Kaspersky blocks connecting to a network folder. Kaspersky Internet Security, we understand the default settings

It often happens that Kaspersky Anti-Virus, which should ensure the security of a local network, on the contrary, vice versa in every way interferes with access to network resources.

Therefore, here we will analyze what to do if Kaspersky blocks local networkAnd what settings are needed if access to the computer is limited.

Before proceeding to the diagnosis of the problem, make sure that

  • - You have a fresh version of the antivirus;
  • - The computer updated the driver to the network card.

What if Kaspersky blocks the local network?

To check, you should temporarily disable protection. For this right-click Mice Click on the anti-virus icon in the system tray and select "Suspend Protection".

You must also disable windows Firewall - Kaspersky himself will perform the task of the network screen, assign statuses and will control the network connection. If you leave the firewall enabled, the antivirus will periodically disable the network.

It is necessary to immediately remember the name of the network and.

To do this, go "Start" - "Control Panel" - "Network and Internet" - "Network Management Center and common access"-" Changing the Adapter Settings "-" Connection over Local Network "(Local Network Name Default - Model of the Network Card: Realtek RTL8102E ..., Atheros and others).

Kaspersky Setting for LAN:

1) Open the main antivirus window;
2) At the bottom of the left, click the setting sign (gear);
3) in the left column, press "Protection";
4) Next in the right window - "Network Screen";

5) downstairs - the "network" button;
6) Choose your network (whose name you remember earlier)

Double-click the network properties and select the Type of Trusted Network Network.
Next, if necessary, you can turn off the NDIS Filter driver (the exchange rate over the network will increase significantly). It turns off in the settings of the local network and is not subject to configuration.

Enable and restart the computer is necessary with the local network enabled and connected to network card computer cable, because Kaspersky begins to conflict with the "Computer Observer" service.

You can also prohibit or restrict certain programs to the location network. To do this, run the items from the first to the fourth and select "Configure program rules".

There are four groups here: trusted, weak limitations, strong restrictions and untrusted. Using the right mouse button, select the appropriate priority for programs, then add new groups and programs. To do this, select:

1) details and rules
2) network rules
3) Restrictions
4) reset parameters
5) Remove from the list
6) Open the program folder

The default rules are "inherited" from the installed program, but they can be changed on the necessary. To do this, right-click Click the necessary program (or subgroup) and select the appropriate item in the menu.

There are many versions of antiviruses from Kaspersky Lab, each of which has its advantages and disadvantages. One of the latest options - Kaspersky Internet Security 2015, which combines many features whose configuration requires time and defined skills. How to install and spend basic setting Kaspersky Anti-Virus We will tell you in this article.

Loading and installation

First of all, you need to download the installation distribution to your computer. Where and how to do it - everyone decides himself. The demo version can be downloaded from the official website, it will work 30 days, after which it will require activation. When the distribution is on your computer, it will need to run.

After startup, you will see the following window:

When you click the "Setup" button, you will open the following tab with license Agreementwhich, as usual, you will need to just take. Next, another agreement, after which the program installation on a computer begins directly. It lasts about 15 minutes.

The program will be launched quite a long time by analyzing the operating system and the status of the computer as a whole.

After that, Kaspersky Internet Security will request a license key. If you have it - enter and activate the program, if not, select the trial version.

This is the last step after which on your computer will be installed program KIS 2015. You will get to the main menu and discover that the antivirus base is very outdated. This is due to the fact that the installation distribution contains a minimum set of information with the calculation of the Internet to regularly update anti-virus databases. What you will have to do: click on the update and wait.

Scan computer

Before scanning you need to perform several settings so that it takes place without excesses. To do this, go to the menu item "Settings".

There we need the check tab. There is an action when a threat is detected. If you want to delete all infected files - exhibit "Delete", but it is much more efficient to choose "Treat, incurable - delete". So you will avoid losses of most files and will be securely protected from the threat. By the way, you can take action against threats yourself: Choose the "Inform" item and all solutions will have to be chosen manually.

Below you can determine the action that will be performed when connected removable carriers. Fast check implies an assessment of the boot sector, full - check all files. Option only 4: Do not check, fast and complete check, as well as a complete check of a small amount of media.

After that, you can proceed to scan. Return to the main menu and select the check "Check".

Here will open a selection options. Full check implies checking all directories of the computer and connected media. A quick check performs an analysis of important directory of the computer and general objects where viruses and malicious applications are most often met. A selective check allows you to analyze a specific directory, where you think there may be a virus. Checking removable media gives the user a media selection that scan, and the task manager displays all running checks.

Choose the appropriate option and click "Run". Now you need to wait a bit and all the results you will see.

