Jump to content

How to setup Kaspersky Internet Security 2012 for Maximum Protection


maia

Recommended Posts

Kaspersky Internet Security 2012 is a powerful and complete suite that will deliver a great level of protection right out of the box.However there are a few settings that can be tweaked or enabled in order to get an even higher degree of protection from this internet security suite.

Because each user has a different level of computer knowledge,we recommend that you experiment with Kaspersky Internet Security 2012 and choose settings based on what works best for you.

Many thanks to Jack

1. Setting Protection Center: File Anti-Virus > Change security level in File Anti-Virus in Kaspersky Internet Security 2012 to 'High'

What does File Anti-Virus in Kaspersky Internet Security do?

File Anti-Virus is a component that controls computer file system. It scans OPEN, LAUNCHED AND SAVED files on your computer and on all attached discs. Each file the user deals with is intercepted by a Kaspersky Lab product and scanned for viruses. The user can work with the file if the file is not infected or was successfully disinfected by a Kaspersky Lab product. If the file cannot be disinfected by some reasons, it is either deleted or quarantined.

How to change security level of File Anti-Virus in Kaspersky Internet Security 2012 to 'High'

The security level is defined as a preset configuration of the File Anti-Virus component settings. Kaspersky Lab specialists distinguish three security levels. The decision of which level to select should be made by the user based on the operational conditions and the current situation.For high degree of protection the 'High' level is recommended.

Alternatively you can configure the File Anti-Virus work manually, then in the settings window in the File Anti-virus section Security level will be changed to Custom.

High. Set this level if you suspect that your computer has a high chance of being infected.

Recommended. This level provides an optimum balance between the efficiency and security and is suitable for most cases.

Low. If you work in a protected environment (for example, in a corporate network with centralized security management), the low security level may be suitable. The low security level can also be set if you are working with resource-consuming applications.

In order to change the current security level, perform the following actions:

kis2012_6307_01_en.gif

If no security levels are suitable for you, you can configure the File Anti-Virus work manually, then in the settings window in the File Anti-virus section Security level will be changed to Custom.

You can restore the recommended security level by clicking the Default level button.

2. Setting Protection Center: Mail Anti-Virus > Change security level in Mail Anti-Virus in Kaspersky Internet Security 2012 to 'High'

What does Mail Anti-Virus in Kaspersky Internet Security do?

Kaspersky Lab products include a special component that protects incoming and outgoing mail from dangerous objects, Mail Anti-Virus. It loads when the operating system is started and is always running and scans all e-mail on protocols POP3, SMTP, IMAP, MAPI and NNTP, as well as secure connections (SSL) for POP3 and IMAP.

How to change security level in Mail Anti-Virus in Kaspersky Internet Security 2012 to 'High'

The Mail Anti-Virus security level is defined as a preset configuration of settings which are used by the application to protect a user e-mail.

Kaspersky Lab specialists distinguish three security levels. You may select one of the following security levels according to the operational conditions and the current situation:

High. If you work in a non-secure environment, the maximum security level will suit you the best. An example of such environment is a connection to a free e-mail service from a network that is not guarded by centralized email protection.

Recommended. This level provides an optimum balance between the efficiency and security and is suitable for most cases. This is also the default setting.

Low. If you work in a well secured environment, low security level can be used. An example of such an environment might be a corporate network with centralized e-mail security.

Kaspersky Lab specialists do not recommend to modify Mail Anti-Virus settings on your own. In most cases it is enough to select one of the security levels.

If you want to change the Mail Anti-Virus security level, perform the following actions :

kis2012_6313_01_en.gif

You can restore the default component settings at any time you want by clicking the Default level button.

3. Setting Protection Center: Web Anti-Virus> Change security level in Web Anti-Virus in Kaspersky Internet Security 2012 to 'High'

What is Web Anti-Virus in Kaspersky Internet Security 2012?

The Web Anti-Virus component in Kaspersky Internet Security 2012 is designed to ensure security while using the Internet. It protects your computer against data coming in via the HTTP and HTTPS protocols. The component also scans FTP traffic. For example, if you browse a web page which contain a link to an infected FTP resource, then this resource will be blocked.

Each open website or file is intercepted by Web Anti-Virus and analysed for malicious codes. Kaspersky Internet Security 2012 analyses files using its anti-virus databases and the heuristic analysis technology. If a web page or an object you apply to is infected, then access to this web page or file will be blocked. If the web page or the object is not infected, you will be able to work with it.

