Viewing protection status and Kaspersky Embedded Systems Security for Windows information

Support

Support for business applications

Kaspersky Embedded Systems Security 3.x

Working with the Kaspersky Embedded Systems Security for Windows Console

Viewing protection status and Kaspersky Embedded Systems Security for Windows information

October 25, 2023

ID 148324

Save as PDF

To view information about the device protection status Kaspersky Embedded Systems Security for Windows,

select the Kaspersky Embedded Systems Security for Windows node in the Application Console tree.

By default, information in the details pane of the Application Console is refreshed automatically:

Every 10 seconds in case of a local connection.
Every 15 seconds in case of a remote connection.

You can refresh information manually.

To refresh information in the Kaspersky Embedded Systems Security for Windows node manually,

select the Refresh command in the context menu of the Kaspersky Embedded Systems Security for Windows node.

The following application information is displayed in the details pane of the Application Console:

Kaspersky Security Network Usage status.
Device protection status.
Information about database and application module updates.
Actual diagnostics data.
Data about protected device control tasks.
License information.
Status of integration with Kaspersky Security Center: details of the server with Kaspersky Security Center installed, to which the application is connected; information about application tasks controlled by the active policy.

Color coding is used to display the protection status:

Green. The task is being run in accordance with the configured settings. Protection is active.
Yellow. The task was not started, has been paused, or has been stopped. Security threats may occur. You are advised to configure and start the task.
Red. The task completed with an error or a security threat was detected while the task was running. You are advised to start the task or take measures to eliminate the detected security threat.

Some details in this block (for example, task names or the number of threats detected) are links that, when clicked, take you to the node of the relevant task or open the task log.

The Kaspersky Security Network Usage section displays current task status, for example, Running, Stopped or Never performed. The indicator can take the following values:

Green color signifies that the KSN Usage task is running and file requests for statuses are being send to KSN.
Yellow color signifies that one of the Statements is accepted, but the task is not running; or the task is running, but file requests are not sent to KSN.

Computer protection

The Computer protection section (see the table below) displays information about the device's current protection status.

Information about device protection status

Protection section	Information
Device protection status indicator	The color of the panel with the section name reflects the status of tasks being performed in the section. The indicator can take the following values: Green – This color is displayed by default and signifies that Real-Time File Protection component is installed and the task is running. Yellow – The Real-Time File Protection component is not installed, and the Critical Areas Scan task has not been performed for a long time. Red – Real-Time File Protection task is not running.
Real-Time File Protection	Task status – Current task status, for example, Running or Stopped. Detected – Number of objects detected by Kaspersky Embedded Systems Security for Windows. For example, if Kaspersky Embedded Systems Security for Windows detects the same malicious application in five files, the value in this field increases by one. If the number of detected malicious applications exceeds 0, the value is highlighted in red.
Critical Areas Scan	Last scan date – Date and time of the last Critical Areas Scan for viruses and other computer security threats. Never performed – an event that occurs when the Critical Areas Scan task has not been performed in the last 30 days or longer (default value). You can change the threshold for generating this event.
Exploit prevention	Status – current status of exploit prevention techniques, for example, Applied or Not applied. Prevention mode – one of two available modes, selected during configuration of process memory protection: Terminate on exploit or Statistics only. Processes protected – the total number of processes added to the protection scope and handled in accordance with the selected mode.
Backed up objects	Backup free space threshold exceeded – This event occurs when the amount of free space in Backup is approaching the specified limit. Kaspersky Embedded Systems Security for Windows continues to move objects to Backup. In this case, the value in the Space used field is highlighted in yellow. Maximum Backup size exceeded – this event occurs when the Backup size has reached the specified limit. Kaspersky Embedded Systems Security for Windows continues to move objects to Backup. In this case, the value in the Space used field is highlighted in red. Backed up objects – Number of objects currently in Backup. Space used – amount of Backup space used.

Update

The Update section (see the table below) displays information about how current databases and application modules are.

Information about the status of Kaspersky Embedded Systems Security for Windows databases and modules

Update section	Information
Status indicator of databases and software modules	The color of the panel with the section name reflects the status of application databases and modules. The indicator can take the following values: Green – This color is displayed by default and signifies that application databases are up to date and that the last database update task was completed successfully. Yellow – Databases are out of date, or the last database update task failed. Red – The event Application database is extremely out of date or Application database is corrupted has occurred.
Database Update and Software Modules Update	Database status – an evaluation of the Database Update status. The option can take the following values: Application database is up to date – application databases were updated no more than 7 days ago (default). Application database is out of date – application databases were updated between 7 and 14 days ago (default). Application database is extremely out of date – Application databases were updated more than 14 days ago (default). You can change the thresholds for generating the Application database is up to date and Application database is extremely out of date events. Database release date – the date and time of release of the latest databases update. The date and time are specified in UTC format. Status of the latest completed Database Update task – Date and time of the latest database update. The date and time are specified according to the local time of the protected device. The field is red if the Failed event occurred. Number of module updates available – the number of Kaspersky Embedded Systems Security for Windows module updates available to be downloaded and installed. Number of module updates installed – the number of installed Kaspersky Embedded Systems Security for Windows module updates.

