Scenario for configuring access to web resources
December 13, 2023
ID 175208
The set of traffic processing rules enables the following tasks:
- Restrict access to web resources for personnel of different departments.
To do so, you can use existing domain groups if integration with Active Directory is configured. For example, you can allow access to all web resources for the Administrators group, and prohibit the Social networks or Software, audio, video categories for the rest of the employees.
- Block access to web resources prohibited by the laws of your country.
To do so, you can create rules for all workspaces that are applied to all users.
- Monitor traffic volume.
To ensure efficient usage of traffic, you can prohibit or limit downloading of multimedia files and access to web resources that are not relevant for the job.
- Gather statistics on requested web resources in your organization.
If the Allow action is selected in the traffic processing rule, the user is allowed to access the web resource but information about the request is written to the event log. You can filter logged events, for example, you can view all requests of users to the www.kaspersky.com website.
We recommend to configure traffic processing rules in the following order:
- Create workspaces and/or groups of traffic processing rules, if necessary.
Traffic processing rules are checked in accordance with their position in the rules table. For the necessary rule to trigger, you need to prepare a method to organize rules. Using workspaces is recommended for large departments of an organization or for different clients of an ISP. Subsequently, rules can be grouped together. For example, you can create workspaces Branch office 1 and Branch office 2, and within the workspaces, add groups: Administrators, Accountants, etc.
- Add bypass rules, if necessary.
You can use a bypass rule to provide users with access to web resources without scanning them. For example, allow downloading of updates for software used in your organization from the official website of the developer. This helps reduce application resources expended on processing traffic from trusted sources.
- Adding access rules and protection rules
You can add access rules and protection rules for an individual workspace or for all workspaces. In addition, rules can be combined into groups, or you can add them outside of groups.
- Configuring a rule triggering initiator
For each added rule, you must specify a user or program whose network connections must be scanned by Kaspersky Web Traffic Security.
- Configuring traffic filtering criteria
Use traffic filtering criteria to configure conditions that govern which web resources requested by the user must be checked in accordance with the rule.
The following criteria are available for bypass rules: URL, MIME type of HTTP message, Traffic direction, HTTP Method, and HTTP Content-Length, KB.
- Adding an exclusion for a rule, if necessary.
You can add a rule triggering initiator or a filtering criterion to exclusions. For example, you can prohibit access to the Software, audio, video category for all members of the Accountants domain group except the head of the department. Or you can prohibit downloads of files over 500 MB except files with corporate standards, etc.
- Configuring the schedule of a rule, if necessary.
The schedule allows to automatically disable a rule during specific times of the day. For example, you can configure rules to work only during work hours of the organization or disable a rule on a specific day.
- Configuring a default protection policy
If a web resource does not satisfy the filtering criteria of any of the traffic processing rules, the default protection policy is applied. The settings of the default protection policy are applied for processing traffic of all workspaces and outside of workspaces.