How to change security level in Mail Anti-Virus in Kaspersky Internet Security 2012 to 'High'

Web Anti-Virus includes some modes, which are called security levels. The security level is defined as a preset configuration of Web Anti-Virus settings distinguished by Kaspersky Lab specialists. Three security levels are designed in Kaspersky Internet Security 2012:

High. This security level is recommended for sensitive environments when no other HTTP security tools are being used (firewall, proxy server).

Recommended. This security level is optimal for using in most situations, because it is balanced based on system resources use and provides high protection level.

Low. Use this security level if you have additional HTTP traffic protection tools installed on your computer (firewall, proxy server etc.).

In order to change the Web Anti-Virus security level, perform the following actions:

kis2012_6315_01_en.gif

If none of the preset levels meet your needs, you can configure the Web Anti-Virus settings on your own. As a result, the security level name will be changed to Custom.

You can restore the recommended security level, set by default, by clicking the Default level button.

4. Setting Protection Center: Web Anti-Virus> Enable Geo Filter in Kaspersky Internet Security 2012

What is Geo Filter?

Web Anti-Virus in Kaspersky Internet Security 2012 contain a new technology Geo Filter. Geo Filter is designed to block access to web sites on the grounds of their belonging to regional web domains avoid web sites from the most infected regional domains. This allows you to block access to websites which belong to regional domains with a high risk of infection.

If the Geo Filter module is enabled, but the domain you try to visit is not included to the list of blocked or allowed domains, the following message will appear:

kis2012_6316_01_en.jpg

The domain is recognized as blocked in the following cases:

  • access to the domain is blocked according to the Web Anti-Virus settings configured by a user
  • last access to the domain was blocked by a user

If Geo Filter detects an attempt to access to a web site from the blocked region, the corresponding message appears.

kis2012_6316_02_en.jpg

How to enable Geo Filter in Kaspersky Internet Security 2012 :

By default, the option Enable filtering by regional domains is disabled.

In order to enable Geo Filter, perform the following actions:kis2012_6316_03_en.gif

In order to allow or block access to websites which belong to specified domains, perform the following actions:

  1. in the Web Anti-Virus window in the list of controlled domains, select the required domain and click the button Allow/Block/Prompt
  2. by performing the actions described above specify the list of blocked domains
  3. click on the OK button in the Web Anti-Virus window
  4. on the Settings window, click on the OK button
  5. close the main application window.

kis2012_6316_04_en.gif

Access permission request is set for all domains by default.

5. Setting Protection Center: Web Anti-Virus> Enable 'Block dangerous websites' module in Kaspersky Internet Security 2012

What is the 'Block dangerous websites' module in Kaspersky Internet Security 2012?

Web Anti-Virus in Kaspersky Internet Security 2012 contains a special module Block dangerous websites. The module is designed to provide safe Internet surfing by restricting access to unsecure web resources. This module blocks access to websites which have been considered as suspicious or phishing by Kaspersky URL Advisor.

If the Block dangerous websites module is enabled, Web Anti-Virus will block access to dangerous websites. If the application cannot make a clear decision on security of a website to which the URL redirects, you are offered to load this website in Safe Run for Websites mode (only if your default web browser is one of the following: Internet Explorer, Mozilla Firefox, Google Chrome).

How to enable 'Block dangerous websites' module in Kaspersky Internet Security 2012

By default, the Block dangerous websites module is disabled.

In order to enable the Block dangerous websites module, perform the following actions:

kis2012_6319_01_en.gif

6. Setting Protection Center: Web Anti-Virus> Configure Kaspersky URL Advisor from Kaspersky Internet Security 2012 to scan All URLs

What is Kaspersky URL Advisor from Kaspersky Internet Security 2012?

The URL scanning module, which is called Kaspersky URL Advisor, is managed by the Web Anti-Virus component from Kaspersky Internet Security 2012. This module checks if links located on the web page belong to the list of suspicious and phishing web addresses. Using data from the reputation services, Kaspersky Internet Security 2012 marks links in the web browser, thereby informing you about the possible dangers of this or that website even before you follow the link in question.

kis2012_6322_01_en.jpg

For Kaspersky URL Advisor you can specify the list of URLs to be scanned:

  • All URLs. All URLs on all web page will be scanned.
  • Only URLs in search results. Only URLs from web pages with search results received from search engines are checked.