Update section

Information

Status indicator of databases and software modules

The color of the panel with the section name reflects the status of application databases and modules. The indicator can take the following values:

Green – This color is displayed by default and signifies that application databases are up to date and that the last database update task was completed successfully.
Yellow – Databases are out of date, or the last database update task failed.
Red – The event Application database is extremely out of date or Application database is corrupted has occurred.

Database Update and Software Modules Update

Database status – an evaluation of the Database Update status.

The option can take the following values:

Application database is up to date – application databases were updated no more than 7 days ago (default).
Application database is out of date – application databases were updated between 7 and 14 days ago (default).
Application database is extremely out of date – Application databases were updated more than 14 days ago (default).
You can change the thresholds for generating the Application database is up to date and Application database is extremely out of date events.

Database release date – the date and time of release of the latest databases update. The date and time are specified in UTC format.

Status of the latest completed Database Update task – Date and time of the latest database update. The date and time are specified according to the local time of the protected device. The field is red if the Failed event occurred.

Number of module updates available – the number of Kaspersky Embedded Systems Security for Windows module updates available to be downloaded and installed.

Number of module updates installed – the number of installed Kaspersky Embedded Systems Security for Windows module updates.

Control

The Control section (see table below) displays information about the Applications Launch Control, Device Control, and Firewall Management tasks.

Information about protected device control status

Control section	Information
Status indicator for protected device control	The color of the panel with the section name reflects the status of tasks being performed in the section. The indicator can take the following values: Green – This color is displayed by default and signifies that the Applications Launch Control component is installed and the task is running in the Active mode. Yellow – Applications Launch Control is running in the Statistics only mode. Red – The Applications Launch Control task is not running or failed.
Applications Launch Control	Task status – Current task status, for example, Running or Stopped. Operation mode – one of the two available modes for the Applications Launch Control task: Active or Statistics only. Applications launches denied – the number of attempts to start applications blocked by Kaspersky Embedded Systems Security for Windows during the Applications Launch Control task. If the number of blocked application launches exceeds 0, the field is red. Average processing time (ms) – Time taken by Kaspersky Embedded Systems Security for Windows to process an attempt to start applications on the protected device.
Device control	Task status – Current task status, for example, Running or Stopped. Operation mode – one of the two available modes for the Device Control task: Active or Statistics only. Devices blocked – the number of attempts to connect an external device, that were blocked by Kaspersky Embedded Systems Security for Windows during the Device Control task. If the number of blocked external devices exceeds 0, the field value is colored in red.
Firewall Management	Task status – Current task status, for example, Running or Stopped. Connection attempts blocked – the number of connections to a protected device that were blocked by the specified firewall rules.

Diagnostics

The Diagnostics section (see the table below) displays information about the File Integrity Monitor and Log Inspection tasks.

Information about System Inspection status

Diagnostics section	Information
Diagnostics status indicator	The color of the panel with the section name reflects the status of tasks being performed in the section. The indicator can take the following values: Green – This color is displayed by default and signifies that one or both system inspection components are installed and tasks are running. Yellow – both components are installed, but one of the system inspection tasks is not running; the Not running event occurs. Red – one of the tasks failed.
File Integrity Monitor	Task status – Current task status, for example, Running or Stopped. Non-sanctioned file operations – The number of changes to files within the monitoring scope. These changes may indicate that the security of a protected device has been breached.
Log Inspection	Task status – Current task status, for example, Running or Stopped. Violations of the configured rules – Number of recorded violations based on data from the Windows Event Log. This number is determined based on the specified task rules or using the heuristic analyzer.

The Kaspersky Embedded Systems Security for Windows licensing information is displayed in the row in the bottom-left corner of the details pane of the Kaspersky Embedded Systems Security for Windows node.

You can configure Kaspersky Embedded Systems Security for Windows properties by following the Application properties link.

You can connect to a different protected device by following the Connect to another computer link.

Kaspersky Professional Services

Implementation services. Health check and security system configuration. Contact us if you need expert help.

Kaspersky Premium Support (MSA): High‑priority incident processing

Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.