You can configure the proxy server used for connecting to the Internet and updating anti-virus databases, select the network port monitoring mode, and configure encrypted connections scan.
Network options
Parameter |
Description |
---|---|
Proxy server settings |
Settings of the proxy server used for Internet access of users of client computers. Kaspersky Endpoint Security uses these settings for certain protection components, including for updating databases and application modules. For automatic configuration of a proxy server, Kaspersky Endpoint Security uses the WPAD protocol (Web Proxy Auto-Discovery Protocol). If the IP address of the proxy server cannot be determined by using this protocol, Kaspersky Endpoint Security uses the proxy server address that is specified in the Microsoft Internet Explorer browser settings. |
Bypass proxy server for local addresses |
If the check box is selected, Kaspersky Endpoint Security does not use a proxy server when performing an update from a shared folder. |
Monitored ports |
|
Scan encrypted connections |
If the check box is selected, the Web Threat Protection, Mail Threat Protection, and Web Control components scan encrypted traffic that is transmitted over the following protocols:
Kaspersky Endpoint Security does not scan encrypted connections that are established by applications if the Do not scan network traffic check box is selected for those applications in the Scan exclusions for application window. |
When visiting a domain with an untrusted certificate |
When opening a domain with an untrusted certificate in a browser, Kaspersky Endpoint Security displays an HTML page showing a warning and the reason why visiting that domain is not recommended. A user can click the link from the HTML warning page to obtain access to the requested web resource. After following this link, during the next hour Kaspersky Endpoint Security will not display warnings about an untrusted certificate when visiting other resources on this same domain.
When opening a domain with an untrusted certificate in a browser, Kaspersky Endpoint Security displays an HTML page showing the reason why that domain is blocked. |
When encrypted connection scan errors occur |
To clear the list contents, you need to select Block connection. |
Block SSL 2.0 connections |
If the check box is selected, Kaspersky Endpoint Security blocks network connections established over the SSL 2.0 protocol. If the check box is cleared, Kaspersky Endpoint Security does not block network connections established over the SSL 2.0 protocol and does not monitor network traffic transmitted over these connections. |
Decrypt encrypted connections with websites that use EV certificates |
EV certificates (Extended Validation Certificates) confirm the authenticity of websites and enhance the security of the connection. Browsers use a lock icon in their address bar to indicate that a website has an EV certificate. Browsers may also fully or partially color the address bar in green. If the check box is selected, Kaspersky Endpoint Security decrypts and monitors encrypted connections with websites that use an EV certificate. If the check box is cleared, Kaspersky Endpoint Security does not have access to the contents of HTTPS traffic. For this reason, the application monitors HTTPS traffic only based on the website address, for example, If you are opening a website with an EV certificate for the first time, the encrypted connection will be decrypted regardless of whether or not the check box is selected. |
Trusted addresses |
List of web addresses for which Kaspersky Endpoint Security does not scan encrypted network connections. |
Trusted applications |
List of applications whose activity is not monitored by Kaspersky Endpoint Security during its operation. You can select the types of application activity that Kaspersky Endpoint Security will not monitor (for example, do not scan network traffic). |