Using Heuristic Analyzer with Mail Anti-Virus
January 10, 2024
To improve the effectiveness of protection, you can use heuristic analysis in the operation of Mail Anti-Virus. During heuristic analysis, Kaspersky Security analyzes the activity of applications in the operating system. Heuristic analysis can detect new malicious objects in messages even if there are currently no records of such objects in the application database.
To use Kaspersky Security Center to configure use of Heuristic Analyzer in the operation of Mail Anti-Virus:
- Open Kaspersky Security Center Administration Console.
- In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
- In the workspace, select the Policies tab.
- Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
- In the policy properties window, select the Mail Anti-Virus section in the list on the left.
- In the right part of the window, in the Security level section, click the Settings button.
- In the Mail Anti-Virus window that opens, on the Additional tab, in the Scan method section, do the following:
- If you want Mail Anti-Virus to use heuristic analysis, select the Heuristic Analysis check box and use the slider to set the heuristic analysis level: Light, Medium, or Deep.
- If you do not want Mail Anti-Virus to use heuristic analysis, clear the Heuristic Analysis check box.
- Click OK in the Mail Anti-Virus window.
- Click the Apply button.
To use the local interface to configure the use of Heuristic Analyzer in the operation of Mail Anti-Virus:
- On the protected virtual machine, open the application settings window.
- In the left part of the window, in the Anti-Virus protection section, select Mail Anti-Virus.
In the right part of the window, the Mail Anti-Virus component’s settings are displayed.
If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.
- Complete steps 6–8 of the previous instructions.
- To save changes, click the Save button.