Appendix. Correspondence of KSWS and KES settings
When migrating policies and tasks, KES is configured in accordance with KSWS settings. Settings of application components that KSWS does not have are set to default values.
Application settings
Scalability, interface and scanning settings
Application settings are not supported in Kaspersky Endpoint Security for Windows.
Application settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Scalability settings | (not supported) Kaspersky Endpoint Security manages all work processes. |
Show System Tray Icon | (not supported) On a client computer, the main window of Kaspersky Endpoint Security and the icon in the Windows notification area are available by default. In the context menu of the icon, the user can perform operations with Kaspersky Endpoint Security. Kaspersky Endpoint Security also displays notifications above the application icon. You can configure user interaction in the application interface settings. |
Restore file attributes after scanning | (not supported) Kaspersky Endpoint Security automatically restores file attributes after scanning a file. |
Limit CPU usage for scanning threads | (not supported) Kaspersky Endpoint Security does not limit CPU usage when scanning. You can configure the task to run when the computer is operating under minimum load. |
Folder for temporary files created during scanning | (not supported) Kaspersky Endpoint Security places the temporary files in the C:\Windows\Temp folder. |
HSM system settings | (not supported) Kaspersky Endpoint Security does not support HSM systems. |
KSWS security settings are migrated to the General settings section, Application settings and Interface subsections.
Application security settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Protect application processes from external threats | Enable Self-Defense (Application settings subsection) |
Apply password protection | (not supported) Kaspersky Endpoint Security has a built-in Password protection feature (see the Interface subsection). |
Perform task recovery | (not supported) Kaspersky Endpoint Security only automatically restores Virus Scan tasks. Kaspersky Endpoint Security runs other tasks on a schedule. |
Do not start scheduled scan tasks | Postpone scheduled tasks while running on battery power (Application settings subsection) |
Stop current scan tasks | (not supported) When the computer becomes powered by an UPS, Kaspersky Endpoint Security does not stop scan tasks that are already running. |
Administration Server interaction settings are migrated to the General settings section, Network settings and Application settings subsections.
Administration Server interaction settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Proxy server settings | Proxy server (Network settings subsection) |
Do not use proxy server for local addresses | Bypass proxy server for local addresses (Network settings subsection) |
Proxy server authentication settings | Use proxy server authentication (Network settings subsection) Kaspersky Endpoint Security does not support NTLM authentication. If NTLM authentication is enabled in KSWS settings, after migration, you must configure proxy server authentication and configure a user name and a password. The proxy server authentication password is not migrated. After a policy is migrated, the password must be entered manually. |
Use Kaspersky Security Center as a proxy server when activating the application | Use Kaspersky Security Center as proxy server for activation (Application settings subsection) |
Kaspersky Endpoint Security ignores the settings for running local system tasks of Kaspersky Security for Windows Server. You can configure the use of local KES tasks under Local Tasks, Task management. You can also configure a schedule for running the Virus Scan and Database Update tasks in the properties of these tasks.
Supplementary
KSWS trusted zone settings are migrated to the General settings section, Exclusions subsection.
Trusted zone settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Object to scan (Exclusions) | Scan exclusions (Scan exclusions) The methods used by KSWS and KES for selecting objects differ. When migrating, KES supports exclusions defined as individual files or paths to file / folder. If KSWS has exclusions configured as a predefined area or a script URL, such exclusions are not migrated. After migration, you must add such exclusions manually. |
Apply also to subfolders (Exclusions) | Including subfolders (Scan exclusions) |
Objects to detect (Exclusions) | Object name (Scan exclusions) |
Exclusion usage scope (Exclusions) | Protection components (Scan exclusions) If at least one component is selected in KSWS, KES applies the exclusions to all application components. |
Comment (Exclusions) | Comment (Scan exclusions) |
Trusted process (Trusted process) | Trusted applications Trusted process / application selection methods differ in KSWS and KES. When migrating, KES supports trusted applications configured as a path to the executable file or mask. If KSWS has trusted processes configured as a file has, such trusted processes are not migrated. After migration, you must add such trusted processes manually. |
Do not check file backup operations (Trusted process) | Do not monitor application activity (Trusted applications) |
Removable Drives Scan settings are migrated to the Local Tasks section, Removable drives scan subsection.
