Default Deny for Applications, Drivers and Libraries
Windows Embedded systems are fixed passive systems designed to undertake a strictly limited range of functions, often involving credit and debit cards. By effectively ‘freezing’ the system—preventing any drivers, libraries or applications not on an approved list from launching—Kaspersky Embedded Systems Security denies potential attackers, including insiders or third party service providers, access to any of these means.
Antivirus On-Demand and Firewall Management
Kaspersky Embedded Systems Security can be installed in ‘Default Deny for Applications and Devices only’ mode to minimize the impact on hardware resources. The solution also can centrally manage firewalls and can be installed with the inclusion of an antivirus module providing on-demand scanning controls within the same license. Should malware penetrate all these defenses, optional real-time antivirus protection from Kaspersky Security Network can also come into play.
In support of regulatory requirements, Kaspersky Embedded Systems Security offers specific features including File Integrity Monitoring and Log Audit in our Compliance Edition. This also includes features like Default Deny, Antivirus, Firewall Management, Device Control and optional Patch Management, all administered through Kaspersky Security Center and designed to help secure embedded systems in compliance with international standards. So there’s no longer any need to purchase three separate solutions from different vendors, or to choose between effective protection and regulatory compliance.
The solution has been designed specifically to mitigate cybersecurity risks to systems based on Embedded operating systems, protecting the attack surfaces unique to these architectures while respecting related hardware and efficiency considerations. A single intuitive console gives you the control and visibility you need to effectively manage multi-layered security for your endpoints, your critical systems and your whole IT infrastructure. The Default Deny, Device Control and Memory Protection modules included are absolutely essential to effective embedded systems protection, while additional modules further enhance security levels where required.