Managing application using graphical user interface

You can manage Kaspersky Embedded Systems Security operation using the graphical user interface.

Application interface

Application icon in the notification area

After Kaspersky Embedded Systems Security graphical user interface package is installed, the application icon appears on the right, in the taskbar notification area.

The application icon acts as a shortcut to the context menu and the main application window. You can open the context menu of an application icon by right-clicking the icon.

The context menu of the application icon contains the following items:

• Kaspersky Embedded Systems Security 3.3 for Linux. Opens the main application window, which displays the protection status of your device and contains interface elements that provide access to the application functions.
• Exit. Exits the application graphical user interface.

Main application window

The main application window is divided into several parts:

• The central part of the main application window displays the protection status of your device. Clicking this part of the window opens the Protection Center window. This window displays information about the protection status of your device and recommendations on the actions to be performed to fix protection problems (if any).
• The Scan button displays the Malware Scan task status and the number of detected threats. Clicking this button opens the Scan window. In this window, you can start and stop the Malware Scan, Critical Areas Scan and Container Scan tasks. Also, you can view reports for these tasks.
• The Update button displays the status of the Update task. Clicking this button opens the Update window. In this window, you can start the Update and Rollback tasks. Also, you can view reports for these tasks.
• The lower part of the main application window contains the following elements:
  • Reports button. Clicking this button opens the Reports window, where you can view task statistics and various reports.
  • Storage button. Clicking this button opens the Storage window, which contains information about objects in the Storage.
  • Setting button. Clicking this button opens the Settings window, where you can enable or disable application monitoring tasks, as well as use the Kaspersky Security Network.
  • Support button. Clicking this button opens the Support window, which contains information about the current application version, license key, application database status, operating system, as well as the links to Kaspersky information resources.
• The lower part of the main application window displays information about the license and the key, as well as about licensing problems (if any). Clicking this part of the window opens the License window. This window also displays detailed information about the license. You can also open this window from the Support window using the link with the license key.

To open the main application window, perform one of the following actions:

• Right-click or double-click the application icon in the notification area of the taskbar.
• Select the application name in the application menu of the operating system window manager.

Managing tasks

The application graphical user interface allows you to enable or disable the following application monitoring tasks:

• File Threat Protection.
• System Integrity Monitoring.
• Firewall Management.
• Anti-Cryptor.
• Web Threat Protection.
• Device Control.
• Removable Drives Scan.
• Network Threat Protection.
• Behavior Detection.
• Application Control.

The application graphical user interface also allows you to run the following tasks on demand:

• Malware Scan.
• Custom Scan (can be started by clicking a file or directory that you want to scan).
• Critical Areas Scan.
• System Integrity Check.
• Container Scan.
• Update.
• Rollback.

You can also manage the use of Kaspersky Security Network.

Enabling and disabling application monitoring tasks

You can enable or disable the monitoring tasks of the application. If the task is enabled, the Disable button is available. By default, the following tasks are enabled: File Threat Protection, Web Threat Protection, Device Control, and Behavior Detection.

If a task is disabled, the Enable button is available.

To enable or disable an application monitoring task:

1. Open the main application window.
2. In the lower part of the main application window, click the Settings button.

   The Settings window opens.

3. Do one of the following for the required task:
   • Click Enable to enable the task.
   • Click Disable to disable the task.

Starting and stopping scan tasks

Using the application's graphical user interface, you can start and stop the Malware Scan, Critical Areas Scan and Container Scan tasks.

To start or stop a scan task:

1. Open the main application window.
2. In the main application window, select the Scan section.

   The Scan window will open.

3. Do one of the following:
   • To start a scan task, click the Start button under the scan task that you want to start.

     The progress of the running scan task is displayed.

   • To stop a scan task, click the Stop button under the scan task that you want to stop.

     The scan task stops, and information about the scanned objects and detected threats is displayed.

4. To view the report on the scan task, click the Show report button.

When an infected object is detected or the scan task is completed, a pop-up window appears in the notification area near the application icon on the right side of the taskbar.

The Scan window also displays the progress and the results of the temporary Scan_Boot_Sectors_ {ID} and Scan_File_ {ID} tasks. You can hide information about temporary tasks that are already completed by clicking the cross or by closing the Scan window (when switching to the main window or when exiting the application).

Start and stop the Update tasks

Using the application graphical user interface, you can run the Update and Rollback.

To start or stop a database update task:

1. Open the main application window.
2. In the main application window, select the Update section.

   The Update window opens.

3. Do one of the following:
   • To start a task, click the Start button under the task that you want to start.

     The progress of the running update task is displayed.

     If the Update task finishes successfully, the Rollback update link becomes available, and you can roll back the last successful database update.

   • To stop a task, click the Stop button under the scan task that you want to stop.

     The Update task stops.

4. To view the report on the task, click the Show report button.

To start a rollback task:

1. Open the main application window.
2. In the main application window, select the Update section.

   The Update window opens.

3. Run the Rollback task by clicking the Rollback update link.

Configuring Kaspersky Security Network

Using the graphical user interface, you can enable or disable usage of Kaspersky Security Network.

