This section describes settings of the encrypted connections scan. These settings are applicable to Web Threat Protection and Network Threat Protection tasks.
All available values and default values for each setting are described below.
EncryptedConnectionsScan
Enables or disables the scan of the encrypted traffic.
For the FTP protocol, the encrypted connections scan is disabled by default.
Available values:
Yes—Enables encrypted connections scan.
No—Disables encrypted connections scan. The application does not decrypt the encrypted traffic.
Default value: Yes
EncryptedConnectionsScanErrorAction
Specifies the action to perform when an encrypted connection scan error occurs on a website.
Available values:
AddToAutoExclusions—Add a domain that resulted in the error to the list of domains with scan errors. The application will not monitor encrypted network traffic when this domain is visited.
Disconnect—Blocks the network connection.
Default value: AddToAutoExclusions
UntrustedCertificateAction
Specifies the action to perform when an encrypted connection scan error occurs on a website.
Available values:
Allow—Allow the network connection established when visiting a domain with an untrusted certificate.
Block—Block the network connection established when visiting a domain with an untrusted certificate.
Default value: Allow
ManageExclusions
Enables or disables the use of the encrypted connection scan exclusions.
Available values:
Yes—Do not scan websites specified in the [Exclusions.item_#] section.
No—Scan all websites.
Default value: No
MonitorNetworkPorts
Specifies the way Kaspersky Endpoint Security monitors network ports.
Available values:
Selected—Monitor only network ports that are specified in the [NetworkPorts.item_#] section (see below).
All—Monitor all network ports. Specifying this value may significantly increase an operating system load.
Default value: Selected
Section [Exclusions.item_#]
The [Exclusions.item_#] section specifies domains to be excluded from the scan. The application does not scan encrypted connections established when visiting specified domains.
DomainName
Specifies the domain name. You can use masks to specify the domain.
Section [NetworkPorts.item_#]
The [NetworkPorts.item_#] section specifies network ports to be monitored by the application.
PortName
Network port description.
Port
Network port numbers to be monitored by the application.
Available values:
1–65535