Kaspersky MOBILE SECURITY 7.0 ENTERPRISE EDITION User Manual
KASPERSKY LAB
Kaspersky Mobile Security 7.0
Enterprise Edition
USER’S GUIDE
KASPERSKY M OBIL E S ECURI T Y 7.0 E N T ERP R I SE
EDI T I O N
User’s Guide
Kaspersky Lab
http://www.kaspersky.com
Revision Date: August, 2009
Table of Contents
CHAPTER 1. KASPERSKY MOBILE SECURITY 7.0 ENTERPRISE EDITION ......... 5
1.1. Hardware and software requirements .................................................................. 6
1.2. Distribution Kit ........................................................................................................ 6
1.3. Installing Kaspersky Mobile Security .................................................................... 6
1.3.1. Installing using the user‟s computer ............................................................... 7
1.3.2. Installing using an SMS message .................................................................. 7
1.4. Activating the application ....................................................................................... 8
CHAPTER 2. KASPERSKY MOBILE SECURITY FOR SYMBIAN OS........................ 9
2.1. Using the application ............................................................................................. 9
2.1.1. Starting the application ................................................................................... 9
2.1.2. Graphical user interface ............................................................................... 10
2.1.3. General settings ............................................................................................ 11
2.1.4. Anti-virus scan and protection ...................................................................... 12
2.1.5. Using Quarantine .......................................................................................... 17
2.1.6. Using Anti-Spam ........................................................................................... 19
2.1.7. Using Anti-Thief ............................................................................................ 24
2.1.8. Updating the application bases .................................................................... 27
2.1.9. Updating the application operation settings ................................................. 30
2.1.10. Using the Firewall module .......................................................................... 31
2.1.11. Viewing report about the application operation ......................................... 32
2.2. Uninstalling the application .................................................................................. 33
CHAPTER 3. KASPERSKY MOBILE SECURITY FOR MICROSOFT WINDOWS
MOBILE .......................................................................................................................... 36
3.1. Getting started ..................................................................................................... 36
3.1.1. Starting the application ................................................................................. 36
3.1.2. Graphical user interface ............................................................................... 37
3.2. Anti-virus scan and Real-Time protection ........................................................... 38
3.2.1. On-demand scan .......................................................................................... 39
3.2.2. Real-time protection ...................................................................................... 41
3.2.3. Scheduled scan ............................................................................................ 42
4 Kaspersky Mobile Security 7.0 Enterprise Edition
3.3. Using Quarantine................................................................................................. 43
3.4. Using Anti-Spam and Anti-Theft modules .......................................................... 44
3.4.1. Anti-Spam module ........................................................................................ 45
3.4.2. The Anti-Theft tab ......................................................................................... 48
3.5. Updating the application bases ........................................................................... 51
3.6. Updating the application operation settings ........................................................ 53
3.7. Firewall ................................................................................................................. 53
3.8. Viewing reports about the application operation ................................................ 54
3.9. Uninstalling the application .................................................................................. 55
APPENDIX A. KASPERSKY LAB ................................................................................. 59
APPENDIX B. CRYPTOEX LLC ................................................................................... 61
APPENDIX C. KASPERSKY LAB END USER LICENSE AGREEMENT .................. 62
CHAPTER 1. KASPERSKY
MOBILE SECURITY 7.0
ENTERPRISE EDITION
Kaspersky Mobile Security 7.0 Enterprise Edition is designed to ensure protection of mobile devices running Symbian OS and Microsoft Windows Mobile against malware programs and unsolicited e-mail messages and performs the following functions:
Real-time protection of the file system of the device - interception and
scan of:
al incoming objects transmitted using wireless connections (IR port,
Bluetooth) and EMS messages, during synchronization with the
personal computer and downloading files using a browser;
files opened on the mobile device;
programs installed from the device's interface.
scanning of the file system's objects on the mobile device or on the
connected expansion cards by user's demand or according to the schedule;
reliable isolation of infected objects in the quarantine storage;
updating of Kaspersky Mobile Security bases used to scan for mal-
ware programs and delete dangerous objects.
blocking unwanted SMS messages.
blocking access to or erasing user's data in case of unauthorized ac-
tions with the device, as, for instance, theft.
protection of the mobile device at the network level.
The user can use the capabilities providing flexible control of the Kaspersky Mobile Security operation settings, viewing the current anti-virus protection status
and the event log in which the application's actions are recorded.
The application includes a menu system and support an easy-to-use user's interface.
