How to configure a trusted zone in Kaspersky Security Center
Latest update: August 14, 2023
ID: 14085
Show applications and versions that this article concerns
- Kaspersky Security Center 14.2 (version 14.2.0.26967)
- Kaspersky Security Center 14.0 (version 14.0.0.10902)
- Kaspersky Security Center 13.2 (version 13.2.0.1511)
- Kaspersky Security Center 13.1 (version 13.1.0.8324)
- Kaspersky Security Center 13 (version 13.0.0.11247)
A trusted zone is a list of files, folders and applications which Kaspersky Endpoint Security for Windows doesn’t scan.
In Kaspersky Security Center, you can remotely adjust a trusted zone:
- Exclude files of certain formats, files by mask, or specific files, folders or processes from the scan scope.
- Add applications to the list of trusted applications.
How to exclude files and folders from scan scope of Kaspersky Endpoint Security for Windows
- Open Kaspersky Security Center.
- Go to Policies.
- Right-click the needed Kaspersky Endpoint Security for Windows policy and click Properties.
- Go to General Settings → Exclusions.
- Navigate to the Scan exclusions and trusted applications block and click Settings.
- Go to the Scan exclusions tab and click Add.
- Set the properties of scan exclusions:
- To exclude a file or folder from scan, select the File or folder check box; in the frame below, click select file or folder..., then enter the name or mask of a file or folder. If you need to add subfolders to the exclusions, set the Including subfolders check box.
- To exclude specific objects from scan, select the Object name check box. In the lower frame, click enter object name..., then enter the name or name mask for the object according to the Virus Encyclopedia classification.
- To exclude an object with a specific hash sum, select the Object hash check box. In the lower frame, click enter object hash... and enter the SHA256 for the object according to the Virus Encyclopedia classification.
- If you want the exclusion to be applied to specific protection components only, click any → select components... and select the check boxes beside the components you want the scan exclusion to be applied to.
- Click OK.
How to add an application to trusted in Kaspersky Endpoint Security for Windows
- Open Kaspersky Security Center.
- Go to Policies.
- Right-click the needed Kaspersky Endpoint Security for Windows policy and click Properties.
- Go to General Settings → Exclusions.
- Navigate to the Scan exclusions and trusted applications block and click Settings.
- Go to the Trusted applications tab and click Add.
- Enter the path to the executable file and select the check boxes for actions:
- Do not scan opened files. Files opened by trusted applications are not scanned.
- Do not monitor application activity. File and network activity of applications are not controlled.
- Do not inherit restrictions of the parent process (application). Application activity is controlled according to the rules set by a system administrator.
- Do not monitor child application activity. File and network activity of child applications are not controlled.
- Allow interaction with the application interface. Management of Kaspersky Endpoint Security for Windows through remote access tools (e.g. Remote Administrator) is allowed.
- Do not block interaction with AMSI Protection component. Requests of trusted applications to scan objects are not controlled by AMSI Protection component.
- Do not scan network traffic. Incoming and outgoing traffic from trusted applications is not scanned.
- Click ОК.