Secondary settings of antivirus

To make the program work even more efficiently, you need to dig in additional settings and set certain Kaspersky parameters that you need. To do this, go back to the "Settings" tab and change each of the items in order.

There are three flags that can be removed or installed. Automatic action will give freedom of antivirus, which will decide what to do with files yourself. If you check the box "Do not delete possible infected objects", then all discovered viruses and ill-faithful programs will fall into quarantine. With the "Auto-site" item, everything is extremely clear: you determine whether Kaspersky will automatically start when Windows starts. Password installation is needed to eliminate third-party intervention in the anti-virus settings.

In the "Protection" settings point, you can determine the levels of protection of various Kaspersky functions and configure them at their discretion:

  • For the file anti-virus, it is possible to choose three levels of threat, depending on the environment in which you work, and the definition of an automatic action when a threat is detected.
  • Program control allows you to limit the effect third-party programs Computer action: You can exclude applications without signature, define rules for programs and automatically place new programs into a specific list.
  • Protection against network attacks allows you to block the computer of the aggressor for a certain period of time.
  • Im-Antivirus analyzes pagers' traffic traffic for malicious links.
  • Settings of the postal and web antivirus are identical to the file anti-virus parameters.
  • Webcam work can be restricted for all (or some programs) or set out the issuance of notifications when using its program from the allowed list.

  • Network screen settings allow you to organize secure access to the local network and the Internet. You can enable vulnerabilities notifications that lie everyone who connects to wi-Fi network. It is possible to disable / enable fTP work, change the disabling time of the network screen and set the network connection blocking when the KIS-2015 program interface is not enabled.

  • Activity monitoring can exclude the risk for a computer from malicious programs. Here you need to include protection against exploits to stop all attempts to perform unauthorized actions. Moreover, an automatic solution setting is available when a threat is detected: an action can be either allowed or prohibited. Control of program activity allows you to automatically delete malicious program When detecting or completing it operation at this session. If the effect of the virus has failed, it is possible to automatically roll back and return to the previous state of the computer. And one of the most important moments This item is protection against screen blockers, programs that completely paralyzing the operation of the computer.
  • The anti-spam function is responsible for blocking incoming messages containing spam.

  • "Anti-banner" works on the principle of advertising blocker, eliminating banner on web pages and in applications with advertising. To check, you can use the list of Kaspersky Lab banners, which is regularly updated, and add a banner to the forbidden list manually.
  • The service of secure payments is needed to avoid the possibility of losing personal data for which intruders will be able to kidnap your money. When visiting the bank's website or payment system You can select an action: launch or not running a secure browser, data from which cannot be intercepted. If the transition is performed on request from the Secure Payments window, you can select the default browser to make such actions.

The "Performance" tab is responsible for setting up the computer functional and the uniform distribution of its resources that are often not enough and the entire system begins to really lag. From the available features - blocking scheduled tasks when working a battery, which has a positive effect on the computer performance, the presence of a game profile in which notifications do not jump out and do not interfere with normal operation in full screen mode.

Kaspersky Internet Security can yield resources operating system When starting a computer, leaving only the most important components included, as well as more important programs in a situation when the processor and hDD It turns out too high load. At the same time, it is possible to perform tasks at a simple computer, which allows you to optimize the use of resources. Search for rootkits is performed in REAL-TIME mode and the system has practically no effect on the system.

The "Check" tab and all its capabilities were described above. It is worth only to note that there is the possibility of issuing a schedule check, which is necessary for regular analysis of the system and maintaining its security on the proper level.

Item "Advance" opens access to additional settings. Their list is also wide enough:

  • you can enable or disable update parameters. automatic loading and installing updates;
  • a secure data entry blocks the work of interceptors, protecting the confidentiality of information that you enter from the keyboard;
  • in the threat and exception parameters, it is possible to enable program analysis that are potentially dangerous to the computer (for example, need for remote control), as well as setting up active infection technology;

  • when you enable self-defense, all attempts to change and remove antivirus files to ensure stable operation are blocked;
  • in the network parameters, some ports are locked and configured the analysis of protected connections, as well as the organization of access to the proxy server;
  • the "Notifications" item allows you to select the types of messages that will display antivirus for the user;
  • report and quarantine parameters limit the data storage period and their maximum volume;
  • web service connection settings are needed to configure user interaction and Kaspersky Lab;
  • item " Appearance"It has only two subparagraphs: you can disable the animation of the icon and configure the smooth transition between the program windows.

The first step to a safe journey through the endless spaces of all sorts of networks is of course installing a reliable means of protection. One of the few such means is comprehensive product Kaspersky Internet Security.

