Jump to content
cdaniel

KES 11 blocking webcam in Zoom

Recommended Posts

Цитата

I think we need to work on getting Zoom and Skype for Business to show up in the list of applications in the Host Intrusion Prevention system so that I can add them to Trusted.  Make sense?

Could you please provide us with Network Agent policy for that host?

Thank you!

Share this post


Link to post

I can't add them to "Trusted" under the Host Intrusion Prevention section of the KES policy because the applications do not show up in the list.  That was what I meant when I said I would like some help getting them to show up in the list of applications so that I can mark them as "Trusted".

If I take the client machine out of the KSC policy and then open KES manually I'm able to see the app and can add them to Trusted and then everything works great.  But I can't do that using the policy on the KSC.  I need to be able to do it on the KSC as this will be an issue for multiple workstations.

Thanks

Share this post


Link to post

As I have already stated in this thread and as you should already be able to see from the policy I attached earlier, the setting to "Gather information about applications that are started on user computers" is already enabled.  The issue is that it is not working fully as the applications in question are not showing up on the KSC for inclusion in the Host Intrusion Prevention module.  Thanks.

Share this post


Link to post

Usage of %Userprofile% variable is not supported. It is not a global variable, and could be used only in userspace applications, which KES is not, protection process is running under SYSTEM account. 

Also you should enable KSN to have a better verdicts for Host Intrusion Prevention. 

Share this post


Link to post

On every KES install I've ever done there's one avp.exe process running as SYSTEM and one running as the logged in user, but really that doesn't matter. Kaspersky is definitely the cause of these applications not operating properly because when I disable KES they all run fine and the cameras work.  Adding them to the exclusion worked for one user but not others.  If that really is because %userprofile% is an unsupported variable then that's fine, tell me how I can either exclude these programs correctly or get them added to the Trusted list on the Host Intrusion Prevention (preferable option).

Share this post


Link to post

Thanks, that does work to get the application added, but only works for that one workstation.  I need to be able to add it to the Host Intrusion system on the MES policy on the server side. 

 

Thanks

Charlie

Share this post


Link to post

Hi, 

you can add an exclusion just as 'filename.exe'. In that case all files that have "filename.exe" name will not be scanned no matter where it is located.

Please notice that this solition is vulnarable, because the file could be replaced(or added) with maliciouse one. 

Is this solution acceptable to you?

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.