Creating allowing rules for applications launch control from Kaspersky Security Center events
3 August 2023
To create allowing rules for applications launch control from Kaspersky Security Center events:
- Open the Applications Launch Control rules window.
- Click the Add button.
- In the button’s context menu, select Create allowing rules for applications from Kaspersky Security Center events.
- Select the principle for adding the rules to the list of previously created Application Launch Control rules:
- Add to existing rules, if you want to add the imported rules to the list of existing rules. Rules with identical settings are duplicated.
- Replace existing rules, if you want to replace the existing rules with the imported rules.
- Merge with existing rules, if you want to add the imported rules to the list of existing rules. Rules with identical settings are not added; the rule is added if at least one rule parameter is unique.
The Applications launch control rules generation window opens.
- Select the event types based on which the application will create applications launch control rules:
- Statistics only mode: application launch denied.
- Application launch denied.
- Select the time period from the Request events that were generated within the period drop-down list.
- If necessary, in the Use events generated for a group of managed devices field, enter the name or a fragment of the name of the group of devices managed by Kaspersky Security Center whose events will be the basis for creating applications launch control rules.
- Clear or select the Prioritize the use of hash when generating rules check box.
- Click the Generate rules button.
- Click the Save button in the Applications Launch Control rules window.
The rule list in the Applications Launch Control task will be populated with new rules generated based on system data from the protected device with the Kaspersky Security Center Administration Console installed.
Rules with the same hash are not added, because all rules in the list must be unique.