Web Threat Protection

The Web Threat Protection component prevents downloads of malicious files from the Internet, and also blocks malicious and phishing websites.

Kaspersky Endpoint Security scans HTTP-, HTTPS- and FTP-traffic. Kaspersky Endpoint Security scans URLs and IP addresses. You can specify the ports that Kaspersky Endpoint Security will monitor, or select all ports.

For HTTPS traffic monitoring, you need to enable secure connection scans.

When a user tries to open a malicious or phishing website, Kaspersky Endpoint Security will block access and show a warning (see the figure below).

  1. Checks the security of the website using the downloaded anti-virus databases (databases of malicious and phishing websites).
  2. Checks the security of the website using heuristic analysis.

    For more effective operation of the Web Threat Protection component, it is recommended to use heuristic analysis.

  3. Checks the security of the website in Kaspersky Security Network.

    You are advised to participate in Kaspersky Security Network to help the Web Threat Protection component work more effectively.

  4. Blocks or allows the website to be opened.

    KES11_Cert_Web_Protect

    Website access denied message

    Web Threat Protection component settings

    Parameter

    Description

    Action on threat detection
    • Block download. If this option is selected and an infected object is detected in web traffic, the Web Threat Protection component blocks access to the object and displays a message in the browser.
    • Inform. If this option is selected and an infected object is detected in web traffic, Kaspersky Endpoint Security allows this object to be downloaded to the computer but adds information about the infected object to the list of active threats.

    Do not scan web traffic from trusted web addresses

    If the check box is selected, the Web Threat Protection component does not scan the content of web pages or websites whose addresses are included in the list of trusted web addresses.

    Trusted web addresses

    The Web Threat Protection component does not scan the content of web pages or websites whose addresses are included in the list of trusted web addresses. You can add both the specific address and the address mask of a web page/website to the list of trusted web addresses.

See also: Managing the application via the local interface

Enabling and disabling Web Threat Protection

Web Threat Protection settings
Page top