Removable Drives Scan settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Scan removable drives on connection via USB | Action when a removable drive is connected |
Scan removable drives if its stored data volume does not exceed (MB) | Maximum removable drive size |
Scan with security level:
| Action when a removable drive is connected:
KSWS security levels correspond to KES scan modes as follows:
|
User permissions for application management
Kaspersky Endpoint Security does not support assigning user access permissions for application management and application service management. You can configure access settings for users and user groups for managing the application in Kaspersky Security Center.
User access permissions for Kaspersky Security Service management
Kaspersky Endpoint Security does not support assigning user access permissions for application management and application service management. You can configure access settings for users and user groups for managing the application in Kaspersky Security Center.
KSWS storage settings are migrated to General settings section, Reports and Storage subsection, and to Essential Threat Protection section, Network Threat Protection subsection.
Storage settings
Kaspersky Security for Windows Security settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Backup folder | (not supported) Kaspersky Endpoint Security saves backup copies of files in the C:\ProgramData\Kaspersky Lab\KES.21.7\QB folder. |
Maximum Backup size (MB) | Limit the size of Backup to N MB (General settings → Reports and Storage section) |
Threshold value for space available (MB) | (not supported) Kaspersky Endpoint Security logs the Quarantine storage is almost out of space event when the 50 % threshold is reached. |
Target folder for restoring objects | (not supported) Kaspersky Endpoint Security restores files to their original folder. |
Quarantine folder | (not supported) Kaspersky Endpoint Security saves backup copies of files in the C:\ProgramData\Kaspersky Lab\KES.21.7\QB folder. |
Maximum Quarantine size (MB) | (not supported) Kaspersky Endpoint Security uses Backup to store probably infected objects. During migration, Kaspersky Endpoint Security ignores Quarantine settings. |
Threshold value for space available (MB) | (not supported) Kaspersky Endpoint Security uses Backup to store probably infected objects. During migration, Kaspersky Endpoint Security ignores Quarantine settings. |
Target folder for restoring objects | (not supported) Kaspersky Endpoint Security restores files to their original folder. |
Unblock automatically in N | Add the attacking computer to the list of blocked computers for N min. (Essential Threat Protection → Network Threat Protection section) |
Real-time server protection
KSWS Real-Time File Protection settings are migrated to the Essential Threat Protection section, File Threat Protection subsection.
Real-Time File Protection settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Objects protection mode:
| Scan mode:
|
Deeper analysis of launching processes | (not supported) Kaspersky Endpoint Security supports only one analysis mode, the optimal mode. |
Heuristic analyzer:
| Heuristic Analysis:
|
Apply Trusted Zone | (not supported) Kaspersky Endpoint Security applies the trusted zone to all components. You can configure exclusions in trusted zone settings. |
Use KSN for protection | (not supported) Kaspersky Endpoint Security uses KSN for all application components. |
Block access to network shared resources for the hosts that show malicious activity | (not supported) By default, Kaspersky Endpoint Security blocks access to network shared resources for hosts that show malicious activity. |
Launch critical areas scan when active infection is detected | (not supported) Kaspersky Endpoint Security does not launch the critical areas scan task when active infection is detected. |
Use Kaspersky Sandbox for protection | (not supported) By default, Kaspersky Endpoint Security sends objects for scanning to Kaspersky Sandbox. |
Protection scope | File Threat Protection scope |
Schedule settings | (not supported) Kaspersky Endpoint Security uses its own schedule for pausing File Threat Protection. |
KSWS settings for Kaspersky Security Network are migrated to the Advanced Threat Protection section, Kaspersky Security Network subsection.
