Configuring Real-Time File Protection task

Predefined security level can not be changed for the Real-Time File Protection task via the Web Plug-in.

To configure Real-Time File Protection task via the Web Plug-in:

1. In the main window of the Web Console, select Devices → Policies & profiles.
2. Click the policy name you want to configure.
3. In the <Policy name> window that opens select the Application settings tab.
4. Select the Real-time server protection section.
5. Click Settings in the Real-Time File Protection subsection.
6. Configure the settings described in the table below.

   Real-Time File Protection task settings

   Setting	Description
   Smart mode	Kaspersky Security for Windows Server selects objects to be scanned on its own. An object is scanned on being opened and then again after being saved if the object has been modified. If the object is accessed multiple times and modified by the process, Kaspersky Security for Windows Server rescans the object only after the object is saved by the process for the last time.
   On access	Kaspersky Security for Windows Server scans all objects when they are opened for reading, execution, or modification.
   On access and modification	Kaspersky Security for Windows Server scans an object when it is opened and rescans after it is saved, if the object was modified. This option is selected by default.
   When run	Kaspersky Security for Windows Server scans a file only when it is accessed to be executed.
   Deeper analysis of launching processes (process launch is blocked until the analysis ends)	Kaspersky Security for Windows Server performs longer analysis of launching processes with higher probability to detect a threat. The process launch is blocked until the end of analysis.
   Use Heuristic Analyzer	This check box enables / disables Heuristic Analyzer during object scanning. If the check box is selected, Heuristic Analyzer is enabled. If the check box is cleared, Heuristic Analyzer is disabled. The check box is selected by default.
   Heuristic analysis level	The heuristic analysis level sets the balance between the thoroughness of searches for threats, the load on the operating system's resources and the time required for scanning. The following scanning sensitivity levels are available: Light. Heuristic Analyzer performs fewer instructions within executable files. The probability of threat detection in this mode is somewhat lower. Scanning is faster and less resource-intensive. Medium. Heuristic Analyzer performs the number of executable file instructions recommended by Kaspersky experts. This level is selected by default. Deep. Heuristic Analyzer performs more instructions within executable files. The probability of threat detection in this mode is higher. Scanning uses more system resources, takes more time, and can produce a higher number of false alarms. The setting is available if the Use heuristic analyzer check box is selected.
   Apply Trusted Zone	This check box enables / disables use of the Trusted Zone for a task. If the check box is selected, Kaspersky Security for Windows Server adds file operations of trusted processes to the scan exclusions configured in the task settings. If the check box is cleared, Kaspersky Security for Windows Server disregards the file operations of trusted processes when forming the protection scope for the task. The check box is selected by default.
   Use KSN for protection	This check box enables or disables the use of KSN services. If the check box is selected, the application uses Kaspersky Security Network data to ensure that the application responds more quickly to new threats and to reduce the likelihood of false positives. If the check box is cleared, the task does not use KSN services. The check box is selected by default.
   Block access to network shared resources for the hosts that show malicious activity	The check box enables or disables adding hosts showing malicious activity to the list of blocked hosts. If the check box is selected, Kaspersky Security for Windows Server adds hosts showing malicious activity to the list of blocked hosts. If the check box is cleared, Kaspersky Security for Windows Server does not add hosts showing malicious activity to the list of blocked hosts. The check box is cleared by default. You can view the list of blocked hosts in the Blocked Hosts storage. You can restore access to blocked hosts, and specify the number of days, hours and minutes after which hosts regain access to network file resources after being blocked by configuring the Blocked Hosts storage settings.
   Launch critical areas scan when active infection is detected	If the check box is selected, when active infection is detected, Kaspersky Security for Windows Server creates and launches a temporary Critical Areas Scan task. When the Critical Areas Scan temporary task finishes, Kaspersky Security for Windows Server removes this temporary task. If the check box is cleared, when active infection is detected, Kaspersky Security for Windows Server does not create and launch Critical Areas Scan task. The check box is selected by default.
   Use Kaspersky Sandbox for protection	This check box enables or disables the use of Kaspersky Sandbox. If the check box is selected, Kaspersky Endpoint Agent sends objects to Kaspersky Sandbox. Kaspersky Sandbox analyzes the behavior of these objects to identify malicious activity and signs of targeted attacks. If the check box is cleared, the task does not send objects to Kaspersky Sandbox. The check box is cleared by default.
   Protection scope	You can configure security settings of the protection scope.