Changing the Protection mode

18 March 2024

ID 85650

Real-Time Protection lets you detect threats in files being opened, and scan apps while they are being installed on the device in real time. The anti-virus databases and the Kaspersky Security Network cloud service (Cloud Protection) are used to ensure security automatically.

To change the device protection mode:

  1. In the main window of Kaspersky Endpoint Security, tap Settings App settingsAnti-Virus Real-time protection mode.
  2. Select the device Protection mode:
    • Disabled. Protection is disabled.
    • Recommended. Anti-Virus scans only installed apps and files from the Downloads folder. Anti-Virus scans new apps as soon as they are installed.
    • Extended. Anti-Virus scans all device files for malicious objects when any operation is performed with them (for example, when they are saved, moved, or modified). Anti-Virus also scans new apps as soon as they are installed.

Information about the current Protection mode is displayed under the description of the component.

Access to Real-Time Protection settings may be restricted by your administrator.

To enable Cloud Protection (KSN):

  1. Tap Settings App settingsAnti-Virus in the main window of Kaspersky Endpoint Security.
  2. Switch on the Cloud Protection (KSN) toggle button.

    The Cloud Protection (KSN) toggle button manages the use of Kaspersky Security Network only for real-time protection of a device. If the check box is cleared, Kaspersky Endpoint Security continues to use KSN for the operation of other components of the app.

As a result, the app obtains access to the Kaspersky online knowledge base regarding the reputation of files and apps. The scan is performed for threats whose information has not yet been added to Anti-Virus databases but is already available in KSN. Kaspersky Security Network cloud service provides full operation of Antivirus and reduces the likelihood of false alarms. Only your administrator can fully disable the use of Kaspersky Security Network.

To configure Real-Time Protection:

  1. In the main window of Kaspersky Endpoint Security, tap Settings App settingsAnti-VirusScan settings.
  2. If you want the app to detect adware and apps that could be used by hackers to cause harm to your device or data when the app performs a scan, switch on the Adware, dialers, and other toggle button.
  3. Click Action on threat detection, and then select the action taken by the app by default:
    • Quarantine

      Quarantine stores files as archives, so they cannot harm the device. Quarantine lets you delete or restore the files that were moved to isolated storage.

    • Delete

      Detected objects will be automatically deleted. No additional actions are required. Prior to deleting an object, Kaspersky Endpoint Security will display a temporary notification about the detection of the object.

    • Skip

      If the detected objects have been skipped, Kaspersky Endpoint Security warns you about problems in device protection. For each skipped threat, the app provides actions that you can perform to eliminate the threat. The list of skipped objects may change, for example, if a malicious file was deleted or moved. To receive an up-to-date list of threats, run a full device scan. To ensure reliable protection of your data, eliminate all detected objects.

Information about detected threats and the actions taken on them is logged in the app reports (Settings Reports). You can choose to display reports on Anti-Virus operations.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.