6 Kaspersky Mobile Security 7.0 Enterprise Edition
Note
In case a detection of a malware program, Kaspersky Mobile Security can disinfect the infected object detected (if disinfection is possible), delete it or place it
into the quarantine. In this case no copies of the object being deleted will be
saved.
Note
The installed Kaspersky Mobile Security is not intended for backup and restore.
1.1. Hardware and software
requirements
Kaspersky Mobile Security is designed for installation on mobile devices running
one of the following operating systems:
Symbian OS 9.1, 9.2 Series 60 UI.
Microsoft Windows Mobile 5.0.
Microsoft Windows Mobile 6.0.
1.2. Distribution Kit
You can purchase Kaspersky Mobile Security via internet (the application distribution kit and documentation in the electronic form). Kaspersky Mobile Security
can be also purchased in mobile communication offices. For more details contact
you mobile communication operator.
1.3. Installing Kaspersky Mobile
Security
The application is installed using a centralized installation using Kaspersky Administration Kit. The network Administrator can use one of the two methods of
the application installation.
installation using the user‟s computer;
installation using an SMS message.
Kaspersky Mobile Security 7.0 Enterprise Edition 7
For more details about the remote installation of the application see Kaspersky
Mobile Security 7.0 Enterprise Edition “Administrator‟s Guide”.
1.3.1. Installing using the user’s computer
After you connect the mobile device to a computer included into the Administration Server logical network, kmlisten.exe utility window will open (see Figure 1).
This utility is designed to ensure installation of Kaspersky Mobile Security 7.0
Enterprise Edition onto a mobile device.
Figure 1. Kmlisten utility
In order to install Kaspersky Mobile Security, perform the following actions:
using kmlisten.exe utility window, check the box next to the name of the device onto which you wish to install the application and press the Install button. The distribution kit for the application installation will be copied to your
mobile device and started.
1.3.2. Installing using an SMS message
In order to install the application the network administrator can use the installation service using an SMS message (for details see Kaspersky Mobile Security
7.0 Enterprise Edition Administrator‟s Guide). An SMS message containing the
URL of the server on which the application installation kit is located will be sent to
the mobile device.
8 Kaspersky Mobile Security 7.0 Enterprise Edition
Note
Activation of the application is required. Otherwise the application‟s functionality
will not be available.
Note
While the policy is being created the possibility of mobile device key file modification must be blocked. Otherwise the device will not be activated during the synchronization with the Administration Server.
In order to install the application using an SMS message, perform the following
actions:
1. Open an SMS containing URL of the server from which the Kaspersky
Mobile Security installation package will be downloaded.
2. Use the link contained in the message text to download the application
installation kit onto the device.
3. Save the application installation kit.
1.4. Activating the application
Activation of Kaspersky Mobile Security 7.0 Enterprise Edition is performed during synchronization with the Administration Server. During the synchronization
the key file specified in the course of creating the policy for mobile devices (for
more details about Kaspersky Administration Kit policies for mobile devices see
Kaspersky Mobile Security 7.0 Enterprise Edition‟s Administrator‟s Guide) is copied to the device.
The process of the application synchronization with the Administration service
will be started automatically with the interval specified in the policy for mobile
devices. You can also start the synchronization process manually (see section 2.1.9 on page 30 or on section 3.6 on page 53).
CHAPTER 2. KASPERSKY
MOBILE SECURITY FOR
SYMBIAN OS
This chapter contains description of the operation of Kaspersky Mobile Security
7.0 for devices running Symbian version 9.1, 9.2 or Series 60 UI operating system.
2.1. Using the application
This section contains information about configuration of the settings of the antivirus scan and real-time protection, SMS message filtering, device anti-virus
scan, bases update, application operation settings, device protection at the network level, etc.
2.1.1. Starting the application
In order to start Kaspersky Mobile Security, perform the following actions:
1. Open the device‟s main menu.
2. Select KMS 7.0 EE and start the application using the Open item from
the Options menu.
After the device startup a window with main Kaspersky Mobile Security components (see Figure 2) will be displayed on the device screen.
Real-Time Protection - using the real-time protection mode (see sec-
tion 2.1.4 on page 12);
Last Full Scan – date of the last anti-virus device scan.
Database date – release date of the anti-virus database used by the
application.
Anti-Spam Config. – Anti-Spam operation mode (see section 2.1.6 on
page 19).
Firewall level – device protection level at the network level (see sec-
tion 2.1.9 on page 30).
10 Kaspersky Mobile Security 7.0 Enterprise Edition
Figure 2. The Application component status window
In order to switch to the application interface, press OK.
