About Kaspersky Embedded Systems Security

Kaspersky Embedded Systems Security protects computers and other embedded systems under Microsoft® Windows® (hereinafter also referred to as protected devices) against viruses and other computer threats. Kaspersky Embedded Systems Security users are corporate network administrators and specialists responsible for anti-virus protection of the corporate network.

You can install Kaspersky Embedded Systems Security on a variety embedded systems under Windows, including the following devices types:

• ATM (automated tellers machines);
• POS (points of sales).

Kaspersky Embedded Systems Security can be managed in the following ways:

• Via the Application Console installed on the same protected device as Kaspersky Embedded Systems Security, or on a different device.
• Using commands in the command line.
• Via the Kaspersky Security Center Administration Console.

The Kaspersky Security Center application can also be used for centralized administration of multiple protected devices running Kaspersky Embedded Systems Security.

It is possible to review Kaspersky Embedded Systems Security performance counters for the "System Monitor" application, as well as SNMP counters and traps.

Kaspersky Embedded Systems Security components and functions

The application includes the following components:

• Real-Time File Protection. Kaspersky Embedded Systems Security scans objects when they are accessed. Kaspersky Embedded Systems Security scans the following objects:
  • Files
  • Alternate file system streams (NTFS streams)
  • Master boot records and boot sectors on local hard and removable drives
• On-Demand Scan. Kaspersky Embedded Systems Security runs a single scan of the specified area for viruses and other computer security threats. Application scans files, RAM, and autorun objects on a protected device.
• Applications Launch Control. The component tracks users' attempts to launch applications and controls applications launches on a protected device.
• Device Control. The component controls registration and usage of external devices in order to protect the device against computer security threats that may arise while exchanging files with USB-connected flash drives or other types of external device.
• Firewall Management. This component provides the ability to manage the Windows Firewall: configure settings and operating system firewall rules, and block any possibility of external firewall configuration.
• File Integrity Monitor. Kaspersky Embedded Systems Security detects changes in files within the monitoring scopes specified in the task settings. These changes may indicate a security breach on the protected device.
• Log Inspection. This component monitors the integrity of the protected environment based on the results of an inspection of Windows event logs.

The following functions are implemented in the application:

• Database Update and Software Modules Update. Kaspersky Embedded Systems Security downloads updates of application databases and modules from Kaspersky's FTP or HTTP update servers, Kaspersky Security Center Administration Server, or other update sources.
• Quarantine. Kaspersky Embedded Systems Security quarantines probably infected objects by moving such objects from their original location to the Quarantine folder. For security purposes, objects in the Quarantine folder are stored in encrypted form.
• Backup. Kaspersky Embedded Systems Security stores encrypted copies of objects classified as Infected in Backup before disinfecting or deleting them.
• Administrator and user notifications. You can configure the application to notify the administrator and users who access the protected device about events in Kaspersky Embedded Systems Security operation and the status of anti-virus protection on the device.
• Importing and exporting settings. You can export Kaspersky Embedded Systems Security settings to an XML configuration file and import settings into Kaspersky Embedded Systems Security from the configuration file. You can save all application settings or only settings for individual components to a configuration file.
• Applying templates. You can manually configure a node's security settings in the tree or in a list of the protected device's file resources, and save the configured setting values as a template. This template can then be used to configure the security settings of other nodes in Kaspersky Embedded Systems Security protection and scan tasks.
• Managing access permissions for Kaspersky Embedded Systems Security functions. You can configure the rights to manage Kaspersky Embedded Systems Security and the Windows services registered by the application, for users and groups of users.
• Writing events to the Windows Event Log. Kaspersky Embedded Systems Security logs information about software component settings, the current status of tasks, events that occur while tasks run, events associated with Kaspersky Embedded Systems Security management, and information required to diagnose errors in Kaspersky Embedded Systems Security.
• Trusted Zone. You can generate a list of exclusions from the protection or scan scope, that Kaspersky Embedded Systems Security will apply in the On-Demand and Real-Time Computer Protection tasks.
• Exploit Prevention. You can protect process memory from exploits using an Agent injected into the process.