Creating a list of monitored network ports

If the "Monitor selected ports only" network port monitoring mode is used, you can configure the list of monitored ports. The default list is configured according to the recommendations of the Kaspersky experts.

To create the list of monitored network ports in Kaspersky Security Center:

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
5. In the policy properties window, select the Network traffic monitoring section in the list on the left.
6. In the right part of the window, in the Monitored ports section, select Monitor selected ports only.
7. Click the Settings button.

   The Network ports window opens. The Network ports window displays a list of network ports that are normally used for transmission of email and network traffic.

8. In the list of network ports, perform the following:
   • Set the check boxes opposite those network ports that you want to include in the list of monitored network ports.

     By default, the check boxes are set opposite all network ports that are listed in the Network ports window.

   • Clear the check boxes opposite those network ports that you want to exclude from the list of monitored network ports.
9. If the required network port is not shown in the list of network ports, you can add it. To do this, perform the following actions:
   1. Under the list of network ports, click the Add link to open the Network port window.
   2. Enter the network port number in the Port field.
   3. Enter the name of the network port in the Description field.
   4. In the Network port window, click OK.

      The newly added network port is shown at the end of the list of network ports.

10. In the Network ports window, click OK.
11. Click the Apply button.

To create the list of monitored network ports in the local interface:

1. On the protected virtual machine, open the application settings window.
2. In the left part of the window, in the Other settings section, select Network traffic monitoring.

   In the right part of the window the settings for Network Ports Monitoring and for Scanning Secure Connections are displayed.

   If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.

3. Complete steps 6–10 of the previous instructions.
4. To save changes, click the Save button.

When the FTP protocol runs in passive mode, the connection can be established via a random network port that is not added to the list of monitored network ports. To protect such connections, enable the monitoring of all network ports or configure the monitoring of all network ports for applications that establish the FTP connection.