How to use the Trusted Zone in Kaspersky Security 10.x for Windows Server
The article concerns:
- Kaspersky Security 10.1.2 for Windows Server
- Kaspersky Security 10.1.1 for Windows Server
- Kaspersky Security 10.1.0 for Windows Server
- Kaspersky Security 10.0.0 for Windows Server
The Trusted Zone is a list of exclusions from the protection or scan scope. You can create this list manually and apply it to On-Demand Scan, Real-Time File Protection, Script Monitoring and RPC Network Storage Protection tasks.
How to enable or disable Trusted Zone exclusions in tasks
By default, the Trusted Zone is applied to Real-Time File Protection and newly-created custom On-Demand Scan tasks, as well as to all system On-Demand scan tasks except Quarantine Scan tasks.
After you have enabled or disabled the Trusted Zone, the exclusions will immediately either stop or start working in running tasks.
To enabled or disable the Trusted Zone in Kaspersky Security 10.x for Windows Server tasks:
- In the Application Console tree, open the shortcut menu of the task you want to configure the Trusted Zone for.
- Select Properties.
- In the General tab, select or clear the Apply Trusted Zone checkbox. If you want to configure Trusted Zone settings, click the Trusted Zone link.
- Click OK to apply the changes.
Use of the Trusted Zone will be enabled or disabled.
How to add exclusions to the Trusted Zone
- In the Application Console tree, open the shortcut menu of the Kaspersky Security node.
- Select Configure Trusted Zone settings.
- In the Exclusions tab, click Add.
- If necessary, you can exclude an object from the scan or protection scope:
- Select the Object to scan checkbox. If this checkbox is selected, Kaspersky Security 10.x for Windows Server skips the IP range, file, folder, disk or script file when starting a scan using the Kaspersky Security 10.x for Windows Server components selected in the Exclusion usage scope section. This checkbox is selected by default.
- Click Edit.
- Select the object that you want to exclude from the scan scope. When specifying objects, you can use the special characters ? and *.
- If necessary, specify the name of the detected object:
- Select the Objects to detect checkbox. If this checkbox is selected, Kaspersky Security 10.x for Windows Server skips the specified objects during scan tasks. If the checkbox is clear, Kaspersky Security 10.x for Windows Server detects all the objects specified in the application by default. This checkbox is cleared by default.
- Click Edit.
- Specify the name or a name mask of the detected objected according to the Kaspersky Lab Virus Encyclopedia classification.
- In the Exclusion usage scope section, select the checkboxes beside the names of the tasks to which to apply the exclusion.
- Click OK.
The exclusion will be added to the Trusted Zone.
Examples of masks for exclusions
You can exclude the files from scan using the following types of masks:
- Name and extension based masks (not containing file paths)
- Absolute paths based on extension or file name
- Partial paths based on a folder name
* — stands for one or more characters
Masks without paths
- *EXE — all files with the EXE extension are excluded
- test — all files named test are excluded
Masks with absolute paths
- C:\dir\*.* or C:\dir\ — all files in the C:\dir\ folder.
- C:\dir\*.EXE — all files with the EXE extension in the C:\dir\ folder.
- C:\dir\test — all files named test in the C:\dir\test folder.
Masks with partial paths
- dir\*.* or dir\ — all files in all dir\ folders.
- dir\*.exe — all files with the EXE extension in all dir\ folders.
- dir\*.exe — all files with the EXE extension in all folders.
- dir\test*.* — all files with names starting with “test” in all dir\ folders are excluded. For example, C:\temp\dir\sub\test2.exe.