Configuring Real-Time File Protection task

Predefined security level can not be changed for the Real-Time File Protection task via the Web Plug-in.

To configure Real-Time File Protection task via the Web Plug-in:

1. In the main window of the Kaspersky Security Center Web Console, select Devices → Policies & profiles.
2. Click the policy name you want to configure.
3. In the <Policy name> window that opens select the Application settings tab.
4. Select the Real-time computer protection section.
5. Click Settings in the Real-Time File Protection subsection.
6. Configure the settings described in the table below.

   Real-Time File Protection task settings

   Setting	Description
   Smart mode	Kaspersky Embedded Systems Security for Windows selects objects to be scanned on its own. An object is scanned on being opened and then again after being saved if the object has been modified. If the object is accessed multiple times and modified by the process, Kaspersky Embedded Systems Security for Windows rescans the object only after the object is saved by the process for the last time.
   On access	Kaspersky Embedded Systems Security for Windows scans all objects when they are opened for reading, execution, or modification.
   On access and modification	Kaspersky Embedded Systems Security for Windows scans an object when it is opened and rescans after it is saved, if the object was modified. This option is selected by default.
   When run	Kaspersky Embedded Systems Security for Windows scans a file only when it is accessed to be executed.
   Deeper analysis of launching processes (process launch is blocked until the analysis ends) Kaspersky Embedded Systems Security for Windows performs longer analysis of launching processes with higher probability to detect a threat. The process launch is blocked until the end of analysis.	Kaspersky Embedded Systems Security for Windows performs longer analysis of launching processes with higher probability to detect a threat. The process launch is blocked until the end of analysis.
   Use Heuristic Analyzer	This check box enables / disables Heuristic Analyzer during object scanning. If the check box is selected, Heuristic Analyzer is enabled. If the check box is cleared, Heuristic Analyzer is disabled. The check box is selected by default.
   Heuristic analysis level	The heuristic analysis level sets the balance between the thoroughness of searches for threats, the load on the operating system's resources and the time required for scanning. The following scanning sensitivity levels are available: Light. Heuristic Analyzer performs fewer instructions within executable files. The probability of threat detection in this mode is somewhat lower. Scanning is faster and less resource-intensive. Medium. Heuristic Analyzer performs the number of executable file instructions recommended by Kaspersky experts. This level is selected by default. Deep. Heuristic Analyzer performs more instructions within executable files. The probability of threat detection in this mode is higher. Scanning uses more system resources, takes more time, and can produce a higher number of false alarms. The setting is available if the Use heuristic analyzer check box is selected.
   Apply Trusted Zone	This check box enables / disables use of the Trusted Zone for a task. If the check box is selected, Kaspersky Embedded Systems Security for Windows adds file operations of trusted processes to the scan exclusions configured in the task settings. If the check box is cleared, Kaspersky Embedded Systems Security for Windows disregards the file operations of trusted processes when forming the protection scope for the task. The check box is selected by default.
   Use KSN for protection	This check box enables or disables the use of KSN services. If the check box is selected, the application uses Kaspersky Security Network data to ensure that the application responds more quickly to new threats and to reduce the likelihood of false positives. If the check box is cleared, the task does not use KSN services. The check box is selected by default.
   Block access to network shared resources for the network sessions showing malicious activity	The check box enables or disables blocking current session and controls the availability of network shared resources in terms of current session. If the check box is selected, Kaspersky Embedded Systems Security for Windows blocks current session and, in terms of current session, makes network shared resources unavailable for hosts for which malicious activity was detected in the Blocked hosts storage section If the check box is cleared, conditions are not applied and Kaspersky Embedded Systems Security for Windows functions typically. By default, the check box is cleared. You can view the list of blocked hosts in the Blocked Hosts storage. You can restore access to blocked hosts, and specify the number of days, hours, and minutes after which hosts regain access to network file resources after being blocked by configuring the Blocked Hosts storage settings.
   Launch critical areas scan when active infection is detected	If the check box is selected, when active infection is detected, Kaspersky Embedded Systems Security for Windows creates and launches a temporary Critical Areas Scan task. When the Critical Areas Scan temporary task finishes, Kaspersky Embedded Systems Security for Windows removes this temporary task. If the check box is cleared, when active infection is detected, Kaspersky Embedded Systems Security for Windows does not create and launch Critical Areas Scan task. The check box is selected by default.
   Protection scope	You can configure security settings of the protection scope.