Question for veterans

[MassGravy]

Hey everyone,

I've just started using Kaspersky and it's been great so far. I have a couple of questions for those who have been using it for a while.

First, are there any recommended settings I should change or look out for? Any tips would be appreciated!

Second, I'm trying to configure the firewall notifications. I turned off "Perform recommended actions automatically" and set the "Trusted" group's network setting to "Ask user." The issue is that it asks for permission for every single IP, not just once for the application itself. Is there a way to make it ask only once when an app wants internet access, instead of for each IP?

If that's not an option, does Kaspersky play well with third-party firewalls (like Simplewall or Fort Firewall)? If it does, should I disable Kaspersky's built-in firewall?

[harlan4096]

Welcome to Kaspersky Community,

 

2.- Unfortunately, this is how Kaspersky FireWall works. You can try to disable it, and try those 2 You mentioned.

 

1.- Well, it depends on what kind of use You are...  For a standard user, defaults settings should be enough and ok. If You are an advanced user, that installs applications downloaded from suspicious sources, and visit sites of low reputation, then there are settings that can harden and raise the prevention.

[MassGravy]

5 hours ago, harlan4096 said:

1.- Well, it depends on what kind of use You are...  For a standard user, defaults settings should be enough and ok. If You are an advanced user, that installs applications downloaded from suspicious sources, and visit sites of low reputation, then there are settings that can harden and raise the prevention.

Thank you for your response.

Besides the Trust digitally signed applications and Trust group for applications not included in other groups settings in Intrusion Prevention, are there any other settings I can change to further harden the system? If so, please let me know.

Also, if I don't use an email client, is it safe to disable Mail Anti-Virus?

Edited Thursday at 03:03 PM by MassGravy

[harlan4096]

Yes, un ticking Trust digitally signed applications, may help, also Trust group for applications not included in other groups set to Untrusted, this will harden the system while keeping on KSN rules (this is a "Hybrid Default Deny" approach), this is how I have it, BUT (there is always a but!), this may break installation process while installing unsigned applications, or applications with not approved certificates. So, if you trust those apps, You will have to move manually to trusted group, even sometimes adding some exclusions for the application to install or run in Intrusion Prevention -> Manage Applications -> rules of the app, as an example: