nodes scans an object when it is opened and rescans after it is saved, if the object was modified. This option is selected by default.
On access. Kaspersky Industrial CyberSecurity for Nodes scans all objects when they are opened for reading, execution, or modification.
When run. Kaspersky Industrial CyberSecurity for Nodes scans a file only when it is accessed to be executed.
Clear or select the Use heuristic analysis check box.
Select or clear the Block access to network shared resources for the sessions that show malicious activity check box.
Clear or select the Launch critical areas scan when active infection is detected check box.
If the check box is selected, when active infection is detected, Kaspersky Industrial CyberSecurity for Nodes runs the predefined Critical Areas Scan task. The check box is selected by default.
Specify settings for scanning file operations executed in Windows containers.
In the main window of the Web Console, select Assets (Devices) → Policies & profiles.
Click the name of the Kaspersky Industrial CyberSecurity for Nodes policy.
The policy properties window opens.
Select the Application settings tab.
Go to Real-Time Computer Protection → Real-Time File Protection and click the Configure button.
Select the Enable Real-Time File Protection check box.
In the Objects protection mode block, on the General tab, select the Real-Time File Protection operation mode:
Smart mode. Kaspersky Industrial CyberSecurity for Nodes selects objects to be scanned on its own. An object is scanned on being opened and then again after being saved if the object has been modified. If the object is accessed multiple times and modified by the process, Kaspersky Industrial CyberSecurity for Nodes rescans the object only after the object is saved by the process for the last time.
On access and modification. Kaspersky Industrial CyberSecurity for Nodes scans an object when it is opened and rescans after it is saved, if the object was modified. This option is selected by default.
On access. Kaspersky Industrial CyberSecurity for Nodes scans all objects when they are opened for reading, execution, or modification.
When run. Kaspersky Industrial CyberSecurity for Nodes scans a file only when it is accessed to be executed.
Clear or select the Use heuristic analysis check box.
Select or clear the Block access to network shared resources for the network sessions showing malicious activity check box.
Clear or select the Launch critical areas scan when active infection is detected check box.
If the check box is selected, when active infection is detected, Kaspersky Industrial CyberSecurity for Nodes runs the predefined Critical Areas Scan task. The check box is selected by default.
Specify settings for scanning file operations executed in Windows containers.
In the Kaspersky Industrial CyberSecurity for Nodes Console tree, select Real-Time Computer Protection → Real-Time File Protection.
In the results pane of the Real-Time File Protection node, click Properties.
The Properties:Real-Time File Protection window opens.
Select the Real-Time File Protection check box.
In the Objects protection mode block, on the General tab, select the Real-Time File Protection operation mode:
Smart mode. Kaspersky Industrial CyberSecurity for Nodes selects objects to be scanned on its own. An object is scanned on being opened and then again after being saved if the object has been modified. If the object is accessed multiple times and modified by the process, Kaspersky Industrial CyberSecurity for Nodes rescans the object only after the object is saved by the process for the last time.
On access and modification. Kaspersky Industrial CyberSecurity for Nodes scans an object when it is opened and rescans after it is saved, if the object was modified. This option is selected by default.
On access. Kaspersky Industrial CyberSecurity for Nodes scans all objects when they are opened for reading, execution, or modification.
When run. Kaspersky Industrial CyberSecurity for Nodes scans a file only when it is accessed to be executed.
Clear or select the Use heuristic analysis check box.
Select or clear the Block access to network shared resources for the sessions that show malicious activity check box.
Clear or select the Launch critical areas scan when active infection is detected check box.
If the check box is selected, when active infection is detected, Kaspersky Industrial CyberSecurity for Nodes runs the predefined Critical Areas Scan task. The check box is selected by default.
Specify settings for scanning file operations executed in Windows containers.