The main protection profile is automatically generated during creation of the main policy and tenant policy. You can configure the settings of the main protection profile while creating a policy (during the Configure main protection profile settings step) or in the properties of the policy after it is created (in the Main protection profile subsection in the File Threat Protection section).
To configure main protection profile settings:
If you have changed security level settings, the application creates a custom security level. The name of the security level in the Security level section changes to Custom.
When protecting virtual machines running Linux operating systems, Kaspersky Security always scans files of supported network file systems (NFS and CIFS). If you want to exclude files of network file systems from the protection scope, you must configure a protection exclusion for the directory in which the network file system is mounted.
Kaspersky Security always scans files on removable and hard drives. For this reason the Scan all removable drives and hard drives setting in the Protection scope section cannot be edited.
In the Exclusions from protection window that opens, specify the following settings:
You can type file extensions in the field by separating them with a blank space, or by typing each extension in a new line. File extensions may contain any characters except
. * | \ : " < > ? /. If an extension includes a blank space, the extension should be typed inside quotation marks:
If you have selected Scan files with the following extensions only in the drop-down list but have not specified the extensions of files to scan, Kaspersky Security scans all files.
By default, the list of exclusions includes the objects recommended by Microsoft (please refer to the list of recommended exclusions on the Microsoft website). Kaspersky Security excludes these objects from protection on all virtual machines to which the main protection profile has been assigned. You can view and edit the list of these objects in the Files and folders table.
You can exclude objects of the following types from protection:
You can use the
? symbols to specify a file mask.
Kaspersky Security ignores the case of characters in paths to files and folders that are excluded from protection.
You can save a configured list of exclusions to a file using the Export button or load a previously saved list of exclusions from a file using the Import button. To import or export a list of exclusions, you can use a file in XML format. You can also import a list of exclusions from a file in DAT format. Using a file in DAT format, you can import a list of exclusions that was generated in other Kaspersky applications.
If your exclusions list uses an environment variable that has multiple values depending on the bit rate of the application that uses it, in 64-bit Windows operating systems, objects corresponding to all values of the variable are excluded from protection. For example, if you are using the variable %ProgramFiles%, objects located in the folder C:\Program files and in the folder C:\Program files (х86) are excluded from protection.
The new protection profile settings are applied after data is synchronized between Kaspersky Security Center and the SVMs.Page top