Manually configuring the security level settings in the ICAP Network Storage Protection task

By default, the ICAP Network Storage Protection task has the settings described in the table below. You can change the values of these settings.

When the task settings are modified (for example, a different security level is specified), Kaspersky Security for Windows Server immediately applies the new settings in the running task. Kaspersky Security for Windows Server logs the date and time when task settings were modified in the system audit log.

Settings of the ICAP Network Storage Protection task

Setting	Default value	Comment
Security level	The Recommended security level is applied.	You can apply one of the preset security levels to the protected network attached storage, or specify the values of the security settings manually.
Heuristic analyzer	The Medium analysis level is applied.	The Heuristic Analyzer can be enabled or disabled and the analysis level configured.
Use KSN for protection	Applied.	You can enable or disable the use of KSN services for ICAP Network Storage Protection.
ICAP-service connection settings	Network port number – 1344. Service ID – avscan.	You can also modify other network storage connection settings. These changes should be incorporated on the network attached storages.
Schedule settings	Not applied. The Run by schedule check box is cleared. The task is run manually.	You can configure the task to run by schedule, for example at Kaspersky Security for Windows Server startup.

To manually configure the security settings of an ICAP network storage:

1. Expand the Managed devices node in the Kaspersky Security Center Administration Console tree.
2. Select the administration group for which you want to configure the task.
3. Select the Policies tab.
4. Double-click the policy name you want to configure.
5. In the Properties: <Policy name> window that opens, select the Network attached storage protection section.
6. Click the Settings button in the Real-Time File Protection (ICAP) subsection.

   The ICAP-network storage protection window opens.

7. On the General tab of the ICAP-network storage protection window click the Settings button.

   The Security settings window opens.

8. Configure the settings in accordance with your computer security requirements. To do this, perform the following actions:
   • On the General tab take the following actions:
     • In the Objects protection section, specify objects to be scanned by Kaspersky Security for Windows Server:
       • All objects
         

         Kaspersky Security for Windows Server scans all objects.

       • Objects scanned by format
         

         Kaspersky Security for Windows Server scans only infectable objects based on file format.

         Kaspersky compiles the list of formats. It is included in the Kaspersky Security for Windows Server databases.

       • Objects scanned according to list of extensions specified in anti-virus database
         

         Kaspersky Security for Windows Server scans only infectable objects based on file extension.

         Kaspersky compiles the list of extensions. It is included in the Kaspersky Security for Windows Server databases.

       • Objects scanned by specified list of extensions
         

         Kaspersky Security for Windows Server scans files based on file extension. The list of file extensions can be manually customized in the List of extensions window, which can be opened by clicking the Modify button.

       This setting can be also configured in the network attached storage. If the setting is configured in Kaspersky Security for Windows Server, the network attached storage sends the inapplicable object for scanning, and Kaspersky Security for Windows Server declares the object safe without running a virus scan. If the setting is configured in the network attached storage, the network attached storage does not send the inapplicable object for scanning. To reduce network traffic and the load on the server with Kaspersky Security for Windows Server installed, it is recommended to configure settings that limit the number of objects scanned in the network attached storage.

     • In the Compound objects protection section, specify compound objects to be scanned by Kaspersky Security for Windows Server.
   • On the Actions tab take the following actions:
     • In the Action to perform on infected and other objects section, select the action to be performed by Kaspersky Security for Windows Server on detecting an infected object.
     • In the Action to perform on probably infected objects section, select the action to be performed by Kaspersky Security for Windows Server on detecting a probably infected object.
     • Configure actions to be performed on objects depending on the type of object detected.
   • On the Performance tab take the following actions:
     • In the Exclusions section, specify objects that you want Kaspersky Security for Windows Server to exclude from scanning:
       • To exclude files from scanning, select the Exclude files check box and specify the names or name masks of files to be excluded.
       • To exclude detectable objects (such as remote administration utilities), select the Do not detect check box and specify the names or name masks of detectable objects, according to the Virus Encyclopedia classification.
     • In the Advanced settings section, specify the maximum duration of object scanning and the maximum size of the compound file being scanned.
9. Click OK in the Security settings window.

   The Security settings window closes.

10. Click OK in the ICAP-network storage protection window.

The configured custom security level settings are saved.

Page top