About Web Threat Protection task

While the Web Threat Protection task is running, Kaspersky Endpoint Security scans the inbound traffic and prevents downloads of malicious files from the Internet and also blocks malicious, phishing, adware, or other dangerous websites.

Kaspersky Endpoint Security scans HTTP, HTTPS, and FTP traffic. Also, the application scans websites and IP addresses. You can specify certain network ports or ranges of network ports to be monitored.

To monitor HTTPS traffic, you have to enable secure connection scan.

To monitor FTP traffic, you have to set MonitorNetworkPorts=All.

On attempt to open a dangerous website, Kaspersky Endpoint Security performs the following:

• For HTTP or FTP traffic, the application blocks access and shows a warning message.
• For HTTPS traffic, a browser displays an error page.

When a website is opened, the Web Threat Protection task performs the following:

1. Checks the website security by using the downloaded anti-virus databases.
2. Checks the website security by using heuristic analysis, if enabled.

   During heuristic analysis, Kaspersky Endpoint Security analyzes the activity of applications in the operating system. Heuristic analysis can detect dangerous objects for which there are currently no records in the Kaspersky Endpoint Security databases.

3. Checks the website security in Kaspersky Security Network, if enabled.

   You are advised to participate in Kaspersky Security Network to help Web Threat Protection work more effectively.

4. Blocks or allows opening of the website.

Page top