Support

Support for business applications

Kaspersky Endpoint Security 12 for Windows

Computer control

Application Control

Testing Application Control rules

Enabling and disabling Application Control rule testing

Kaspersky Endpoint Security 12 for Windows
Нет результатов
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools Support lifecycle

Enabling and disabling Application Control rule testing

25 April 2024

ID 165700

Get as PDF

To enable or disable testing of Application Control rules in Kaspersky Security Center:

  1. Open the Kaspersky Security Center Administration Console.
  2. In the console tree, select Policies.
  3. Select the necessary policy and double-click to open the policy properties.
  4. In the policy window, select Security ControlsApplication Control.

    In the right part of the window, the settings of the Application Control component are displayed.

  5. In the Control mode drop-down list, select one of the following items:
    • Denylist. If this option is selected, Application Control allows all users to start any applications, except in cases that satisfy the conditions of Application Control block rules.
    • Allowlist. If this option is selected, Application Control blocks all users from starting any applications, except in cases that satisfy the conditions of Application Control allow rules.
  6. Do one of the following:
    • If you want to enable testing of Application Control rules, select the Test rules option in the Action drop-down list.
    • If you want to enable Application Control to manage the startup of applications on user computers, in the drop-down list, select Apply rules.
  7. Save your changes.

To enable testing of Application Control rules or to select a blocking action for Application Control:

  1. In the main application window, click the Application settings icon in the form of a gear wheel. button.
  2. In the application settings window, select Security ControlsApplication Control.
  3. Click the Blocked applications or Allowed applications button.

    This opens the list of Application Control rules.

  4. In the Status column, select Test mode.

    This status means that Kaspersky Endpoint Security always allows the startup of applications to which this rule applies but logs information about the startup of such applications in the report.

  5. Save your changes.

Kaspersky Endpoint Security will not block applications whose startup is forbidden by the Application Control component, but will send notifications about their startup to the Administration Server. You can also configure the display of notifications about rule testing on the user's computer (see figure below).

Notification that the application startup is allowed in test mode. The user can view detailed information about the rule.Notification that the application startup is prohibited in test mode. The user can view detailed information about the rule.

Application Control notifications in test mode

Kaspersky Endpoint Security for Windows: Detection of advanced threats
Control systems which prevent damage from the sensitive data theft. Management from a single console. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.