Support

Support for business applications

Kaspersky Security 11.x for Windows Server

Applications Launch Control

About KSN usage for the Applications Launch Control task

Kaspersky Security 11.x for Windows Server
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

About KSN usage for the Applications Launch Control task

June 10, 2022

ID 178435

Save as PDF

To start the KSN Usage task, you must accept the KSN Statement.

If KSN data about an application’s reputation is used by the Applications Launch Control task, the KSN application reputation is considered a criterion for allowing or denying launch of that application. If KSN reports to Kaspersky Security for Windows Server that an application is untrusted when the user attempts to launch the application, the application launch is denied. If KSN reports to Kaspersky Security for Windows Server that the application is trusted when the user attempts to launch the application, the application launch is allowed. KSN can be used along with Applications Launch Control rules or as an independent criterion for denying launch of applications.

Using KSN conclusions as independent criterion for denying application launch

This scenario lets you securely control application launches on a protected device without requiring advanced configuration of the rule list.

You can apply KSN conclusions to Kaspersky Security for Windows Server together with the only specified rule. The application will only allow the start of applications that are trusted in KSN or are allowed by a specified rule.

For such a scenario, we recommend that you set a rule allowing start of the application based on a digital certificate.

All other applications are denied in accordance with the Default Deny policy. Using KSN when no rules are applied protects a device from applications that KSN considers to be a threat.

Using KSN conclusions simultaneously with Applications Launch Control rules

When using KSN conclusions simultaneously with Applications Launch Control rules, the following conditions apply:

  • Kaspersky Security for Windows Server always denies launch of an application if it is included in the scope of at least one denying rule. If the application is considered trusted by KSN, the corresponding conclusion has a lower priority and is not considered; the application launch will still be denied. This lets you expand the list of blocked applications.
  • Kaspersky Security for Windows Server always denies the launch of an application if the launch of applications not trusted in KSN is prohibited and the application is not trusted in KSN. If an allowing rule is set for the application, it has a lower priority and is not considered; the application launch will still be denied. This protects the device from applications that KSN considers to be a threat but were not considered during initial configuration of the rules.

Kaspersky Security for Windows Server: Prompt detection of all kinds of threats
Launch control and exploit prevention for businesses of all sizes. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.