Yo can also select websites categories URLs to which should be checked (for example, Illegal software or Drugs). Information concerning the category the URL belong to will be displayed in the web browser.

In Kaspersky Internet Security 2012 the list of supported web browsers has been expanded. Kaspersky URL Advisor can mark phishing and suspicious links in the following browsers:

  • Microsoft Internet Explorer
  • Mozilla Firefox
  • Google Chrome

How to configure the Kaspersky URL Advisor module

In order to enable the URL scanning module, perform the following actions:

kis2012_6322_02_en.gif

6. Setting Protection Center: Web Anti-Virus> Enable 'Online Banking' module in Kaspersky Internet Security 2012

What is the 'Online Banking' module in Kaspersky Internet Security 2012?

When working with online banking, the user needs special protection, since leakages of confidential information may lead to financial losses. Web Anti-Virus can control access to the resources that you use when working with online banking, downloading them in a safe browser, thus ensuring advanced protection. Web Anti-Virus automatically defines which web resources are online banking services. For guaranteed identification of a web resource as online banking service, you can specify its URL in the corresponding list.

How to enable 'Online Banking' module in Kaspersky Internet Security 2012

By default, the Online Banking module is disabled.

You can enable control of online banking services and create a list of resources identified by Kaspersky Internet Security 2012 as online banking services.

In order to enable control of online banking services, perform the following actions:

kis2012_6317_01_en.gif

In order to install the Kaspersky Lab certificate, perform the following actions:

kis2012_6317_02_en.gif

In order to create a list of resources which will be idenified by Kaspersky Internet Security 2011 as online banking services, perform the following actions:

kis2012_6317_03_en.gif

7.Setting Protection Center: IM Anti-Virus > Configure heuristic analysis use in IM Anti-Virus in Kaspersky Internet Security 2012 to 'Deep Scan'

What is IM Anti-Virus?

The recent increase in the popularity of instant messaging applications (or IM clients), as well as additional features for using the Internet, have created potential threats to computer security. IM clients can be used to send messages containing links to suspicious websites and to websites used by intruders for phishing attacks. Malicious applications use IM clients to send spam and links to applications (or the applications themselves) that steal users' account numbers and passwords.

The IM Anti-Virus component is included in Kaspersky Internet Security 2012 to provide protection during use of IM clients. It protects information that comes to your computer via IM protocols. The product provides protection during the use of many IM clients, including ICQ, MSN, AIM, Yahoo! Messenger, Jabber, Google Talk, Mail.Ru Agent, and IRC.

How to configure heuristic analysis use in IM Anti-Virus in Kaspersky Internet Security 2012 to 'Deep Scan'

Essentially, the heuristic method analyzes the object's activities in the system. For this purpose, any script included in an IM client's message is executed in the protected environment. If this script's activity is typical of malicious objects, the object is likely to be classed as malicious or suspicious.

By default, heuristic analysis is enabled. Kaspersky Internet Security 2012 will inform you of a malicious object detected in a message.

You can also specify the detail level of heuritstic analysis:

Light scan. In this case detection rate is lower but impact to the system is low.

Medium scan. The level is recommended by Kaspersky Lab specialists.

Deep scan. In this case detection rate is higher but impact to the system is higher.

To enable/disable the heuristic analysis, and to set the detail level for the scan, please perform the following:

kis2012_6440_01_en.gif

8.Setting Protection Center: Application Control: > Configure Application Control to set 'Untrusted' status for unknown applications

What is Application Control in Kaspersky Internet Security 2012?

The Application Control component in Kaspersky Internet Security 2012 prevents applications from executing actions which can endanger the system, monitors access to your operating system and personal data using the Digital Identity Protection module.

The Application Control component logs the actions performed by applications in the system, and manages the applications' activities, based on which group they belong to. A set of rules is defined for each group of applications. These rules manage applications' access to various resources. Based on the system security factor, all applications can be divided into four pre-set groups of applications:

Trusted. Applications with a digital signature by trusted vendors, or applications which are recorded in the base of trusted applications. These applications have no restrictions applied on actions performed in the system. Those applications' activity is monitored by Proactive Defense and File Anti-Virus.

