Jump to content
Peter222

KS4WS Trusted process cannot add by path

Recommended Posts

Have an incident open regarding this issue: INC000008055876, but not getting anywhere with it.

The Critical fix KB13463 (http://support.kaspersky.com/13463#block1) was suppose to add functionality to the Trusted Zones feature to trust processes not only by path and hash, but by path only if desired. The problem with the default functionality is that we have backup software on servers of different versions and what happens is that the filenames are the same between versions, but the file hashes are obviously different, and KS4WS overwrites the trusted processes based on the filename and it's not looking at the file hash.

The new functionality also seems half baked in terms of the fact that I had to create registry files and a batch file to push it out to the KS4WS servers (to allow path only trusted processes).  This functionality should be included in KSC instead of having to craft registry files, create packages, etc.

Not all servers are in a domain either, so group policy is not an option. When trying to add path only in the local console or KSC policy I am unable to add a path and can only browse for local files. See screenshot. I even created XML exports of the various backup executables from the KS4WS servers but when I import them into the KSC policy, again, it overwrites based on the file name instead of looking at both the filename and hash.

I was initially told that the backup processes also need to be added to trusted processes after I had some issues with KS4WS blocking some files used by the backup software. After excluding these folders in KS4WS policy at least this issue went away. No the issue of adding the backup software executables as trusted processes remains.

 

KSC-KS4WS-Server-Policy-cant-add-BE-path.png

Edited by Peter222

Share this post


Link to post
3 hours ago, Peter222 said:

Have an incident open regarding this issue: INC000008055876, but not getting anywhere with it.

The Critical fix KB13463 (http://support.kaspersky.com/13463#block1) was suppose to add functionality to the Trusted Zones feature to trust processes not only by path and hash, but by path only if desired. The problem with the default functionality is that we have backup software on servers of different versions and what happens is that the filenames are the same between versions, but the file hashes are obviously different, and KS4WS overwrites the trusted processes based on the filename and it's not looking at the file hash.

The new functionality also seems half baked in terms of the fact that I had to create registry files and a batch file to push it out to the KS4WS servers (to allow path only trusted processes).  This functionality should be included in KSC instead of having to craft registry files, create packages, etc.

Not all servers are in a domain either, so group policy is not an option. When trying to add path only in the local console or KSC policy I am unable to add a path and can only browse for local files. See screenshot. I even created XML exports of the various backup executables from the KS4WS servers but when I import them into the KSC policy, again, it overwrites based on the file name instead of looking at both the filename and hash.

I was initially told that the backup processes also need to be added to trusted processes after I had some issues with KS4WS blocking some files used by the backup software. After excluding these folders in KS4WS policy at least this issue went away. No the issue of adding the backup software executables as trusted processes remains.

Hello.

The incident you created earlier is currently being processed. We recommend that you proceed with this within CompanyAccount since we will have to close the incident otherwise, and it is not likely that the forum support might provide any information that our engineer already hasn't (the incident had been escalated to Expert support).

Thank you.

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.