Configuring exclusions in traffic processing rules

Support

Support for business applications

Kaspersky Web Traffic Security 6.x

Decrypting TLS/SSL connections

Processing CONNECT requests

Configuring exclusions in traffic processing rules

December 13, 2023

ID 189214

Prior to creating exclusions for CONNECT requests, make sure that you have enabled decryption of TLS/SSL connections. Otherwise, encrypted connections will not be scanned by the Anti-Virus and Anti-Phishing modules. This could lead to infection of users' computers.

To configure exclusions for CONNECT requests in traffic processing rules:

In the application web interface, select the Rules section.
Select the Access tab.
Select the rule for which you need to correctly display the block page or redirect the user.
The View rule page opens.
Click Edit.
The Edit rule page opens.
Select the Exclusions tab.
Click + Add exclusion.
If you want to add an exclusion only for users that satisfy the defined criteria, in the Initiator settings group click + Rule criteria and specify the necessary criteria.
If criteria are not defined, the exclusion is applied to all users.
In the Traffic filter settings group, click + Rule criteria.
In the drop-down list that appears on the left, select HTTP Method.
In the drop-down list on the right, select CONNECT.
Click Save.

The exclusion is now configured. The application will not scan HTTP messages that contain the CONNECT method.

Kaspersky Endpoint Security for Business Advanced: Adaptive security of your company

Web and device controls. Data encryption. Centralized and convenient management from a single console.

Kaspersky Premium Support (MSA): High‑priority incident processing

Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.