Kaspersky Embedded Systems Security now has the following new features and improvements:
The Application Control component has been improved. Now you can configure execution prevention for application other than those signed with trusted signatures.
More settings of the Inventory task. Now you can select an action with the "Golden image" category when a task finishes.
New cloud mode of the application, in which the application uses a lightweight version of the anti-malware databases. This lets you reduce the load on device memory.
The application can be automatically restarted after an update. When updating, the application now automatically restarts to save the administrator the additional step of restarting the application.
New settings that let you limit CPU usage have been added to the general application settings. At the same time, the ScanPriority setting was removed from scan tasks of the ODS and InventoryScan types.
Now you can disable protection components and scan tasks after the application is installed. An installation with protection components disabled can be convenient, for example, in order to reproduce a problem in the operation of the application and create a trace file.
The configuration file of the application now includes settings for defining the directory for storing dump files and the minimum required free disk space after creating dump files.
We added the ability to view the remote application installation log and manage the tracing process in the Web Console properties of the managed device or in the Administration Console using the remote diagnostics utility.
Now you can export and import a list of trusted devices for the Device Control component in the application administration plug-ins.
Now you can export and import per-process exclusions for the Behavior Detection component in the application management plug-ins.
Now you can configure the application to interact directly with KSN servers if the KSN Proxy service becomes unavailable.
In the application management plug-ins, in the Storages -> Backup section, you can send a file to Kaspersky for scanning.
The graphical user interface implements the ability to inform the user about the operation of application components and tasks in "Notify only" mode, in which, if a threat is detected, application components and tasks do not attempt to disinfect or remove malicious objects, deny access, or block the activity of programs, but instead only inform the user that a threat was detected. The administration plug-ins also now have a notification that "Notify only" mode has been enabled for the File Threat Protection and Device Control components.
The newly implemented application stability monitoring functionality allows you to track the number of times the application terminates abnormally and notify the administrator about the unstable operation of the application.
Improved command line options for task scheduling. Now you can configure a task to be stopped when it reaches maximum execution time.
Improved Firewall Management component. Now you can specify multiple IP addresses or IP address ranges for a network packet rule.
Now you can view statistics for the most frequently scanned files and applications, as well as a list of mount points detected on the protected device. To improve performance, you can now exclude the files that are most frequently scanned by the File Threat Protection component, the paths to applications that are most frequently scanned by the Behavior Detection component, and the mount points detected on the device.
Now you can collect application performance metrics that can help analyze the impact of Kaspersky Embedded Systems Security on operating system performance.
The user is now better informed thanks to new events, improved event texts, an expanded list of event attributes, and an unification of events in plug-ins and the command line.
Container protection and scanning is not provided as separate functionality. If you had Container Scan tasks configured in the previous version of the application, after updating the application, these tasks become unavailable and are not displayed. Scanning files in containers being started is possible as part of File Threat Protection when namespace scanning is enabled.