2.1.2. Graphical user interface
The graphical user interface (GUI) contains six tabs:
Using the Scan tab you can perform an anti-virus can of the device, edit
the anti-virus scan, real-time protection and quarantine settings and
configure the auto scan schedule.
Using the Update tab you can update the anti-virus database, edit the
updating settings and configure the updating schedule.
Using the Firewall tab you can monitor the network activities and pro-
tect device at the network level.
The Anti-Theft tab allows blocking the device and erase information
from it in case the device gets lost or stolen (Anti-Theft module).
Using the Anti-Spam tab you can configure filtering of incoming SMS
messages (Anti-Spam module).
Using the Information tab you can view application component's opera-
tion logs, general information about the application and the anti-virus
bases used and edit general settings used for application's operation.
To navigate from one tab to another, use the joystick of the device or select the
Open page item in the Options menu (see Figure 3).
Kaspersky Mobile Security for Symbian OS 11
Figure 3. The Options menu
In order to return to the application components status window, select the Cur-
rent status item in the Options menu.
2.1.3. General settings
Using settings in the Information tab in the Settings item (see Figure 4) you can
configure the following application's functions:
Show status screen determines whether the current status will be dis-
played at the application startup.
Log size determines the maximum log size. Once the minimum value
of the specified threshold has been reached, older messages in the log
will be deleted until the maximum value of specified threshold is
reached.
Screen backlighting determines whether the screen will be lit during
the anti-virus scan. By default the backlight option is disabled.
Play sound controls the use of the sound notification in case of certain
events (detection of an infected objects, message about an application
status, etc.) By default the playback of the sound signal in case of a virus detection depends on the device profile (the setting‟s value Profile
dependent). Select Enabled if you wish to use the sound notification irrespective of the device profile selected.
Sound volume determines the volume of the sound notification play-
back in case of the detection of an infected object.
12 Kaspersky Mobile Security 7.0 Enterprise Edition
Vibration determines whether the device will vibrate when an infected
object is detected. By default vibration is enabled.
Figure 4. The Settings menu
In order to edit the values of the settings, use the device's joystick or select the
Change item in the Options menu.
2.1.4. Anti-virus scan and protection
Using the Scan tab you can perform anti-virus scan of the entire file system and
the memory of the device or of an individual folder or file. You can also modify
the settings of the anti-virus scan and of the real-time anti-virus protection, view
the report about the scan results and create the automatic scan start schedule.
2.1.4.1. Real-time protection and on-demand
scan
Real-time protection is the mode of operation in which the resident part of Kaspersky Mobile Security is constantly loaded in the device's RAM and monitors all
data including the incoming data received by the device.
Real-time protection is started since the moment the device is turned on and
works until it is turned off (if the use of this mode was not disabled by the protection settings).
Kaspersky Mobile Security also allows to perform a full scan of the device's file
system including the analysis of objects located on the connected memory expansion cards.
Kaspersky Mobile Security for Symbian OS 13
Information about the results of the real-time protection and of the on-demand
scan will be recorded in the report. In order to view the report, select the Reports
item in the Scan tab.
To start Real-Time protection, do the following:
1. Select the Settings item in the Scan tab.
2. Select the Monitor settings in the Settings section.
3. Enable / disable real-time protection by setting the Real-Time Protec-
tion setting certain value to a corresponding value.
To modify the Real-Time protection operation settings, do the following:
1. Select the Settings item in the Scan tab.
2. Select the Monitor settings in the Settings section.
3. Define the scan area in the Scan mask block by selecting the file types
to be scanned:
All files – scan all files.
Executable files – scan only executable program files (for example
*.exe, *.sis, *.mdl, *.app).
4. Determine the action to be performed when an infected object has been
detected (the Virus found action setting).
By default detected malware objects are placed into quarantine (the
Quarantine setting value).
To ensure that information about detection of an infected object is
logged in the application‟s report, select value Log event.
To make the application delete detected malware objects without
prompting user for action, select the Auto delete value.
5. Enable / disable new card scan mode (the Scan new card setting).
By default, if a memory card is detected, the application notifies that the
card must be scanned.
To enable the scan of flash-cards, connected to the device, set the Au-
to scan value. In order to disable the automatic scan of flash cards, select Disable.
6. Enable / disable the display of the protection icon (the Show monitor
icon setting).
Select the Always value in the corresponding item of the menu if you
wish the application icon to be always displayed on the device's screen
when the real-time protection is enabled. If you wish the icon to be dis-
14 Kaspersky Mobile Security 7.0 Enterprise Edition
played only in the device's menu, select In menu only. If you do not
wish this icon to be displayed, select Off.