Kaspersky Security Network settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
I confirm that I have fully read, understood, and accept the terms of participation in Kaspersky Security Network | Kaspersky Security Network Statement Kaspersky Endpoint Security requests consent to the Kaspersky Security Network Statement when the application is installed, a new policy is created, or Kaspersky Security Network usage is enabled. |
Send data about scanned files | (not supported) Kaspersky Endpoint Security sends data about scanned files automatically if KSN is enabled. |
Send data about requested URLs | (not supported) Kaspersky Endpoint Security sends data about requested URLs automatically if KSN is enabled. |
Send Kaspersky Security Network statistics | Enable extended KSN mode |
Accept the terms of the Kaspersky Managed Protection Statement | (not supported) Kaspersky Endpoint Security does not include the KMP service. |
Action to perform on KSN untrusted objects | (not supported) You can configure the Action on threat detection in Protection component settings and Scan task settings. |
Do not calculate checksum before sending to KSN if file size exceeds N MB | (not supported) You can configure large file scanning restrictions in Protection component settings and Scan task settings. |
Use Kaspersky Security Center as KSN Proxy | Use KSN Proxy |
Schedule settings | (not supported) It is not possible to configure a separate schedule for the component. The component is always on while Kaspersky Endpoint Security is operational. |
KSWS Traffic Security settings are migrated to the Essential Threat Protection section, Web Threat Protection and Mail Threat Protection subsection, Security Controls section, Web Control subsection, General settings section, Network settings subsection.
Traffic Security settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Apply URL-based rules | Web Control (Web Control subsection) URL-based rules are migrated to separate rules in Kaspersky Endpoint Security. |
Apply certificate-based rules | (not supported) Kaspersky Endpoint Security does not support certificate-based rules. |
Apply rules for web traffic category control | Web Control (Web Control subsection) Blocking rules for web traffic category control are migrated to a single blocking rule in Kaspersky Endpoint Security. Kaspersky Endpoint Security ignores allowing rules for category control. The correspondence of KSWS and KES categories is listed below. |
Allow access if the web page can not be categorized | (not supported) Kaspersky Endpoint Security allows access if the web page can not be categorized. |
Allow access to legitimate web resources that can be used to damage a protected device | (not supported) Kaspersky Endpoint Security allow access to legitimate web resources that can be used to damage the protected device. |
Allow access to legitimate advertisement | (not supported) You can manage access to legitimate advertisement using the Banners web resource category in Web Control settings. |
Operation mode | (not supported) Kaspersky Endpoint Security supports only the Driver Interceptor mode. |
ICAP-service connection settings | (not supported) Kaspersky Endpoint Security does not support ICAP Network Storage Protection. |
Check safe connections through the HTTPS protocol | Scan encrypted connections / Scan encrypted connections upon request from protection components mode (Network settings subsection) |
Use TLS protocol version | (not supported) Kaspersky Endpoint Security scans encrypted network traffic transmitted over the following protocols:
You can additionally block SSL 2.0 connections in encrypted connections scan settings. |
Do not trust web-servers with invalid certificate | When visiting a domain with an untrusted certificate (Network settings subsection) |
Intercept ports (Interception area) | Monitored ports (Network settings subsection) |
Exclude ports (Interception area) | Monitored ports (Network settings subsection) |
Exclude IP addresses (Interception area) | Trusted addresses (Network settings subsection) |
Exclude processes (Interception area) | Monitored ports (Network settings subsection) |
Security port | (not supported) |
Use malicious URL database to scan web links | Check the web address against the database of malicious web addresses (Web Threat Protection subsection) |
Use anti-phishing database to scan web pages | Check the web address against the database of phishing web addresses (Web Threat Protection subsection) |
Use KSN for protection | (not supported) Kaspersky Endpoint Security uses KSN for all application components. |
Use Trusted Zone | (not supported) Kaspersky Endpoint Security applies the trusted zone to all components. You can configure exclusions in trusted zone settings. |
Use heuristic analyzer | Use Heuristic Analysis (Web Threat Protection and Mail Threat Protection subsections) |
Security level | (not supported) Kaspersky Endpoint Security has its own security levels for Web Threat Protection and Mail Threat Protection components. By default, Kaspersky Endpoint Security sets the recommended security level. |
Enable mail threat protection | Mail Threat Protection (Mail Threat Protection subsection) Connect Microsoft Outlook extension Incoming messages only (Protection scope) Scan when receiving (Email protection) |
Schedule settings | (not supported) It is not possible to configure a separate schedule for the component. The component is always on while Kaspersky Endpoint Security is operational. |
KSWS Exploit Prevention settings are migrated to the Advanced Threat Protection section, Exploit Prevention subsection.
