Support

Support for business applications

Kaspersky Anti Targeted Attack (KATA) Platform

Managing user-defined Sandbox rules

Editing a user-defined Sandbox rule

Kaspersky Anti Targeted Attack (KATA) Platform
Нет результатов
Knowledge Base Online Help
FAQ Download Forum Contact support Recovery tools

Editing a user-defined Sandbox rule

8 November 2023

ID 246770

To edit a user-defined Sandbox rule:

  1. In the window of the application web interface, select the Custom rules section, Sandbox subsection.
  2. Go to the Files or URLs tab.

    The table of user-defined Sandbox rules for file or URL scanning is displayed.

  3. Select a rule.

This opens the rule editing window.

You can edit the following fields:

  • In the user-defined Sandbox rules for scanning files:
    • State is the state of the prevention rule. Select the check box if you want to enable the rule.
    • Virtual machine is the virtual machine on which files will be scanned in accordance with this rule.

      Only virtual machines with custom operating system images can be selected. These virtual machines must belong to the set of operating systems selected on the Central Node.

    • Specify at least one of the values: mask or file category. If you fill in all the fields, the rule is triggered for files that match the category and size conditions or mask and size conditions, and are not exclusions.
      • Mask is the mask of files that you want to send for scanning. You can specify multiple values.

        To specify a mask, you can use the * and ? wildcard characters. Other wildcard characters are not supported.

      • Mask exclusion is the mask of files that must be excluded from scanning. You can specify multiple values.

        To specify an exclusion mask, you can use the * and ? wildcard characters. Other wildcard characters are not supported.

      • File category are categories of files that you want to send for scanning. You can specify multiple categories.

        You can view the full list of extensions for each category in the List of extensions for file categories section.

      • File size is the size of the files being scanned.

        If you want to set multiple ranges, click Add file size.

  • In the user-defined Sandbox rules for scanning URLs:
    • Virtual machine is the virtual machine on which URLs will be scanned.

      Only virtual machines with custom operating system images can be selected. These virtual machines must belong to the set of operating systems selected on the Central Node.

    • State is the state of the prevention rule. Select the check box if you want to enable the rule.

Kaspersky Professional Services
Implementation services. Health check and security system configuration. Contact us if you need expert help.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.