Configuring the Network Threat Protection component on Windows devices

The Network Threat Protection component monitors inbound network traffic of the Windows device for activity that is typical of network attacks. Upon detecting an attempted network attack on the user's computer, Network Threat Protection blocks network activity from the attacking computer.

To configure the Network Threat Protection component on Windows devices:

1. Open Kaspersky Endpoint Security Cloud Management Console.
2. Select the Security management → Security profiles section.

   The Security profiles section contains a list of security profiles configured in Kaspersky Endpoint Security Cloud.

3. In the list, select the security profile for the devices on which you want to configure the Network Threat Protection component.
4. Click the link with the profile name to open the security profile properties window.

   The security profile properties window displays settings available for all devices.

5. In the Windows group, select the Security settings section.
6. Switch the toggle button to Network Threat Protection is enabled.
7. Click the Settings link below the Network Threat Protection is enabled toggle button.

   The Network Threat Protection component settings page opens.

8. In the Network Threat Protection settings section, switch the toggle button to Add the attacking computer to the list of blocked computers.
9. In the Time to block attacking computer (min) field, specify a value for the number of minutes during which the network activity of the attacking computer will be blocked.
10. In the Network Threat Protection exclusions section, click Settings.

    The Exclusions window opens.

11. Do any of the following:
    • To add an IP address that you want to be excluded from scanning:
      1. Click the Add button.

         The New record window opens.

      2. In the entry field, specify the IP address to be excluded.
      3. Click OK to close the New record window.

         The added IP address appears in the list of exclusions in the Exclusions window.

    • To modify an IP address that is excluded from scanning:
      1. Select the check box next to the required IP address.
      2. Click the Modify button.

         The New record window opens. It contains the selected IP address.

      3. Make the necessary changes.
      4. Click OK to close the New record window.

         The modified IP address is displayed in the list of exclusions in the Exclusions window.

    • To delete an IP address from the list of scanning exclusions:
      1. Select the check box next to the required IP address.
      2. Click the Delete button.

         The deleted IP address disappears from the list of exclusions in the Exclusions window.

12. Click the Save button.

After the security profile is applied, the Network Threat Protection component is enabled on Windows devices.

Page top