Exploit Prevention settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Prevent vulnerable processes exploit:
| On detecting exploit:
|
Notify about abused processes via Terminal Service | (not supported) Kaspersky Endpoint Security does not support terminal services. |
Prevent vulnerable processes exploit even if Kaspersky Security Service is disabled | (not supported) Kaspersky Endpoint Security constantly prevents vulnerable process exploits. |
Protected processes | Enable system process memory protection Kaspersky Endpoint Security does not support selecting protected processes. You can only enable system processes memory protection. |
Exploit prevention techniques:
| (not supported) Kaspersky Endpoint Security applies all available exploit prevention techniques. |
KSWS Network Threat Protection settings are migrated to the Essential Threat Protection section, Network Threat Protection subsection.
Network Threat Protection settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Processing mode:
| Network Threat Protection If Pass-through mode is selected, Network Threat Protection is disabled. If Only inform about network attacks mode or Block connections when attack is detected mode is selected, Network Threat Protection is enabled. Kaspersky Endpoint Security always works in the Block connections when attack is detected mode. |
Do not stop traffic analysis when the task is not running | (not supported) Kaspersky Endpoint Security analyses traffic continuously if the component is enabled. |
Do not control excluded IP-addresses | Exclusions |
Schedule settings | (not supported) It is not possible to configure a separate schedule for the component. The component is always on while Kaspersky Endpoint Security is operational. |
Kaspersky Endpoint Security does not support the Script Monitoring component. Script Monitoring is handled by other components, for example, AMSI Protection.
Kaspersky Endpoint Security does not support all categories of Kaspersky Security for Windows Server. Categories that do not exist in Kaspersky Endpoint Security are not migrated. Therefore, web resource classification rules with unsupported categories are not migrated.
Website categories
Kaspersky Security for Windows Server categories | Kaspersky Endpoint Security for Windows categories |
---|---|
Wargaming | Videogames |
Abortion | (not supported) |
Lotteries (extended) | Gambling, lotteries, sweepstakes |
Alcohol | Alcohol, tobacco, drugs |
Anonymous proxy servers | Anonymizers |
Anorexia | (not supported) |
Rentals for real estate | (not supported) |
Audio, video and software | Software, audio, video |
Banking | Banks |
Blogging | Blogs |
Military | Weapons, explosives, pyrotechnics |
For children | (not supported) |
Discrimination | Violence |
Home and family | (not supported) |
Hosting and domain services | Internet communication |
Pets and animals | (not supported) |
Law and politics | Forbidden by regional laws |
Restricted by Roskomnadzor (RF) | Forbidden by Russian Federation laws |
Restricted by Federal Law 436 (RF) | Forbidden by Russian Federation laws |
Restricted by RF legislation | Forbidden by Russian Federation laws |
Restricted by global legislation | Forbidden by regional laws |
Adult dating | Adult content |
Internet services | (not supported) |
Sex shops | Adult content |
Information technologies | (not supported) |
Casinos, card games | Gambling, lotteries, sweepstakes |
Books and writing | (not supported) |
Computer games | Videogames |
Health and beauty | (not supported) |
Culture and society | (not supported) |
LGBT | Adult content |
Lotteries | Gambling, lotteries, sweepstakes |
Medicine | (not supported) |
Fashion | (not supported) |
Music | (not supported) |
Drugs | Alcohol, tobacco, drugs |
Violence | Violence |
Discontent | (not supported) |
Illegal drugs | Alcohol, tobacco, drugs |
Hate and discrimination | Violence |
Obscene vocabulary | Profanity, obscenity |
Lingerie | Adult content |
News | News media |
Nudism | Adult content |
Education | (not supported) |
Online shopping | Online stores |
All communication media | Internet communication |
Payment by credit cards | Payment systems |
Online shopping (own payment system) | Online stores |
Online encyclopedias | (not supported) |
Online banking | Banks |
Weapons | Weapons, explosives, pyrotechnics |
Fishing and hunting | (not supported) |
Payment systems | Payment systems |
Job search sites | Job search |
Search engines | (not supported) |
Police decision (JP) | Forbidden by Police of Japan |
Trusted by KPSN | (not supported) |
Untrusted by KPSN | (not supported) |
Porn | Adult content |
Media hosting and streaming | News media |
Web Mail | Web-based mail |
Traveling | (not supported) |
TV and radio | News media |
Teasers and ads services | Banners |
Religion | Religions, religious associations |
Restaurants, cafe and food | (not supported) |
Non-adult dating | Dating sites |
Sex education | Adult content |
Social networks | Social networks |
Sport | (not supported) |
Betting | Gambling, lotteries, sweepstakes |
Suicide | Violence |
Tobacco | Alcohol, tobacco, drugs |
Torrents | Torrents |
Mentioned in Federal list of extremists (RF) | Forbidden by Russian Federation laws |
File sharing | File sharing |
Pharmacy | (not supported) |
Hobby and entertainment | (not supported) |
Chats and forums | Chats, forums, IM |
Schools and universities pages | (not supported) |
Astrology and esoterica | (not supported) |
Extremism and racism | Violence |
E-commerce | Online stores |
Erotic | Adult content |
Humor | (not supported) |
Local activity control
KSWS Application Control settings are migrated to the Security Controls section, Application Control subsection.