To modify the on-demand scan operation settings, do the following:
1. Select the Settings item in the Scan tab.
2. Select the Scan settings in the Settings section.
3. Define the scan area in the Scan mask block by selecting the file types
to be scanned:
All files – scan all files.
Executable files – scan only executable program files (for example
*.exe, *.sis, *.mdl, *.app).
4. Determine the action to be performed when an infected object has been
detected (the Virus found action setting).
By default the application attempts to disinfect detected malware objects
(the setting value Try to disinfect).
To place detected malware objects into quarantine, select the Quaran-
tine value.
To ensure that information about detection of an infected object is
logged in the application‟s report, select value Log event.
To make the application delete detected malware objects without
prompting user for action, select the Auto delete value.
To ensure that a notification with a prompt for action is opened once an
infected object is detected, select the Ask user value.
5. Specify an action to be performed if disinfection of an infected object is
impossible (If disinfection fails setting).
By default detected malware objects are placed into quarantine (the
Quarantine setting value).
To ensure that information about detection of an infected object is
logged in the application‟s report, select value Log event.
To make the application delete detected malware objects without
prompting user for action, select the Auto delete value.
To ensure that a notification with a prompt for action is opened once an
infected object is detected, select the Ask user value.
6. Enable / disable the scan of the device ROM memory (the Scan ROM
setting).
Kaspersky Mobile Security for Symbian OS 15
Note
In order to edit the values of the settings, use the device's joystick or select the
Change item in the Options menu.
By default the application uses the values of the settings recommended by Kaspersky Lab's specialists. If you wish to return to the recommended values of the
settings while you are using the application, open the Scan tab and select the
Set default item from the Options menu.
In some situations the ROM memory may become vulnerable for malware programs. To enable ROM memory scan, select the Yes value.
7. Enable / disable unpacking of SIS and ZIP archives (the Unpack arc-
hives setting).
If you wish the application unpack SIS and ZIP archives, select Yes. If
archives do not need to be unpacked during the scan, select No.
In order to start an anti-virus scan, perform the following actions:
1. Start Kaspersky Mobile Security (see section 2.1.1 on page 9).
2. Using the Scan tab (see Figure 5) select the Scan all item if you wish to
scan the entire file system of the device or Scan folder if you wish to
scan an individual folder.
Figure 5. The Scan tab
When Scan folder item is selected, a window displaying the device‟s file
system will open. In order navigate through the file system use the joystick
buttons of your device. In order to scan a folder, move the cursor to the folder you wish to scan and select the Start scanning item from the Options
menu.
16 Kaspersky Mobile Security 7.0 Enterprise Edition
After the scan is started, the scan process window will open in which the current
status of the task will be displayed: the number of scanned objects, the path to
the object being scanned at the time and the percentage indicator of the
progress (see Figure 6).
Figure 6. The Scan progress window
Once an infected object is detected the action specified by the corresponding
setting in the SettingsScan settings section will be performed.
Figure 7. Notification about virus detection
Once the scan is complete the general statistics about detected and deleted
malware objects will be displayed.
To disable screen backlight during the scan,
switch to the Information tab, open the Settings menu and select the Yes
value for the Screen backlighting setting.
Kaspersky Mobile Security for Symbian OS 17
By default the backlight will go off automatically to save the battery charge.
2.1.4.2. Scheduled scan
Kaspersky Mobile Security allows the user to create the schedule for the automatic device scan. The scan is performed in the background mode. When detecting an infected object an action specified in the scan settings will be performed with such object (see section 2.1.4.1 on page 12).
By default scheduled scan is disabled.
Figure 8. The Schedule menu
To create the scan launch schedule:
select the Schedule item in in the Scan tab and specify the Auto scan settings (see Figure 8):
Daily - the scan to be performed every day. Specify the Auto scan
time in the entry field.
Weekly - the scan will be performed once a week. Specify the Auto
scan day and Auto scan time.
2.1.5. Using Quarantine
Infected objects placed into the quarantine do not impose any threat for the device and can be deleted or restored later.
Detected infected objects can be quarantined by the application automatically or
after your confirmation.
18 Kaspersky Mobile Security 7.0 Enterprise Edition
If you wish the application to place detected malware objects into the quarantine
without the prompt, do the following:
1. Open the Scan tab.
2. Select the Settings item.
3. Select the Scan settings or the Monitor settings item.
4. Select Quarantine as the value for the Virus foud action setting.
If you selected Ask user as the action to be performed, then, when an infected
object is detected, Kaspersky Mobile Security will offer that you either delete this
object or quarantine it.
