An Application Startup Control rule is a group of settings required for operation of the Application Startup Control component:
Assignment of the application to an application category. An application category is a group of applications that have common attributes. For example, one category includes executable files from selected protected virtual machines. You can create categories based on various conditions, including based on KL categories. A KL category is a list of applications generated by Kaspersky Lab experts. For example, the KL category "Office applications" includes applications from the Microsoft Office suite, Adobe Acrobat, and others. For more information about managing categories, see Kaspersky Security Center manuals.
If files do not have a digital signature, the Application Startup Control component cannot determine the KL category for these files and blocks them from starting. Therefore, if the "Block" action is selected in the settings of the Application Startup Control component, files without a digital signature will be blocked from starting. If you want to allow certain files to start without a digital signature, you are advised to select the "Notify" action in the Application Startup Control component settings, and to add the relevant files to a pre-created application category when an event is received in Kaspersky Security Center.
Allowing selected users and / or user groups to start applications. You can specify a user and/or user group that is allowed to start applications from a specified category.
Status of Application Startup Control rules
Application Startup Control rules can have one of two status values:
On. This rule status means that the rule is enabled.
Off. This rule status means that the rule is disabled.
When created, an Application Startup Control rule is enabled by default (the rule has On status). You can disable the Application Startup Control rule. If an Application Startup Control rule is disabled, the application temporarily stops applying the rule.
Predefined Application Startup Control rules
After Kaspersky Security is installed, the following Application Startup Control rules are created by default:
Trusted updaters. The rule allows all users startup of applications that have been installed or updated by applications in the KL category "Trusted Updaters". The "Trusted updaters" KL category includes updaters for the most reputable software vendors. The rule is disabled by default.
Operating system and its components. This rule allows all users to start applications in the "Golden Image" KL category. The "Golden Image" KL category includes applications that are required for the operating system to start and function. The rule is enabled by default.
Virtualization applications. This rule allows all users to start applications in the "Applications for virtualization" KL category. The "Virtualization applications" KL category includes applications intended for virtualization of platforms and resources. The rule is enabled by default.
Managing Application Startup Control rules
You can manage an Application Startup Control rule as follows: