Advice Request Kaspersky Endpoint Security Custom Install Info needed

[harlan4096]

Check this link for better info: Application Startup Control

 

[Deleted member 2913]

harlan,

I want to exclude or trust AX64 Time Machine in KES.
I know to exclude AX folder.
Trust section gives few exclude options, should I check all?

What would be better for AX, exclusion or trust?

 

[harlan4096]

Well, since I have never tested AX64TM neither in general nor with Kaspersky products, I would go to tick all the check buttons in Trusted section.

 

[Deleted member 2913]

Well, since I have never tested AX64TM neither in general nor with Kaspersky products, I would go to tick all the check buttons in Trusted section.

So you mean Trust will be better than Exclusion?
No need adding AX64 in both exclusion & trust, right?

Attached is the screenshot of Trust options
So should I check all options?

 

[harlan4096]

If You Trust AX64TN, Yes

 

[Deleted member 2913]

harlan,

As per Kaspersky help files -

Low Restricted - Threat Level is 80
High Restricted - Threat Level is 81 - 90
UnTrusted - Threat Level is 91 - 100

Do you find Threat Level little lenient? As quite a few files gets into Low Restricted inspite of digital signs missing, lower than 10 users, etc...
And do you find Heuristics Analysis to define Groups lenient too?

 

[Deleted member 2913]

harlan,

Is there any way to save database for later offline install, like for KES reinstall, etc...?

 

[harlan4096]

You have KUU 3: Kaspersky Update Utility 3.0

Once installed, 1st click on button [Start] to update the list of applications supported.

 

[Deleted member 2913]

You have KUU 3: Kaspersky Update Utility 3.0

Once installed, 1st click on button [Start] to update the list of applications supported.

What I meant was I have already updated KES on the system. Can I copy the databases in any way before uninstalling & use the databases later on reinstalling?

 

[harlan4096]

Sincerely, I'm not sure that can be done... but it's a question to check but I guess it will not so easy

 

[Deleted member 2913]

Sincerely, I'm not sure that can be done... but it's a question to check but I guess it will not so easy

Let me know here on finding the info.

 

[Deleted member 2913]

harlan,

KES 10 installs its WFP driver?

 

[harlan4096]

WFP driver? Windows Filtering Platform or?

 

[hjlbx]

WFP driver? Windows Filtering Platform or?

Yeah... that's what he is asking.

 

[harlan4096]

Many of the features/modules of Kaspersky products in general work filtering traffic, so I guess so...

 

[Deleted member 2913]

Many of the features/modules of Kaspersky products in general work filtering traffic, so I guess so...

So does this means security software that has Firewall, install WFP driver?

 

[hjlbx]

So does this means security software that has Firewall, install WFP driver?

Windows Filtering Platform is built-in to Windows OS.

Windows Filtering Platform

In Microsoft computer-systems, the Windows Filtering Platform (WFP) comprises a set of system services and an application programming interface first introduced with Windows Vista in 2006/2007. It allows applications to tie into the packet processing and filtering pipeline of the Next Generation TCP/IP network stack.

Source: Wikipedia

Firewalls install their own driver, but since W8, they are required to use the built-in WFP APIs.

That's all I know...

 

[Deleted member 2913]

Couple software I know are safe are in Low Restricted.

Should I move them to Trusted or no need will work fine in Low Restricted?

 

[harlan4096]

Better to move Them to Trusted group

 

[Deleted member 2913]

Harlan,

Whats the option in notifications so that I get notification databases updated?

I tried notification - updates - last one i.e update distribution updated successfully. I tried KES update & it updated but I didn't get the notification.