Application Control settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Operation mode:
| Action (Application Control):
|
Repeat action taken for the first file launch on all the subsequent launches for this file | (not supported) Kaspersky Endpoint Security scans the application every time it attempts to run. |
Deny the command interpreters launch with no command to execute | (not supported) Kaspersky Endpoint Security allows running command interpreters if they are not prohibited by Application Control. |
Rules | (not supported) Kaspersky Endpoint Security has its own tools for adding applications to Application Control rules. By default, Application Control creates two allow rules: Golden Image (enabled) and Trusted Updaters (disabled). |
Apply rules to executable files | (not supported) Kaspersky Endpoint Security allows creating Application Control rules in which you can select executable files. |
Monitor loading of DLL modules | Control DLL modules load (significantly increases the load on the system) |
Apply rules to scripts and MSI packages | (not supported) Kaspersky Endpoint Security allows creating Application Control rules in which you can use rules for scripts, MSI packages, and other files specified in the rule. |
Deny applications untrusted by KSN | (not supported) Kaspersky Endpoint Security does not take into account the reputation of applications and allows or denies running applications in accordance with rules. |
Allow applications trusted by KSN | Application Control allow rule that includes the KL category Other applications → Applications, trusted according to reputation in KSN |
Users and / or user groups allowed to run applications trusted by KSN | Subjects and their rights in an Application Control allow rule that includes the KL category Other applications → Applications, trusted according to reputation in KSN |
Automatically allow software distribution via applications and packages listed | (not supported) Kaspersky Endpoint Security allows creating Application Control rules in which you can select Trusted Updaters. |
Always allow software distribution via Windows Installer | (not supported) Kaspersky Endpoint Security allows creating Application Control rules in which you can select Trusted Updaters. |
Always allow software distribution via SCCM using the Background Intelligent Transfer Service | (not supported) Kaspersky Endpoint Security allows creating Application Control rules in which you can select Trusted Updaters. |
Software distribution applications and packages allowed | (not supported) Kaspersky Endpoint Security allows creating Application Control rules in which you can select Trusted Updaters. |
Schedule settings | It is not possible to configure a separate schedule for the component. The component is always on while Kaspersky Endpoint Security is operational. |
KSWS Device Control settings are migrated to the Security Controls section, Device Control subsection.
Device Control settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Operation mode:
| (not supported) Application Control operates in the Active mode. Device connection statistics is continuously provided by Audit. |
Allow using all external devices when the Device Control task is not running | (not supported) Device Control is always on while Kaspersky Endpoint Security is running. |
Device Control rules | Trusted devices During migration, Kaspersky Endpoint Security ignores disabled KSWS rules. |
Schedule settings | (not supported) Kaspersky Endpoint Security uses its own schedule for gaining access to certain device types. |
Network-Attached Storages Protection
RPC Network Storage Protection
Kaspersky Endpoint Security does not support Network-Attached Storages Protection components. Network storage protection is provided by other application components, for example, Network Threat Protection.
ICAP Network Storage Protection
Kaspersky Endpoint Security does not support Network-Attached Storages Protection components. Network storage protection is provided by other application components, for example, Network Threat Protection.
Kaspersky Endpoint Security does not support Anti-Cryptor for NetApp. Anti-Cryptor functionality is provided by other application components, such as Behavior Detection.
