Application management via the graphical user interface

You can do the following in the Kaspersky Embedded Systems Security graphical user interface:

• View information about device protection status.
• Enable and disable application components:
  • File Threat Protection.
  • Removable Drives Scan.
  • Web Threat Protection.
  • Network Threat Protection.
  • Anti-Cryptor.
  • Firewall Management.
  • Application Control.
  • Device Control.
  • Behavior Detection.
  • System Integrity Monitoring.
• Start and stop scan tasks:
  • Malware Scan.
  • Critical Areas Scan.
• Run a custom scan of files and directories.
• Start and stop database update and rollback tasks.
• Enable and disable Kaspersky Security Network.
• View application statistics and reports.
• Manage application license keys and view information about the license under which the application is being used as well as the key associated with the license.
• View information about objects placed in Backup.
• Create application trace files.

If an application component or task is running in

Graphical user interface

Application icon in the notification area

After the Kaspersky Embedded Systems Security graphical user interface package is installed on the device, the application icon appears on the right side of the taskbar notification area.

The application icon acts as a shortcut to the context menu and the main application window.

The context menu of the application icon contains the following items:

• Kaspersky Embedded Systems Security 3.4 for Linux. Opens the main application window, which displays the protection status of a device and contains interface elements that provide access to the application functions.
• Exit. Exits the application graphical user interface.

Main application window

To open the main application window, perform one of the following actions:

• Right-click or double-click the application icon in the notification area of the taskbar.
• Select the application name in the application menu of the operating system window manager.

The main application window is divided into several parts:

• The central part of the main application window displays the protection status of the device. Clicking this part of the window opens the Protection Center window. This window displays information about the protection status of a device and recommendations on the actions to be performed to fix protection problems (if any).
• The Scan button displays the Malware Scan task status and the number of detected threats. Clicking this button opens the Scan window. In this window, you can start and stop the Malware Scan and Critical Areas Scan tasks.
• The Update button displays the status of the Update task. Clicking this button opens the Update window. In this window, you can start the Update and Rollback tasks. Also, you can view reports for these tasks.
• The lower part of the main application window contains the following elements:
  • Reports button. Clicking this button opens the Reports window, where you can view component and task statistics and various reports.
  • Backup button. Clicking this button opens the Backup window, which contains information about objects in Backup.
  • Settings button. Clicking this button opens the Settings window, where you can enable or disable application components and configure the use of the Kaspersky Security Network.
  • Support button. Clicking this button opens the Support window, which displays the current version of the application and the following information:
    • License key displays the active main license key added to the application, or a message saying that no key has been added. The link in this field opens the Licenses window, which displays detailed license information.
    • Key status displays information about the status of the active main license key, or a message saying that no key has been added.
    • Database release date – status and release date of the application databases.
    • Operating system – information about the operating system of the device.
    • Application management – Information about whether the device is managed by a policy.

    The following links are displayed at the bottom of the Support window:

    • Knowledge Base, which opens the Knowledge Base page.
    • Tracing, which opens the Tracing window. In this window, you can create application trace files and configure the level of detail of the trace files.
    • Support, which opens the Tracing window.
    • Licenses, which opens the Licenses window, which displays detailed license information.
• The lower part of the main application window displays information about the license and the key, as well as about licensing problems (if any). Clicking on this area of the window opens the Licenses window, which displays detailed license information.

  Clicking the Purchase a license button in this window opens the Kaspersky online store, where you can purchase a license. After purchasing a license, you will receive an activation code or a key file, which you will need to use to activate the application.

Enabling and disabling application components

You can use the graphical user interface to enable or disable application components. If the component is enabled, the Disable button is available.

By default, the following components are enabled: File Threat Protection, Device Control, and Behavior Detection. The Web Threat Protection component can be enabled automatically if local management of Web Threat Protection settings is allowed on the device (a policy is not applied or the "lock" is not set in the policy properties) and one of the supported browsers is detected in the system.

If a component is disabled, the Enable button will be available.

To enable or disable an application component:

1. Open the main application window.
2. In the lower part of the main application window, click the Settings button.

   The Settings window opens.

3. Click Enable or Disable for the component.

Starting and stopping scan tasks

To start or stop a scan task:

1. Open the main application window.
2. In the main application window, click Scan.

   The Scan window will open.

3. Do one of the following:
   • To start a scan task, click the Start button under the scan task that you want to start.

     The progress of the running scan task is displayed.

   • To stop a scan task, click the Stop button under the scan task that you want to stop.

     The scan task stops, and information about the scanned objects and detected threats is displayed.

