Support

Support for business applications

Kaspersky Security 11.x for Windows Server

Applications Launch Control

Default Applications Launch Control task settings

Kaspersky Security 11.x for Windows Server
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

Default Applications Launch Control task settings

June 10, 2022

ID 181592

Save as PDF

By default, the Applications Launch Control task has the settings described in the table below. You can change the values of these settings.

Default Applications Launch Control task settings

Setting

Default value

Description

Task mode

Statistics only. The task records denied launch events and allowed launch events based on the set rules. Application launch is not actually denied.

You can select Active mode after the final list of rules is generated.

Repeat action taken for the first file launch on all the subsequent launches for this file

Applied

You can repeat actions taken for the first file launch on all the subsequent launches for this file.

Deny the command interpreters launch with no command to execute

Not applied.

You can deny launch of command interpreters with no command to execute.

Rules managing

Replace local rules with policy rules

You can select a mode in which rules specified in a policy are applied together with the rules on the protected device.

Rules usage scope

The task controls the launch of executable files, scripts, and MSI packages. It also monitors loading of DLL modules.

You can specify the file types for which launch is controlled by rules.

KSN Usage

KSN application reputation data is not used.

You can use KSN application reputation data when running the Applications Launch Control task.

Automatically allow software distribution via applications and packages listed

Not applied.

You can allow software distribution using the installers and applications specified in the settings. By default, software distribution is only allowed using the Windows Installer service.

Always allow software distribution via Windows Installer

Applied (can be changed only when the Automatically allow software distribution via applications and packages listed setting is enabled).

You can allow any software installation or update if the operations are performed via Windows Installer.

Always allow software distribution via SCCM using the Background Intelligent Transfer Service

Not applied (can be changed only when the Automatically allow software distribution via applications and packages listed setting is enabled).

You can turn on or off automatic software distribution using the System Center Configuration Manager.

Task start

First run is not scheduled.

The Applications Launch Control task does not start automatically at start of Kaspersky Security for Windows Server. You can start the task manually or configure a scheduled start.

Rule Generator for Applications Launch Control task default settings

Setting

Default Value

Description

Prefix for allowing rules names

Identical to the name of the protected device on which Kaspersky Security for Windows Server is installed.

You can change the prefix for names of allowing rules.

Allowing rules usage scope

The scope of allowing rules includes the following file categories by default:

  • Files with the EXE extension located in the folders C:\Windows, C:\Program Files (x86) and C:\Program Files
  • MSI packages stored in the C:\Windows folder
  • Scripts stored in the C:\Windows folder

    The task also creates rules for all running applications, regardless of their location and format.

You can change the protection scope by adding or removing folder paths and specifying the types of files that will be allowed to launch by the automatically generated rules. You can also ignore running applications when creating allowing rules.

Criteria for generation of allowing rules

The digital certificate subject and thumbprint are used; rules are generated for all users and groups of users.

You can use the SHA256 hash when generating allowing rules.

You can select a user and group of users for which allowing rules need to be automatically generated.

Actions upon task completion

Allowing rules are added to the list of Applications Launch Control rules; new rules are merged with existing rules; duplicate rules are removed.

You can add rules to the existing rules without merging them and without deleting duplicate rules, or replace existing rules with the new allowing rules, or configure export of the allowing rules to a file.

Task launch settings with permissions

The task is started under a system account.

You can allow the Rule Generator for Applications Launch Control task to start under a system account or using the permissions of a specified user.

Task start schedule

First run is not scheduled.

The Rule Generator for Applications Launch Control task does not start automatically when Kaspersky Security for Windows Server starts. You can start the task manually or configure a scheduled start.

Kaspersky Security for Windows Server: Prompt detection of all kinds of threats
Launch control and exploit prevention for businesses of all sizes. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.