Network activity control
Kaspersky Endpoint Security does not support KSWS Firewall Management. KSWS Firewall functions are performed by the system-level Firewall. After migration, you can configure the Kaspersky Endpoint Security Firewall.
Network Anti-Cryptor settings are migrated to the Advanced Threat Protection section, Behavior Detection subsection.
Anti-Cryptor settings
KSWS settings | KES settings |
---|---|
Operation mode:
| Upon detection of external encryption of shared folders:
|
Heuristic analyzer | (not supported) Kaspersky Endpoint Security does not use Heuristic Analysis for Behavior Detection. |
Configuration of protection scope:
| (not supported) Kaspersky Endpoint Security prevents encryption of all shared network folders of the protected computer. |
Exclusions | (not supported) Kaspersky Endpoint Security has its own exclusions for the Behavior Detection component. You can manually add exclusions after migration. |
Schedule settings | (not supported) It is not possible to configure a separate schedule for the component. The component is always on while Kaspersky Endpoint Security is operational. |
System Inspection
Kaspersky Endpoint Security does not support the File Integrity Monitor component. Kaspersky Endpoint Security allows monitoring file events in the operating system using the Application Activity Monitor component.
Kaspersky Endpoint Security does not support the Log Inspector component. Log Inspection is handled by other components, for example, Adaptive Anomaly Control.
Logs and notifications
KSWS Logs settings are migrated to the General settings section, Interface and Reports and Storage subsections.
Logs settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Event logging | Notifications (Interface subsection) |
Logs folder | (not supported) Kaspersky Endpoint Security saves reports in the C:\ProgramData\Kaspersky Lab\KES.21.7\Report folder. |
Remove task logs older than N day(s) | (not supported) You can configure the storage period for KES reports under General settings, Reports and Storage. |
Remove from the audit log events N day(s) | (not supported) Kaspersky Endpoint Security applies report storage limitations to all reports including system audit reports. |
Integration with SIEM | (not supported) You can configure SIEM integration in Kaspersky Security Center. |
KSWS Notifications settings are migrated to the General settings section, Interface subsection.
Notifications settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Notifications | Notifications |
Notify users:
| (not supported) Kaspersky Endpoint Security does not support modifying notification text. Kaspersky Endpoint Security displays standard notifications. |
Notify administrators:
| Only email notification settings are migrated to Kaspersky Endpoint Security – Email notification settings (Notifications block). Other methods of notifying administrators are not supported. |
Application database is out of date | Send the "Databases out of date" notification if databases were not updated |
Application database is extremely out of date | Send the "Databases extremely out of date" notification if databases were not updated |
Critical areas scan has not been performed for a long time | (not supported) Kaspersky Endpoint Security generates a missed Critical Areas Scan event after three days. |
Interaction with Administration Server
KSWS Administration Server interaction settings are migrated to the General settings section, Reports and Storage subsection.
Administration Server interaction settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Quarantined files | About Quarantine files |
Backed up files | About files in Backup |
Blocked hosts | (not supported) Kaspersky Endpoint Security automatically sends data about blocked hosts. |
Tasks
The Activation of Application task settings (KSWS) are migrated to the Add key task (KES).
The Activation of Application task settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Activate application with activation code | Activation code |
Activate application with key or key file | Key file or key |
Use as additional key | Add this key as a reserve key |
The Copying Updates task settings (KSWS) are migrated to the Update task (KES).
Copying Updates task settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Update source:
| Update source:
|
Use Kaspersky update servers if specified servers are not available | (not supported) Kaspersky Endpoint Security allows selecting multiple update sources, including Kaspersky update servers. If the first update source is not available, Kaspersky Endpoint Security lets you obtain updates from another source in the list. |
Use proxy server settings to connect to Kaspersky update servers | (not supported) Kaspersky Endpoint Security uses the proxy server for all components. You can configure the proxy server connection in network options of the application. |
Use proxy server settings to connect to other servers | (not supported) Kaspersky Endpoint Security uses the proxy server for all components. You can configure the proxy server connection in network options of the application. |
Copying updates settings:
| (not supported) |
Folder for local storage of copied updates | Copy updates to folder |
Baseline File Integrity Monitor
Kaspersky Endpoint Security does not support the Baseline File Integrity Monitor task.
