Web Control

Web Control manages users' access to web resources. This helps reduce traffic and inappropriate use of work time. When a user tries to open a website that is restricted by Web Control, Kaspersky Endpoint Security will block access or show a warning (see the figure below).

Kaspersky Endpoint Security monitors only HTTP- and HTTPS traffic.

For HTTPS traffic monitoring, you need to enable encrypted connections scan.

Methods for managing access to websites

Web Control lets you configure access to websites by using the following methods:

• Website category. Websites are categorized according to the Kaspersky Security Network cloud service, heuristic analysis, and the database of known websites (included in application databases). For example, you can restrict user access to the "Social networks" category or to other categories.
• Data type. You can restrict users' access to data on a website, and hide graphic images, for example. Kaspersky Endpoint Security determines the data type based on the file format and not based on its extension.

  Kaspersky Endpoint Security does not scan files within archives. For example, if image files were placed in an archive, Kaspersky Endpoint Security identifies the "Archives" data type and not "Graphic files".

• Individual address. You can enter a web address or use masks.

You can simultaneously use multiple methods for regulating access to websites. For example, you can restrict access to the "Office files" data type just for the "Web-based mail" website category.

Website access rules

Web Control manages users' access to websites by using access rules. You can configure the following advanced settings for a website access rule:

• Users to which the rule applies.

  For example, you can restrict Internet access through a browser for all users of the company except the IT department.

• Rule schedule.

  For example, you can restrict Internet access through a browser during working hours only.

Access rule priorities

Each rule has a priority. The higher a rule is on the list, the higher its priority. If a website has been added to multiple rules, Web Control regulates access to the website based on the rule with the highest priority. For example, Kaspersky Endpoint Security may identify a corporate portal as a social network. To restrict access to social networks and provide access to the corporate web portal, create two rules: one block rule for the "Social networks" website category and one allow rule for the corporate web portal. The access rule for the corporate web portal must have a higher priority than the access rule for social networks.

Web Control messages

Web Control component settings

Parameter	Description
Rules of access to web resources	List containing web resource access rules. Each rule has a priority. The higher a rule is on the list, the higher its priority. If a website has been added to multiple rules, Web Control regulates access to the website based on the rule with the highest priority.
Default rule	The Default rule is a rule for accessing web resources that are not covered by any other rule. The following options are available: Allow all except the rules list, also known as denylist mode for prohibited websites. Deny everything except the rules list, also known as allowlist mode for allowed websites.
Message templates	Warning. The entry field consists of a template of the message that is displayed if a rule for warning about attempts to access an unwanted web resource is triggered. Message about blocking. The entry field contains the template of the message that appears if a rule which blocks access to a web resource is triggered. Message to administrator. Template of the message to be sent to the LAN administrator if the user considers the block to be a mistake. After the user requests to provide access, Kaspersky Endpoint Security sends an event to Kaspersky Security Center: Web page access blockage message to administrator. The event description contains a message to administrator with substituted variables. You can view these events in the Kaspersky Security Center console using the predefined event selection User requests. If your organization does not have Kaspersky Security Center deployed or there is no connection to the Administration Server, the application will send a message to administrator to the specified email address.
Log the opening of allowed pages	Kaspersky Endpoint Security logs data on visits to all websites, including allowed websites. Kaspersky Endpoint Security sends events to Kaspersky Security Center, to the local log of Kaspersky Endpoint Security, and to the Windows Event log. To monitor user Internet activity, you need to configure the settings for saving events. Monitoring user Internet activity may require more computer resources when decrypting HTTPS traffic.

See also: Managing the application via the local interface Enabling and disabling Web Control Actions with web resource access rules Migrating web resource access rules from previous versions of the application Exporting and importing the list of web resource addresses Monitoring user Internet activity Editing masks for web resource addresses Editing templates of Web Control messages

Page top