Web Threat Protection

The Web Threat Protection component prevents downloads of malicious files from the Internet, and also blocks malicious and phishing websites. The component provides computer protection with the help of anti-virus databases, the Kaspersky Security Network cloud service, and heuristic analysis.

Kaspersky Endpoint Security scans HTTP-, HTTPS- and FTP-traffic. Kaspersky Endpoint Security scans URLs and IP addresses.

To use Web Control, you must complete the initial configuration of the application:

• For HTTPS traffic monitoring, you need to enable encrypted connections scan (disabled by default).
• Select the ports that you want Kaspersky Endpoint Security to monitor. By default, the application monitors all ports.
• Select the applications whose traffic you want Kaspersky Endpoint Security to monitor. Most browsers are already present in the list of applications recommended by Kaspersky. If your browser is missing from the list, add it manually.
• We recommend to inject a web page interaction script into web traffic. This script enables registration of Web Control events for the application event log, OS event log, and reports.

When a user tries to open a malicious or phishing website, Kaspersky Endpoint Security will block access and show a warning (see the figure below).

Website access denied message

In this section Enabling and disabling Web Threat Protection Configuring malicious web address detection methods Anti-Phishing Creating the list of trusted web addresses Exporting and importing the list of trusted web addresses

Page top