The Database Update task settings (KSWS) are migrated to the Update task (KES).
Database Update task settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Update source:
| Update source:
|
Use Kaspersky update servers if specified servers are not available | (not supported) Kaspersky Endpoint Security allows selecting multiple update sources, including Kaspersky update servers. If the first update source is not available, Kaspersky Endpoint Security lets you obtain updates from another source in the list. |
Use proxy server settings to connect to Kaspersky update servers | (not supported) Kaspersky Endpoint Security uses the proxy server for all components. You can configure the proxy server connection in network options of the application. |
Use proxy server settings to connect to other servers | (not supported) Kaspersky Endpoint Security uses the proxy server for all components. You can configure the proxy server connection in network options of the application. |
Lower the load on the disk I/O | (not supported) |
The Software Modules Update task settings (KSWS) are migrated to the Update task (KES).
Software Modules Update task settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Update source:
| Update source:
|
Use Kaspersky update servers if specified servers are not available | (not supported) Kaspersky Endpoint Security allows selecting multiple update sources, including Kaspersky update servers. If the first update source is not available, Kaspersky Endpoint Security lets you obtain updates from another source in the list. |
Use proxy server settings to connect to Kaspersky update servers | (not supported) Kaspersky Endpoint Security uses the proxy server for all components. You can configure the proxy server connection in network options of the application. |
Use proxy server settings to connect to other servers | (not supported) Kaspersky Endpoint Security uses the proxy server for all components. You can configure the proxy server connection in network options of the application. |
Copy and install critical software modules updates | Install critical and approved updates |
Only check for critical software updates available | (not supported) Kaspersky Endpoint Security continually checks the availability of critical updates for application modules. |
Allow operating system restart | (not supported) Kaspersky Endpoint Security prompts the user for permission to restart the computer. |
Receive information about available scheduled software modules updates | (not supported) Kaspersky Endpoint Security displays notifications about software module updates. |
Rollback of Application Database Update
The Rollback of Application Database Update task settings (KSWS) are migrated to the Update rollback task (KES). The new Update rollback task (KES) has Manually for its task start schedule.
The On-Demand Scan task settings (KSWS) are migrated to the Virus Scan task (KES).
Virus Scan task settings
Kaspersky Security for Windows Server settings | Kaspersky Endpoint Security for Windows settings |
---|---|
Scan scope | Scan scope |
Protection level:
| Security level:
Security level settings are different in KSWS and KES. |
Objects to scan:
| File types:
Kaspersky Endpoint Security does not allow creating custom extension lists. Kaspersky Endpoint Security replaces the Objects scanned by specified list of extensions value with the Files scanned by extension value. |
Subfolders | Including subfolders |
Subfiles | (not supported) |
Scan disk boot sectors and MBR | (not supported) |
Scan alternate NTFS streams | (not supported) |
Scan only new and modified files | Scan only new and changed files |
Scan of compound objects:
| Scan of compound files:
|
Action to perform on infected and other objects:
| Action on threat detection:
|
Action to perform on probably infected objects:
| (not supported) Kaspersky Endpoint Security applies the action if any threat is detected. |
Perform actions depending on the type of object detected | (not supported) |
Entirely remove compound file that cannot be modified by the application in case of embedded object detection | (not supported) |
Exclude files | (not supported) Kaspersky Endpoint Security applies the trusted zone to all components. You can configure exclusions in trusted zone settings. |
Do not detect | (not supported) |
Stop scanning if it takes longer than N sec | Skip files that are scanned for longer than N sec |
Do not scan compound objects larger than N MB | Do not unpack large compound files |
Use iSwift technology | iSwift Technology |
Use iChecker technology | iChecker Technology |
Action on the offline files:
| (not supported) Kaspersky Endpoint Security scans offline files in their entirety.
|
The Application Integrity Control task settings (KSWS) is migrated to the Integrity check task (KES).
Rule Generator for Applications Launch Control
Kaspersky Endpoint Security does not support the Applications Launch Control Generator task. You can generate rules in Application Control settings.
Rule Generator for Device Control
Kaspersky Endpoint Security does not support the Rule Generator for Device Control task. You can generate access rules in Device Control settings.