Encrypted connections scan settings

Encrypted connections scan settings

Setting

Description

Values

EncryptedConnectionsScan

Enables or disables encrypted traffic scan.

For the FTP protocol, secure connections scan is disabled by default.

Yes (default value)—Enable secure connection scans.

No: disable encrypted connection scanning. The application does not decrypt the encrypted traffic.

EncryptedConnectionsScanErrorAction

Specifies the action to perform when a secure connection scan error occurs on a website.

AddToAutoExclusions (default value) — Add the domain where an error occurred to the list of domains with scan errors. The application will not monitor encrypted network traffic when this domain is visited.

Disconnect — Block the network connection.

CertificateVerificationPolicy

Specifies the way Kaspersky Endpoint Security checks certificates.

If a certificate is self-signed, the application does not perform the additional verification.

FullCheck (default value) — The application uses the Internet to check and download the missing chains that are required to verify a certificate.

LocalCheck — The application does not use the Internet to verify a certificate.

UntrustedCertificateAction

The action to take when an unconfirmed certificate is detected.

Allow (default value) — Allow network connections established while visiting a domain with an untrusted certificate.

Block — Block network connections established while visiting a domain with an untrusted certificate.

ManageExclusions

Using exclusions when scanning encrypted traffic.

Yes — Do not scan websites specified under [Exclusions.item_#] (see below).

No (default value) — Scan all websites.

MonitorNetworkPorts

Specifies the way Kaspersky Endpoint Security monitors network ports.

Selected (default value) — Monitor only network ports specified in the [NetworkPorts.item_#] section (see below).

All — Monitor all network ports.

Specifying this value may significantly increase an operating system load.

The [Exclusions.item_#] section contains domains excluded from scans. The application does not scan secure connections established when visiting specified domains.

DomainName

Specifies the domain name. You can use masks to specify the domain.

The default value is not defined.

The [NetworkPorts.item_#] section contains the network ports monitored by the application.

PortName

Network port description.

The default value is not defined.

Port

Network port numbers to be monitored by the application.

165535

The default value is not defined.

Page top