The first step to a safe journey through the endless spaces of all sorts of networks is of course installing a reliable means of protection. One of the few such funds is the integrated product of Kaspersky Internet Security. Despite the fact that the KIS product is quite complicated, he immediately after installation is ready to perform all the duties assigned to it. The need for additional tinctures arises extremely rare, and this is a very big plus developers. But it is necessary to understand that this feature is based on the sharp face of compromise solutions. What they conclude on the example of the network screen.

Network screen settings consist of two parts: rules for programs and batch rules. Using program rules, you can allow or prohibit certain programs or groups of programs to send or receive packets or install network connections. Using batch rules, it is allowed or prohibited to install incoming or outgoing connections, and transmit or receive packets.

Let's see what the rules for programs are.

All programs have four categories:

  1. Trusted - they are allowed everything without exception.
  2. Weak restrictions - set to the "Action Request" rule, allowing the user to independently decide on the feasibility of network communication of the programs of this group.
  3. Strong restrictions - in terms of permission to work with the network, the same as weak.
  4. Not trusted - by default these programs are prohibited any network communication (Human very sorry for them).

In the "Trusted" group, all programs from Microsoft are placed by default, the KIS itself and other programs are famous manufacturers. For default settings, the choice is good, but I personally would not have all the programs, even if the famous manufacturers, so unpolitly trust.

How do programs go to one or another group? Everything is not so simple here. The decision to place a specific program in one of four groups is made on the basis of several criteria:

  1. Availability of information about the program in KSN (Kaspersky Security Network).
  2. Availability from the program digital signature (already passed).
  3. Heuristic analysis for unknown programs (something like divination).
  4. Automatically put the program in a predetermined user group.

All these options are in the "Program Control" settings. By default, the first three options are installed, the use of which and leads to a large number of "trusted" programs. You can choose the fourth option alone as an alternative to the first three.

We will conduct an experiment. Let's place any program (for example, the "Opera" browser) in the list of programs with weak limitations and see how the "Request Action" rule works. For the enforcement of program rules, it is necessary to close and re-open the program, the rules for which were changed. If you now try to go to any site, then no action will occur, and the program will safely install a network connection. As it turned out, the "Action Request" rule works only if the checkbox with the option "Select Action automatically" is removed in the basic protection parameters.

Another surprise expects users of network utilities of type Ping, Tracert (if the "Action Request" rule is to extend to trusted programs), Putty (SSH client) and, possibly, to them like. For them, KIS persistently does not want to display the action request screen. Here, the output can only be one - set permissions for a specific program manually.

Before switching to batch rules, I will allow myself one advice: create your subgroups for each group of programs. For example: "Network utilities", " Office programs"," Programs for the Internet ", etc. First, you can always quickly find the desired program, and, secondly, you can install the rules to certain groups, instead of installing the rules for individual programs.

Batch rules.

In package rules, separate features of packages are defined: Protocol, Direction, Local or Remote Port, network address. Batch rules can act as "allowing", "prohibiting" and "according to the rules of programs." The rules are viewed from top to bottom until the permitting or prohibiting rule on the set of features will be found. If the rule for the package is not found, the default rule is applied (last). Usually, in the network screens, the last rule is established a ban on the reception and transmission of any packets, but for KIS is the resulting rule.

The action "By rule of programs" is by its nature "window" for the actual actions of the rules of programs. It is convenient because it is possible to define the priority of rules. For example, the program tries to send a package to the 53 DNS server port. If there is a batch rule with the action "according to the rules of programs", the direction "Outside", the remote port 53 (or not defined), and the program is set to the allowing rule to send a package to 53 port, the package will be sent if the program is forbidden to send packets to 53 port, then this package will not be sent.

The rules scope covers a specific area: "Any address" (all addresses), "subnet address" - You can select the type of "trusted" subnet, "local" or "public", and "addresses from the list" - to specify IP addresses or domain names manually. The attitude of a particular subnet to the "trusted", "local" or "public" is set in the general shortcuts of the network screen.

KIS batch rules, unlike most network screens, overwhelmed large number Directions: "Incoming", "incoming (stream)", "Outside", "Outgoing (stream)", and "incoming / outgoing". Moreover, the rules with some combinations of the protocol and directions do not work. For example, the ICMP prohibition rule in combination with streaming directions will not work, i.e. Prohibited packages will pass. For UDP packages for some reason, streaming directions are used, although the UDP protocol is by nature as such "stream" does not create, unlike TCP.

Another, not quite a good moment is that there is no possibility in batch rules the ability to specify the reaction to the prohibition of the incoming package: to prohibit the reception of the package with the notification of the party sent it or simply discard the package. This is the so-called "invisibility" mode, which earlier in the network screen was present.

Now we turn to the rules actually.