Low Restricted. Applications that do not have a digital signature from a trusted vendor, and which are not listed in the base of trusted applications. However, these applications have received low value of the threat rating. They are allowed to perform some operations, such as access to other processes, system control, hidden network access. The user's permission is required for most operations.

High Restricted. Applications without a digital signature and which are not listed in the base of trusted applications. These applications have a high value of the threat rating. The applications of this group require the user's permission for most actions which affect the system: some actions are not allowed for such applications.

Untrusted. Applications without a digital signature and which are not listed in the base of trusted applications. These applications have received a very high value of the threat rating. Application Control blocks any actions performed by such applications.

How to configure Application Control to set 'Untrusted' status for unknown applications

When heuristic analysis is used by default, Application Control inspects each program for 30 seconds. If after that time the component does not complete identification of its threat rating, the program will receive by default the Low Restricted status (based on the Kaspersky Security Network data). For maximum protection is recommended that you configure the Application Control to set 'Untrusted' status for unknown applications.

By default Application Control will block any actions performed by the programs in the 'Untrusted' group , thus bringing a new level of security for your system.

13666639.png

Please note that when using this method, legit programs who aren't in Kaspersky white list or aren't digitally signed might be placed in the 'Untrusted' group so if a program will fail to start or run, it could be because of the limted rights of this specific group so you'll might have to manually move it from the 'Untrusted' group to a group which allows more rights to the program like the 'Trusted' or Limited Rights' groups.

71219213.png

In order to configure Application Control to set 'Untrusted' status for unknown applications, perform the following actions:

  1. open the main application window
  2. in the right upper corner of the main application window, click Settings
  3. in the upper part of the Settings window, select Protection Center
  4. in the left part of the Settings window, select Application Control
  5. in the right part of the Settings window in the Applications restriction section , select Move to the following group automatically and 'Untrusted' from the drop-down menu.

23140788.png

  1. in the Settings window, click the OK button
  2. close the main application window.

How to move a non-malicious program from the "Untrusted" group

You configured Application Control to set 'Untrusted' status for unknown applications, but now ypu have problems starting or running a legit program.

In the bellow tutorial we will show you, how can to move a program from 'Untrusted' to the 'Trusted'?

NOTE : Before moving a program from "Untrusted" to "Trusted" make sure is 100% safe.

  1. open the main application window
  2. in the right upper corner of the main application window, click Settings
  3. in the upper part of the Settings window, select Protection Center
  4. in the left part of the Settings window, select Application Control and click on "Applications"

43449967.png

5.In the new window , you will see an 'Untrusted' folder , click on it to expand the view

64327514.png

6.Click on the program that you want to move to "Trusted" ,then right click on it. Select 'Move to group' and chose 'Trusted'

54634982.png

7.Click the OK button.

9.Setting Protection Center: General settings > Use Kaspersky Internet Security 2012 in 'Interactive' Mode

What is 'Interactive' mode ?

In Interactive mode, Kaspersky Internet Security informs the user about all malicious and suspicious events. In this mode the user will manually select actions: allow or block activities.

70030974.png

While using this mode the user it will require much more user interaction but this a powerful barrier against unknown threats because it allows the user to better control its execution.

How to use Kaspersky Internet Security 2012 in 'Interactive' Mode

By default, the automatic protection mode is enabled in Kaspersky Internet Security 2012,in order to change the protection mode perform the following actions:

kis2012_6255_01_en.gif

10.Setting Protection Center: Proactive Defense > Enable the detection of keylogger behavior and operating and operating system kernel modifications in Kaspersky Internet Security 2012

What is the Proactive Defense component in Kaspersky Internet Security 2012?

The functionality of the Proactive Defense component is based on controlling and analyzing the behavior of all applications installed on the computer. The 2012 version of the Kaspersky Lab product decides whether an application is dangerous or not on the basis of the actions it performs. In this way, the computer remains protected not only from known viruses, but also from new, as yet uninvestigated viruses.

How to enable the detection of keylogger behavior and operating and operating system kernel modifications in Kaspersky Internet Security 2012

Please note that the detection from the Proactive Defense component are based on the behavior of the applications , so it is possible to receive alerts from legit applications who behave like a keylogger or trying to modify the kernel of your operating system. If you are using KIS 2012 in Interactive Mode their is no need to use this settings.