To enable use of Kaspersky Security Network:

1. Open the main application window.
2. In the lower part of the main application window, click the Settings button.

   The Settings window opens.

3. Select one of the following options:
   • KSN with statistics sharing (extended KSN mode) — to use Kaspersky Security Network, obtain information from the knowledge base, and send anonymous statistics and information about the types and sources of threats.
   • KSN without statistics sharing — to use Kaspersky Security Network, obtain information from the knowledge base, but not to send anonymous statistics and information about the types and sources of threats.
4. Click the Enable button.
5. In the Use of Kaspersky Security Network window, carefully read the Kaspersky Security Network Statement, and select one of the following options:
   • I confirm that I have fully read, understand, and accept the terms and conditions of the Kaspersky Security Network Statement, to use Kaspersky Security Network.
   • I do not accept the terms and conditions of the Kaspersky Security Network Statement, to disable usage of Kaspersky Security Network.
6. Click OK.

   The OK button is not available if none of the options are selected in the Use of Kaspersky Security Network window.

To disable use of Kaspersky Security Network:

1. Open the main application window.
2. In the lower part of the main application window, click the Settings button.

   The Settings window opens.

3. Click Enable.
4. In the window that opens, do one of the following:
   • Click Yes to stop using Kaspersky Security Network.
   • Click Cancel to continue using Kaspersky Security Network.

Viewing reports

Information about operation of the application tasks is recorded to the application reports.

Report data is presented as a table that contains a list of events. Each line in the table contains information about a separate event. Event attributes are displayed in the table columns. Events logged during the performance of various tasks have different sets of attributes.

The following event importance levels are used in reports:

• Critical – events with the critical importance level that need your attention as they indicate problems in the application operation or vulnerabilities in the device protection
• High
• Medium
• Low
• Information
• Error

The application provides the following reports listed in the left part of the Reports window:

• Statistics. This report contains statistical information about the File Threat Protection task and scan tasks. You can update the displayed report by clicking the Reload button.
• System audit. This report contains information about events that occur during the application operation and during the user interaction with the application.
• Threat protection. This report contains information about the events that are logged while the following application monitoring tasks were running:
  • Anti-Cryptor.
  • System Integrity Monitoring.
  • Firewall Management.
  • Web Threat Protection.
  • Application Control.
  • Device Control.
  • Removable Drives Scan.
  • Network Threat Protection.
  • Behavior Detection.
  • File Threat Protection.
• On-demand tasks. This report contains information about the events that are logged while the following application tasks were running:
  • Scan tasks.
  • Update.
  • System Integrity Check.

To view the report:

1. Open the main application window.
2. In the lower part of the main application window, click the Reports button.

   The Reports window will open.

3. In the left part of the Reports window, select the required report type.

   A report containing a list of events is displayed in the right part of the window.

   By default, events are sorted in ascending order by the values in the Date column.

4. To view detailed information about an event displayed in a separate section of the report, select this event in the report.

   The section that contains the attributes of this event is displayed at the bottom of the window.

For convenient processing of reports, you can modify the presentation of data on the screen in the following ways:

• Filter the list of events by occurrence time.
• Use the search function to find a specific event.
• View the selected event in a separate section.

Viewing objects in the Storage

To view objects in Storage:

1. Open the main application window.
2. In the lower part of the main application window, click the Storage button.

   The Storage window opens.

In this window the following information about the objects in Storage is displayed:

• Object name.
• Full path to an object.
• Date when the object was added to the Storage.
• Date when the object was removed from the Storage (this field is displayed if the DaysToLive setting is specified).
• Object size.

You can restore objects from the Storage to their original directories. You can also delete objects from the Storage. Deleted objects cannot be restored in the future. Information about these actions is recorded in the event log.

Viewing licensing information

To view license information:

1. Open the main application window.
2. Do one of the following:
   • In the lower part of the main application window, click the area, which displays information about the license and the key.
   • In the lower part of the main application window, click the Support button and in the Support window that opens, open the License window using the link with a unique alphanumeric sequence, which is displayed in the Key field.

   The License window opens.

This window displays the following information about the license:

• Active key – unique alphanumeric sequence.
• Key status – the status of the key or a message about the problems associated with the key (if any).
• Valid from – date when the application was activated by adding this key.
• License expires – the number of days before the license expires and the license expiration date in UTC format.
• A summary of your license or information about any licensing issues and recommendations on how to resolve the issues, if any.

Clicking the Details link displays the following information:

• Application name – name of the application for which the license associated with the key is intended.
• Protection – Information about the available application functions and a list of available application components (availability of application functions and components depends on the license associated with the key).

Creating a trace file

To create a trace file:

1. Open the main application window.
2. In the lower part of the main application window, click the Support button.

   The Support window opens.

3. Click the Tracing link to open the Tracing window
4. In the Level drop-down list, select the level of detail for the trace file.

   You are advised to clarify the required level of detail with a Kaspersky Technical Support specialist. The default value is Diagnostic (300).

5. Click the Enable button to start tracing.
6. Reproduce the situation which caused the problem.
7. Click the Disable button to stop tracing.

Created trace files are stored in the /var/log/kaspersky/kess/ directory. Trace files contain information about the operating system, and may also contain personal data.