To view the list of quarantined objects,
open the Scan tab and select the Quarantine item (see Figure 9).
Figure 9. Infected quarantined objects
The Options menu accessible from the quarantine view window allows the user:
To view detailed information about each object in the quarantine (View
details).
Delete the selected object (Remove file).
Clear the quarantine by deleting all quarantined objects (Remove all).
Restore the selected object from the Quarantine to its original folder
(Restore file).
View Quarantine Help (Help).
In order to set the quarantine settings:
1. Open the Scan tab.
Kaspersky Mobile Security for Symbian OS 19
Note
In order to restore the values of the quarantine settings recommended by Kaspersky Lab's specialists select Set default from the Options menu.
2. Select the Settings item.
3. Select the Quarantine tab (see Figure 10).
Figure 10. Quarantine settings
The Quarantine size setting determines the maximum number of infected objects which can be stored in the quarantined. The possible values are 20, 50 or
100 files.
The Store limit setting determines the period of time during which the infected
objects can be stored in the quarantine. After this period elapses, the infected
objects will be automatically deleted.
2.1.6. Using Anti-Spam
The Anti-Spam module is designed to ensure protection of your device against
unsolicited SMS messages.
Filtering is based on the use of "black" and "white" lists. These lists contain
phone and sample phrases characteristic of spam and non-spam messages.
Message analysis will be performed in the following order:
check if the sender‟s number is included into the "black" list;
check if the sender‟s number is included into the "white" list;
20 Kaspersky Mobile Security 7.0 Enterprise Edition
Note
Messages not included into either list will not blocked!
scan of the message text for the presence of phrases found in the
“black” list;
scan of the message text for the presence of phrases found in the
“white” list;
If at least one match is detected, the scan will be stopped. The message containing an element found in the “black” list will be blocked. The message containing
an element found in the “white” list will be passed.
2.1.6.1. Anti-Spam work modes
Anti-Spam filters messages in one of the following modes:
Enabled. In this mode Anti-Spam filters incoming messages using the
"black" and the "white" lists. Once a message is received from a phone
number not found in either of the lists, Anti-Spam will notify the user and
will offer to block or allow receipt of the message and to add this phone
number to the "white" or "black" list.
Black List. In this mode Anti-Spam blocks receipt of messages match-
ing the “black list” criteria. All other messages will be passed.
White List. In this mode Anti-Spam passes messages matching the
“white list” criteria. All other messages will be blocked.
Disabled. In this mode Anti-Spam is disabled. No filtering of incoming
messages is provided.
To select the Anti-Spam operation mode:
1. Open the Anti-Spam tab.
2. Select the Settings item.
3. Set the operation mode using the Anti-Spam config. setting.
2.1.6.2. Editing “black” and “white” lists
"Black" and "White" lists contain records with phone numbers, SMS from which
will be block or passed by Anti-Spam. Information about blocked or deleted messages will be entered in the Log section.
Kaspersky Mobile Security for Symbian OS 21
To enter changes into the "black" or "white" list,
open the Anti-Spam tab and select the corresponding item (see Figure 11).
To edit the list use the Options menu:
Add number – add a new record to the list.
Edit number – edit the current record.
Remove number – delete entry from the list.
Remove all – clear the list by deleting all records.
Help – view Help on managing the list.
Figure 11. The Anti-Spam tab
When you select the Add number or the Edit number item, you will be offered
to specify the following record's parameters (see Figure 12)
Number. Specify the phone number for which receipt of messages will
be blocked or allowed. Such number may begin with a digit or with a "+"
and must contain digits only. Additionally when specifying a number,
you can use masks "?" and "*".
Text. Specify the text upon detection of which in the message received,
such message will either be passed or blocked.
22 Kaspersky Mobile Security 7.0 Enterprise Edition
Figure 12. The Black List
2.1.6.3. Anti-Spam operation settings
To edit Anti-Spam settings:
open the Anti-Spam tab and select the Settings item (see Figure 13).
Figure 13. Anti-Spam settings
The following Anti-Spam settings are accessible in the Settings menu:
Anti-Spam config. – Anti-Spam operation mode (see section 2.1.6.1 on
page 20).
Allow contacts list. If the setting is assigned value Yes, Anti-Spam will
not block receipt of messages from numbers contained in your phone
book. If this option is disabled (No value), Anti-Spam will perform filter-
Loading...