Configuring Network Threat Protection in the Web Console

In the Web Console, you can configure Network Threat Protection settings in the policy properties (Application settings → Essential Threat Protection → Network Threat Protection).

Network Threat Protection component settings

Setting	Description
Network Threat Protection enabled / disabled	This toggle switch enables or disables Network Threat Protection. The check toggle button is switched on by default.
Action on threat detection	Actions performed upon detection of network activity that is typical of network attacks. Inform user. The application allows network activity and logs information about detected network activity. Block network activity from an attacking device and log information about detected network activity (default value).
Blocking attacking devices enabled / disabled	This toggle switch enables or disables blocking network activity when a network attack attempt is detected. The check toggle button is switched on by default.
Block the attacking device for (min)	In this field you can specify the duration an attacking device is blocked in minutes. After the specified time, Kaspersky Endpoint Security allows network activity from this device. Available values: integer from 1 to 32768. Default value: 60.
Exclusions	The table contains a list of IP addresses. Network attacks from these addresses will not be blocked. By default, the list is empty. You can add, edit, and remove IP addresses in the table. Clicking the Delete button removes the selected item from the table. This button is available if at least one item is selected in the table. The selected element's settings are changed in a separate window. Clicking the Add button opens a window where you can specify the new item settings.

Page top