1 and 2 rules allow the rules of programs to send DNS requests for tCP protocols and udp. Of course, both rules are useful, but mostly such network programs as postal and browsers request the addresses of sites through the DNS system service, which is responsible for system program "Svchost.exe". In turn, the service itself uses quite specific addresses. DNS serversManual or DHCP. The DNS server addresses are rarely changed, so it would be enough for sending DNS requests for the system service "svchost.exe" to fixed domain name servers.

3 Rule allows programs to send email via TCP protocol. Here, as well as for the first two rules, it would be enough to create a rule for a specific work program with email Indicates which port and server to send.

4 Rule allows any network activity for trusted networks. Be very careful when you enable this rule, do not confuse the random network type. This rule actually disables the network screen functions in trusted networks.

5 The rule allows any network activity according to the rules of programs for local networks. This rule, although does not turn off the fully network screen, but largely weakens its control functions. By logic 4 and 5, the rules would have to be placed at the very top to prevent the package processing by the rules 1 - 3 when the computer is in a trusted or local network.

6 Rule prohibits remote control Computer via RDP protocol. Although the scope of the "All Addresses" rule, but in fact it is valid only in "public networks".

7 and 8 rule prohibits access from the network to network Services Computer using TCP and UDP protocols. In fact, the rule is valid only in "Public Networks".

9 and 10 Rules allow everyone to connect to a computer from any networks without exception, of course excluding services prohibited by rules 6 - 8. The rule only for programs with permitted network activity. But be very attentive, the default network activity is permitted by almost all programs with the exception of not trusted.

11 - 13 Rules allow the reception of incoming ICMP packets for all programs. The meaning in these rules is no more than in 1 - 3, because ICMP in the overwhelming majority uses the Ping and Tracert program.

14 The rule is prohibited from the reception of all types of ICMP packages, of course, with the exception of the rules allowed 11 to 13.

16 The rule prohibits the incoming ICMP V6 Echo request. ICMP V6 in the overwhelming majority of cases is not needed. It would be possible to ban it completely.

The 17 rule allows everything that is clearly not allowed or prohibited by previous rules. This rule is although not displayed on the screen, but it is certainly necessary to remember its existence.

The default network screen settings are certainly good and fit most of the users of home computers, in which, in fact, this product is oriented. But flexibility and undemanding to the additional settings mentioned at the beginning of the article, unfortunately achieved through the security of the selected users, making this very safety very much dependent on the human factor: knowledge and user-free use of the user itself.

For the safety of your work on the network, the component is intended Network screenin Kaspersky Internet Security 2014. All network connections on your computer based on batch / network rules Network screen assigns statuses and controls from in accordance with the established status (permits or prohibits connections).

1. How to change network status

To change the status of the network, follow these steps:

  1. At the right side of the window, click on the link Setting.
  1. In the window Setting Go to section Protection and select Network screen.

  1. In the window Network Screen Settings click the link Network.

  1. In the window Manage Networks In block Network Right-click on the connection for which you want to change the status and in context menu Choose:
    • Public NetworkIf you want to disable access to files, folders and printers, as well as a remote desktop on your computer. Such status is suitable for networks that are not protected by any antivirus programs, network screens, filters (for example, for the Internet cafe). Filtering the network activity of each program is executed in accordance with the rules for this program. By default, the Internet is assigned status Public Networkthat cannot be changed.
    • The local networkIf you want to open access for networks whose users trust access to files and printers on your computer (for example, for internal corporate network or for home network). Filtering the network activity of each program is executed in accordance with the rules for this program.
    • Trusted NetworkIf you want to open full access for safe, in your opinion, the network, when working in which the computer is not subjected to attacks and attempts to unauthorized data access on your computer. If this status is selected, any network activity will be allowed within this network.
  2. In the window Manage Networks Click on the button Change.

  1. Close the program window.

2. How to prohibit the program Internet access using a braid screen

To block the output of a specific Internet program, you can create a rule for the program in Network screen. To do this, follow these steps:

  1. In the lower right corner, click on the link Setting.

  1. In the window Setting Go to section Defense Center and select Network screen.

  1. In the window Network Screen Settings click the link Configure rules programs.

  1. In the window Program management Right-click on the program you need and select the item in the context menu. Details and rules.

  1. In the window Program rules Go to the tab Network rules and click on the button Add.

  1. In the window Add In chapter Act Choose Block.
  2. In chapter Name Enter Web Browsing..
  3. If you want the result of this network rule to be fixed in the report, check the box Record events.
  4. Click on the button Add.

  1. On the tab Network rules A rule will appear with the icon Ban.
  2. In the window Program rules Click on the button Save.

  1. Close the window Program management.
  2. Close the program window.