Enabling and disabling the Network Attack Blocker feature

To enable or disable the Network Attack Blocker feature:

1. In the Kaspersky Security Center Administration Console, open the properties of the policy whose scope includes the relevant virtual machines:
   1. In the console tree, select the folder or administration group in which the policy was created.
   2. In the workspace, select the Policies tab.
   3. Select a policy in the list of policies and double-click the policy to open the Properties: <Policy name> window.
2. In the policy properties window, in the Network threat protection section, select the Intrusion Prevention subsection.
3. Do one of the following:
   • Select the Detect network attacks check box if you want Kaspersky Security to scan the traffic of protected virtual machines for activity typical of network attacks.

     If the check box is selected, when Kaspersky Security detects an attempted network attack on a protected virtual machine it performs the action defined in application settings. If network protection is working in the standard mode, by default Kaspersky Security terminates the connection between the protected virtual machine and the IP address from which the network attack originated, and also blocks traffic from this IP address for 60 minutes. You can modify this action and the traffic blocking period. If network protection is working in the monitoring mode, Kaspersky Security does not perform any actions to prevent a network attack.

   • Clear the Detect network attacks check box if you do not want Kaspersky Security to scan the traffic of protected virtual machines for activity that is typical of network attacks.
4. In the Properties: <Policy name> window, click OK.