EncryptedConnectionsScan

Enables or disables the scanning of encrypted connections.

For the FTP protocol, encrypted connections scan is disabled by default.

Yes (default value) — Enable encrypted connection scans.

No — Disable encrypted connection scans. The application does not decrypt the encrypted traffic.

EncryptedConnectionsScanErrorAction

Specifies the action to perform when an encrypted connection scan error occurs on a website.

AddToAutoExclusions (default value) — Add the domain where an error occurred to the list of domains with scan errors. The application will not monitor encrypted network traffic when this domain is visited.

Disconnect — Block the network connection.

CertificateVerificationPolicy

Specifies the way Kaspersky Endpoint Security checks certificates.

If a certificate is self-signed, the application does not perform the additional verification.

FullCheck (default value) — The application uses the Internet to check and download the missing chains that are required to verify a certificate.

LocalCheck — The application does not use the Internet to verify a certificate.

UntrustedCertificateAction

The action to take when an unconfirmed certificate is detected.

Allow (default value) — Allow network connections established while visiting a domain with an untrusted certificate.

Block — Block network connections established while visiting a domain with an untrusted certificate.

ManageExclusions

Using exclusions when scanning encrypted traffic.

Yes — Do not scan websites specified under [Exclusions.item_#] (see below).

No (default value) — Scan all websites.

MonitorNetworkPorts

Specifies the way Kaspersky Endpoint Security monitors network ports.

Selected (default value) — Monitor only network ports specified in the [NetworkPorts.item_#] section (see below).

All — Monitor all network ports.

Specifying this value may significantly increase an operating system load.

The [Exclusions.item_#] section contains domains excluded from scans. The application does not scan connections established when visiting specified domains.

DomainName

Specifies the domain name.

You can use masks when specifying a domain.

The [IncomingEndpointsExclusions.item_#] section contains exclusions for incoming traffic.

RemoteIp

IP address of the remote device, traffic from which is excluded from interception.

DestinationPort

Port on the protected device, traffic to which from remote devices is excluded from interception.

The [OutgoingEndpointsExclusions.item_#] section contains exclusions for outgoing traffic.

RemoteIp

IP address of the remote device, traffic to which is excluded from interception.

DestinationPort

Port on the remote device, traffic to which from the protected device is excluded from interception.

The [NetworkPorts.item_#] section contains the network ports monitored by the application.

PortName

Network port description.

Port

Network port numbers to be monitored by the application.

1–65535.

The default value is not defined.