Configuring Web Threat Protection in the Web Console

In the Web Console, you can configure Web Threat Protection settings in the policy properties (Application settings → Essential Threat Protection → Web Threat Protection).

Web Threat Protection component settings

Setting	Description
Web Threat Protection enabled / disabled	This toggle switch enables or disables the Web Threat Protection component. The toggle button is switched off by default.
Action on threat detection	In this section, you can specify the action that the application performs on the web resource where the dangerous object is detected: Inform the user when a dangerous object is detected in web traffic. Web Threat Protection allows this object to be downloaded to the device. At that, the application logs the information about the dangerous object and adds it to the list of active threats. Block access to all dangerous objects detected in web traffic, display a notification about the blocked access attempts, and log information about the dangerous objects (default value).
Detect malicious objects	This check box enables or disables checking of links against the databases of malicious web addresses. The check box is selected by default.
Detect phishing links	This check box enables or disables checking of links against the databases of phishing web addresses. The check box is selected by default.
Use heuristic analysis for detecting phishing links	This check box enables or disables the use of heuristic analysis for detecting phishing links. This check box is available if the Detect phishing links check box is selected, and is selected by default.
Detect adware	This check box enables or disables checking links against the databases of adware web addresses. This check box is cleared by default.
Detect legitimate applications that intruders can use to compromise devices or data	This check box enables or disables checking links against the databases of legitimate applications that intruders can use to compromise devices or data. This check box is cleared by default.
Trusted web addresses	This table contains addresses of URLs and web pages whose content you consider trusted. You can only add HTTP/HTTPS web addresses to the list of trusted web addresses. You can use masks to specify web addresses. Masks are not supported to specify IP addresses. When creating an address mask, use an asterisk () as a placeholder for one or more characters. If you enter the abc* address mask, it is applied to all web resources that contain the "abc" sequence (for example, www.virus.com/download_virus/page_0-9abcdef.html). To include the asterisk in the address mask as a character, but not as a mask, enter the * character twice (for example, www.virus.com/*/page_0-9abcdef.html means www.virus.com//page_0-9abcdef.html). By default, the table is empty. You can add, edit, and remove web addresses in the table. Clicking the Delete button removes the selected item from the table. This button is available if at least one item is selected in the table. The selected element's settings are changed in a separate window. Clicking the Add button opens a window where you can specify the new item settings.

Page top