4. To view the report on the scan task, click the Show report button.

When an infected object is detected or the scan task is completed, a pop-up window appears in the notification area near the application icon on the right side of the taskbar.

The Scan window also displays the progress and results of temporary boot sector scan tasks (Scan_Boot_Sectors_{ID}) and temporary custom file scan tasks (Scan_File_{ID}). You can hide information about temporary tasks that are already completed by clicking the cross or by closing the Scan window (when switching to the main window or when exiting the application).

Starting a custom scan

You can use the graphical user interface to run a custom scan of files and directories.

To run a custom scan of a file or directory:

1. Right-click the file or directory that you want to scan to open the context menu.
2. Select Kaspersky Embedded Systems Security 3.4 for Linux as the application for scanning the file or directory.

   Depending on the desktop environment, the names of the context menu commands may differ.

The custom scan task and its progress are displayed in the graphical user interface.

Starting and stopping the Update task

To start or stop an update task:

1. Open the main application window.
2. In the main application window, click Update.

   The Update window opens.

3. Do one of the following:
   • To start a task, click the Start button under the task that you want to start.

     The progress of the running update task is displayed.

     If the Update task finishes successfully, the Roll back update link becomes available, and you can roll back the last successful database update.

   • To stop a task, click the Stop button under the scan task that you want to stop.

     The Update task stops.

4. To view the report on the task, click the Show report button.

To start a rollback task:

1. Open the main application window.
2. In the main application window, select the Update section.

   The Update window opens.

3. Run the Rollback task by clicking the Roll back update link.

Configuring Kaspersky Security Network

Using the graphical user interface, you can enable or disable Kaspersky Security Network usage.

To enable use of Kaspersky Security Network:

1. Open the main application window.
2. In the lower part of the main application window, click the Settings button.

   The Settings window opens.

3. In the Settings window, select one of the following options:
   • Extended KSN mode, if you want to use Kaspersky Security Network, obtain information from the knowledge base, and send anonymous statistics and information about the types and sources of threats.
   • Basic KSN mode, if you want to use Kaspersky Security Network, obtain information from the knowledge base, but not to send anonymous statistics and information about the types and sources of threats.
4. Click the Enable button.

   The Using Kaspersky Security Network window opens.

5. In the Using Kaspersky Security Network window, carefully read the Kaspersky Security Network Statement and select the I confirm that I have fully read, understand, and accept the terms and conditions of the Kaspersky Security Network Statement option.
6. Click OK.

   The OK button is not available if none of the options are selected in the Use of Kaspersky Security Network window.

To disable use of Kaspersky Security Network:

1. Open the main application window.
2. In the lower part of the main application window, click the Settings button.

   The Settings window opens.

3. Click Enable.
4. In the window that opens, click the Yes button to decline use of Kaspersky Security Network.

Viewing reports

You can use the graphical user interface to view application reports. Reports contain information about the operation of application components and tasks.

Report data is presented as a table that contains a list of events. Each line in the table contains information about a separate event. Event attributes are displayed in the table columns. Events logged while various components and tasks are running have different sets of attributes.

The following event importance levels are used in reports:

• Critical – events with the critical importance level that need your attention as they indicate problems in the application operation or vulnerabilities in the device protection
• High
• Medium
• Low
• Information
• Error

Reports are displayed in the window that opens when clicking Reports in the lower part of the main application window.

The following reports are available in the application:

• Statistics. This report contains File Threat Protection and scan task statistics. You can update the displayed report by clicking the Reload button.
• System audit. This report contains information about events that occur during the application operation and during the user interaction with the application.
• Threat protection. This report contains information about the events that are logged while the following application components were running:
  • File Threat Protection.
  • Removable Drives Scan.
  • Anti-Cryptor.
  • Web Threat Protection.
  • Network Threat Protection.
  • Firewall Management.
  • Application Control.
  • Device Control.
  • Behavior Detection.
  • System Integrity Monitoring.
• On-demand tasks. This report contains information about events logged by scan tasks, update tasks, and system integrity check tasks.

To view the report:

1. Open the main application window.
2. In the lower part of the main application window, click the Reports button.

   The Reports window will open.

3. In the left part of the Reports window, select the required report type.

   A report containing a list of events is displayed in the right part of the window.

   By default, events are sorted in ascending order by the values in the Date column.

4. To view detailed information about an event, select the event in the report.

   The section that contains the attributes of this event is displayed at the bottom of the window.

For convenient processing of reports, you can modify the presentation of data on the screen in the following ways:

• Filter the list of events by occurrence time.
• Use the search function to find a specific event.
• View the selected event in a separate section.

