I plan on using the configuration I presented here. Kaspersky is pretty much the heart of the configuration. So how should I configure my settings to have the best security possible? I can only find guides for KIS 2016. Is 2018 different as far as settings?
You can start using that config for 2016, in recent versions, Kaspersky have included VPN, software updater and software cleaner, the main components of protection works with almost same settings of 2016
As mentioned above, there are hardly any provisions needing configuration in the newer versions.
Since you've HMPA alongside, disable "Automatic Exploit Prevention" in Kaspersky System Watcher to cut out any chances of conflicts. Yes, quite some users use them together without issues but you cannot predict their compatibility during an exploit attack (hard to come by right?). HMPA covers more attack vectors and apparently has a stronger exploit mitigation implementation.
We already have this and this guide to maximize KIS/KTS settings. Both have a little different content and you can choose the best tweaks from each.
Trusted Applications Mode (sort of default-deny) will be great unless you experiment frequently with less known apps. High Heuristics might affect performance.
Disable "Trust Digitally Signed Applications". Set "Trust group" of unknown apps to "High Restricted" / "Untrusted" .. and that of apps starting before Kaspersky as "High Restricted". Check if the latter causes any trouble. It used to work fine for me.
Follow the "Protected folders .." tweaks from the 2nd link for fortified data protection.
Keep the "search for rootkits.." ON unless you find that it visibly affects your performance.
In Additional>Network settings, select "Monitor all ports".
Make sure to use the built-in Software Updater timely.
Make sure to enable System Changes Control (as in guide 1) & choose the desired options.
In Firewall settings, you can configure "configure packet rules" (make changes here only if you know what you're doing) and "configure application rules". In the latter, you can change Internet access permissions for different apps or app groups. Eg. if you do not want some unknown installed programs to call out or vice versa, this will be handy.
If you want the finest control on what's happening in your OS, disable "Perform recommended actions automatically" in "General settings". This will provide you HIPS-based alerts on tons of activities, it will keep you busy learning though!
There are a lot of provisions in Kaspersky to experiment and that is for you to discover.
As mentioned above, there are hardly any provisions needing configuration in the newer versions.
Since you've HMPA alongside, disable "Automatic Exploit Prevention" in Kaspersky System Watcher to cut out any chances of conflicts. Yes, quite some users use them together without issues but you cannot predict their compatibility during an exploit attack (hard to come by right?). HMPA covers more attack vectors and apparently has a stronger exploit mitigation implementation.
We already have this and this guide to maximize KIS/KTS settings. Both have a little different content and you can choose the best tweaks from each.
Trusted Applications Mode (sort of default-deny) will be great unless you experiment frequently with less known apps. High Heuristics might affect performance.
Disable "Trust Digitally Signed Applications". Set "Trust group" of unknown apps to "High Restricted" / "Untrusted" .. and that of apps starting before Kaspersky as "High Restricted". Check if the latter causes any trouble. It used to work fine for me.
Follow the "Protected folders .." tweaks from the 2nd link for fortified data protection.
Keep the "search for rootkits.." ON unless you find that it visibly affects your performance.
In Additional>Network settings, select "Monitor all ports".
Make sure to use the built-in Software Updater timely.
Make sure to enable System Changes Control (as in guide 1) & choose the desired options.
In Firewall settings, you can configure "configure packet rules" (make changes here only if you know what you're doing) and "configure application rules". In the latter, you can change Internet access permissions for different apps or app groups. Eg. if you do not want some unknown installed programs to call out or vice versa, this will be handy.
If you want the finest control on what's happening in your OS, disable "Perform recommended actions automatically" in "General settings". This will provide you HIPS-based alerts on tons of activities, it will keep you busy learning though!
There's a lot more provisions in Kaspersky to experiment and that is for you to discover.