Configuring access to websites on Windows devices

You can configure Windows device users' access to websites through Web Control. Web Control allows you to monitor actions performed by users in the local corporate network, by restricting or blocking their access to websites.

All restricting and blocking activities concerning access to websites are implemented as access rules. A website access rule is a set of filters and the corresponding action that Kaspersky Endpoint Security Cloud performs when the user visits any of the websites covered by the rule.

Web Control monitors user access to websites that is gained using the HTTP protocol. If you enable the Encrypted Connections Scan feature, Web Control also monitors access to websites that is gained using the HTTPS protocol. You can also configure the list of trusted domains. The feature does not control or process encrypted connections made during visits to those domains.

To configure website access rules on Windows devices:

  1. Open Kaspersky Endpoint Security Cloud Management Console.
  2. Select the Security managementSecurity profiles section.

    The Security profiles section contains a list of security profiles configured in Kaspersky Endpoint Security Cloud.

  3. In the list, select the security profile for the devices on which you want to configure the website access rule.
  4. Click the link with the profile name to open the security profile properties window.

    The security profile properties window displays settings available for all devices.

  5. In the Windows group, select the Management settings section.
  6. Switch the toggle button to Web Control is enabled.
  7. Click the Settings link below the Web Control is enabled toggle button.

    The Web Control settings page opens.

  8. Click Settings link in the Website access rules section.

    The Website access rules page opens.

  9. Click Add to add a new access rule.

    The New record page opens.

  10. In the Name field, enter the name of the access rule.
  11. In the Action section, select the action that Kaspersky Endpoint Security Cloud must perform when the user attempts to gain access to any of the websites specified in the rule (Allow, Block, or Warn).
  12. Select the criteria to be applied to websites:
    1. To configure content categories to be monitored:
      1. Click Settings in the Content categories section.
      2. In the window that opens, select the check boxes next to the content categories that you have to monitor for the websites being accessed.

      Categorization of websites is provided by Kaspersky Security Network, heuristic analysis, and the database of known websites. This database is included in the set of databases of Kaspersky Endpoint Security for Windows.

    2. To configure data types to be scanned:
      1. Click Settings in the Filter content within the selected categories section.
      2. In the window that opens, select the check boxes next to the data types that you want to monitor on the websites being accessed.
    3. To configure specific web addresses to be scanned:
      1. Click the Settings link in the Web addresses section.

        The Web addresses page opens.

      2. Click the Add button to add a new web address.

        The New record window opens.

      3. Specify the full path to the web resource.

        You can use the asterisk (*) and the www. characters as masks. For more information about masks for web resource addresses, refer to Kaspersky Endpoint Security for Windows Online Help.

      4. Click OK.

        The added web address is displayed in the list on the Web addresses page.

      5. Click OK.

    The specified criteria are applied simultaneously. For example, you specify the Violence content category, the Executable files data type, website http://example.com, and the Block action. In this case, the application blocks only executable files at http://example.com and only if the website belongs to the Violence category.

  13. Click OK.

    The rule that you have added is displayed in the list of website access rules on the Website access rules page.

  14. To edit an existing website access rule, select the check box next to the relevant rule and click Modify.

    This opens the <Access rule name> page. Edit the rule and save the changes.

  15. To enable or disable an access rule, switch the toggle button next to that rule to the desired state:
    • If the toggle button is green, the access rule is enabled. Web Control performs the action specified by the rule when the user attempts to open a website.
    • If the toggle button is gray, the access rule is disabled. Web Control does not perform the action specified by the rule even when the user attempts to open a website.
  16. If you want to delete an existing rule, select the check box next to the relevant rule and click Delete.

After the security profile is applied, Web Control is enabled on Windows devices. User access to websites is governed according to the currently configured access rules.

Page top