Viewing Backup objects

You can use the graphical user interface to take the following actions on Backup objects:

• View information about objects placed in Backup on the device.
• Restore objects from Backup to their original directories.
• Remove objects from Backup. Deleted objects cannot be restored in the future.

Information about restoring and deleting objects is saved to the event log.

To view objects in Backup:

1. Open the main application window.
2. In the lower part of the main application window, click the Backup button.

   This opens the Backup window.

In this window the following information about the objects in Backup storage is displayed:

• Object name.
• Full path to an object.
• The date when the object was added to Backup.
• The date when the object was deleted from Backup (this field is displayed if Backup retention period is set).
• Object size.

Page top

Managing license keys

Using the graphical user interface, you can add and remove application license keys, and view information about the license under which the application is being used as well as the associated license key.

You can activate the application by adding an active license key.

Activation is the process of activating a license that allows you to use a fully functional version of the application until the license expires.

You can also add a reserve key to the application. A reserve key becomes active when the license associated with the active key expires or when the active key is deleted. Availability of a reserve key allows you to avoid application functionality limitation when your license expires.

A reserve license key can be added only after adding an active license key.

Adding a license key

To add an active license key to the application:

1. Open the main application window.
2. Do one of the following:
   • In the lower part of the main application window, click the area, which displays information about the license and the key.
   • In the lower part of the main application window, click the Support button and in the Support window that opens, open the Licenses window using the link in the Key field.

   The Licenses window will open. Clicking the Purchase a license button in this window opens the Kaspersky online store, where you can purchase a license.

3. You can activate the application under a commercial license or under a trial license.

   To activate the application under a commercial license:

   1. Click the Add button in the Commercial key section and perform the following actions, depending on the method you are using to add the key:
      • If you want to add a key using an activation code, enter the activation code and click the Next button.
      • If you want to add a key using a key file, click the Add Key button and select a file with a .key extension in the window that opens.

      The window displays information about the key and the license associated with it.

   2. Click the Activate button.

   To activate the application under a trial license, click the Activate button in the Trial key section. The window displays information about the trial license and the associated key.

   You can use the application under a trial license for only one trial period.

After adding an active key for the application, you can add a reserve key. To start adding a reserve key, use the Add button in the upper part of the Licenses window.

Removing a license key

To remove a license key that has been added to the application:

1. Open the main application window.
2. Do one of the following:
   • In the lower part of the main application window, click the area, which displays information about the license and the key.
   • In the lower part of the main application window, click the Support button and in the Support window that opens, open the Licenses window by clicking the link in the License key field or the Licenses link in the lower part of the window.

   This opens the Licenses window.

3. Click the Remove button to the right of the information about the key that you want to remove.
4. Confirm the removal in the window that opens.

Viewing licensing information

To view license information:

1. Open the main application window.
2. Do one of the following:
   • In the lower part of the main application window, click the area, which displays information about the license and the key.
   • In the lower part of the main application window, click the Support button and in the Support window that opens, open the Licenses window using the link in the Key field.

   The Licenses window will open.

The window displays information about the license under which the application is being used and about the license associated with the reserve key, if a reserve key has been added to the application. Click the More info link to view full information about the licenses and keys.

The Current licenses section displays information about active keys and associated licenses:

• License type, license limitation, and license term.
• Key is the unique alphanumeric sequence.
• Key status – the status of the key or a message about the problems associated with the key (if any).
• Valid from – date when the application was activated by adding this key.
• Expires – the number of days before the license expires and the license expiration date in UTC format.
• Application name – the name of the application for which the activation key was added.
• Protection – information about restrictions on protection functions and the ability to update application databases.

The Reserve keys section displays information about reserve keys and associated licenses:

• Type of reserve key, license limit, and license term associated with the key.
• Key is the unique alphanumeric sequence.
• License type – the type of license associated with the reserve key.
• Application name – the name of the application for which the activation key was added.
• Protection – information about restrictions on protection functions and the ability to update application databases.

Creating a trace file

You can use the graphical user interface to create application trace files and define the level of detail in these.

To create a trace file:

1. Open the main application window.
2. In the lower part of the main application window, click the Support button.

   The Support window opens.

3. Click the Tracing link to open the Tracing window
4. In the Level drop-down list, select the level of detail for the trace file.

   You are advised to clarify the required level of detail with a Kaspersky Technical Support specialists. The default value is Diagnostic (300).

5. Click the Enable button to start tracing.
6. Reproduce the situation which caused the problem.
7. Click the Disable button to stop tracing.

Created trace files are stored in the /var/log/kaspersky/kess/ directory.