In order to enable enable the detection of keylogger behavior and operating and operating system kernel modifications in Kaspersky Internet Security 2012 , follow this steps :

  1. open the main application window
  2. in the right upper corner of the main application window, click Settings
  3. in the upper part of the Settings window, select Protection Center
  4. in the left part of the Settings window, select Proactive Defense and click on "Settings"
  5. Make sure all the boxes are checked

34069925.th.png

6.Click Ok and Apply

11.Setting Advanced Settings : Threats and Exclusions > How to configure 'Other' threats detection in Kaspersky Internet Security 2012

Kaspersky Internet Security 2012 can detect hundreds thousands of malware programs that may reside on your computer. Some of these programs impose a greater threat for your computer, others are only dangerous when certain conditions are met.

kis2012626001en.jpg

The 'Other' field enables protection against other types of threats , for example : Internet chat sites, downloader applications, monitor applications, remote administration applications, and other such applications.

This box is unchecked by default.

In order to configure 'Other' threats detection in Kaspersky Internet Security 2012 follow this simple steps :

kis2012_6260_02_en.gif

12.Network Trafic Control Settings(many thanks to Hpwamr -Nsnaforums Vip member- for great suggestion!)

Set option as in the image below:

http://imageshack.us/photo/my-images/209/10012012180047a.png/

13.Use Safe Run for Websites when browsing the internet

What is Safe Run for Websites

When you use Safe Run for Websites, all changes (saved cookies, log of visited websites, etc.) remain in the safe environment and do not affect the operating system, which means that they cannot be exploited by intruders. If necessary, you can clear all changes made to the safe browser and restore the default settings.

Safe Run for Websites supports the following browsers : Microsoft Internet Explorer, Mozilla Firefox, Google Chrome.

The browser which runs in Safe Run for Websites mode is highlighted with a green frame around the application window.

How to use Safe Run for Websites when browsing the internet

You can start safe web-browser by the following methods:

from the main application window

http://support.kaspe..._6663_01_en.gif

2.using the created shortcut.

http://support.kaspe..._6663_02_en.gif

14. Use Safe Run for Applications (only for 32bits) for running applications whose safety raises doubts

What is Safe Run for Applications

Safe Run in Kaspersky Internet Security 2012 is a secure environment isolated from the main operating system and designed for running applications whose safety raises doubts as well as for working with online banking resources when security of confidential data has a great importance. When you use Safe Run, the real objects of the operating system do not undergo changes. If a virus somehow gets access to the system resources it will be stopped by other protection components, namely HIPS, Proactive Defense and File Anti-Virus. Safe Run in interaction with these components considerably increases protection level against penetration of both known and unknown threats onto your PC.

So even if you run an infected application in Safe Run, all of its actions will be limited to the virtual environment without affecting the operating system.

How to use Safe Run for Applications (only for 32bits) for running applications whose safety raises doubts

Safe Run for Applications opens in the full-screen mode and represents a copy of the main desktop with all file system objects. You can create a list of applications that will run automatically when you start Safe Run for Applications.

By default, after you close Safe Run for Applications, all changes you have made during the last session will be saved and remain available at the next startup. If necessary, you can clear all changes made to the safe environment.

You can open the safe desktop by the following methods:from the main application window of Kaspersky Internet Security 2012

http://support.kaspe..._6372_01_en.gif

from the context menu of Kaspersky Internet Security 2012

http://img52.imagesh...012637202en.jpg

using the created shortcut

http://support.kaspe..._6372_03_en.gif

Done!!!

Link to comment
Share on other sites


  • Replies 7
  • Views 2.8k
  • Created
  • Last Reply

flaubert: thanks for the information and really good tutorial guide. I will follow your method for better protection with KIS 2012.

Link to comment
Share on other sites


I'd love to see the test results done with the 'maximum' settings. I highly doubt if any malware will be successful in penetrating the system with such aggressive settings.

Link to comment
Share on other sites


Thank you very much Flaubert, it's really a very nice guide. :clap:

Link to comment
Share on other sites


Hello guys.... ;)

I have edited point numer 12: added optimal settings for menu "Network Trafic Control Settings": for this,many thanks to hpwamr: I gave this good advice!

Link to comment
Share on other sites


am using KIS since 4 yrs.most of da above settings am using.not even one time my system infected til now.KIS is really SUPERBBBB...

btw VERY NICE POST...thanks for da post

Link to comment
Share on other sites


  • 1 month later...

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...