Support

Support for business applications

Kaspersky Endpoint Security 11 for Linux

Managing the application using Kaspersky Security Center Administration Console

Policy settings

Application Control

Kaspersky Endpoint Security 11 for Linux
Нет результатов
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

Application Control

January 19, 2023

ID 210777

During operation of the Application Control component, Kaspersky Endpoint Security controls launches of applications on the user computers. This helps reduce the risk of computer infection by restricting access to applications. Application launching is regulated by application control rules.

To use the component, a license that includes the corresponding function is required.

This feature is not supported in the KESL container.

Application Control can operate in two modes:

  • Denylist. In this mode Kaspersky Endpoint Security allows all users to launch any applications that are not specified in the application control rules. This is the default operation mode of the Application Control task.
  • Allowlist. In this mode Kaspersky Endpoint Security prevents all users from launching any applications that are not specified in the application control rules.

Thus, if the application control rules are created to the fullest extent possible, Kaspersky Endpoint Security prohibits the launching of all new applications that are not verified by the administrator of the organization's local network, but ensures the performance of the operating system and verified applications that users need to perform their job duties.

For each Application Control operation mode, separate rules can be created and the action can be specified: apply the rule or test the rule. Kaspersky Endpoint Security performs this action when it detects an attempt to start an application.

The Application Control settings are described in the following table.

Application Control settings

Setting

Description

Enable Application Control

The check box enables the Application Control component.

This check box is cleared by default.

Action on detection of an application

You can select the action to be performed by Kaspersky Endpoint Security upon detection of an attempt to start the application that matches the configured rules:

  • Test rules. If you select this option, Kaspersky Endpoint Security checks the rules and generates an event about detection of the applications that match the rules.
  • Apply rules (default value). If you select this option, Kaspersky Endpoint Security applies the Application Control rules and performs the action specified in the rules.

Application Control mode

You can select the mode of the Application Control component operation:

  • Allowlist. If you select this option, Kaspersky Endpoint Security prevents all users from launching any applications except those specified in the application control rules.
  • Denylist (default value). If you select this option, Kaspersky Endpoint Security allows all users to launch any applications except those specified in the application control rules.

Application Control rules

This group of settings contains the Configure button. Clicking this button opens the Application Control rules window.

Kaspersky Endpoint Security for Linux: High protection without performance compromising
Detects and blocks advanced threats. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.