About predefined security levels
August 3, 2023
ID 146663
One of the following predefined security levels for the nodes selected either in the protected device's file resource tree or file resource list can be applied: Maximum performance, Recommended, and Maximum protection. Each of these levels contains its own predefined set of security settings (see the table below).
Maximum performance
The Maximum performance security level is recommended if your network has additional protected device security measures, for example, firewalls and existing security policies, beyond using Kaspersky Industrial CyberSecurity for Nodes on protected devices.
Recommended
The Recommended security level ensures the best combination of protection and performance impact on devices. Kaspersky experts recommend this level as adequate to protect devices on most corporate networks. The Recommended security level is set by default.
Maximum protection
The Maximum protection security level is recommended if your organization's network has elevated device security requirements.
Notify only
The Notify only security level is recommended if there are potentially many infected computers in the corporate network and blocking them could significantly disrupt the operation of the organization.
Preset security levels and corresponding setting values
Options | Security level | |||
---|---|---|---|---|
Maximum performance | Recommended | Maximum protection | Notify only | |
Objects protection | By extension | By format | By format | By format |
Protect only new and modified files | Enabled | Enabled | Disabled | Enabled |
Action to perform on infected and other objects | Block access and disinfect. Remove, if disinfection fails | Block access and perform action recommended by Kaspersky experts | Block access and disinfect. Remove, if disinfection fails | Notify only |
Action to perform on probably infected objects | Block access and quarantine | Block access and perform action recommended by Kaspersky experts | Block access and quarantine | Notify only |
System-critical objects are files required for the operation of the operating system and Kaspersky Industrial CyberSecurity for Nodes. These files can not be deleted. Processes associated with such objects cannot be terminated. | ||||
Exclude files | No | No | No | No |
Do not detect | No | No | No | No |
Stop scanning if it takes longer than (sec.) | 60 sec. | 60 sec. | 60 sec. | 60 sec. |
Do not scan compound objects larger than (MB) | 8 MB | 8 MB | Not set | 8 MB |
Scan alternate NTFS streams | Yes | Yes | Yes | Yes |
Scan disk boot sectors and MBR | Yes | Yes | Yes | Yes |
Compound objects protection |
* New and modified objects only |
* New and modified objects only |
* All objects |
* New and modified objects only |
Entirely remove compound file that cannot be modified by the application in case of embedded object detection | No | No | Yes | No |
The Objects protection, Use iChecker technology, Use iSwift technology, and Use heuristic analyzer settings are not included in the settings of the predefined security levels. If you edit the Objects protection, Use iChecker technology, Use iSwift technology, or Use heuristic analyzer security settings after selecting one of the predefined security levels, the security level that you have selected will not change.