The Web Control report contains information about attempts by users or applications installed on protected virtual machines to access web addresses listed in the databases of malicious and phishing web addresses.
The Period field displays the period of time covered by the data included in the report. By default, the report contains for the last 30 days, including the report generation date.
It contains the following consolidated information:
Result. The result of the action taken by Kaspersky Security when it detects an attempt to access a malicious or phishing web address.
Rule. The network rule applied by the application when it takes action in response to a detected attempt to access a malicious or phishing web address. For Kaspersky Security this field shows: Kaspersky Security for Virtualization Agentless: Attempt to access a malicious web address or Kaspersky Security for Virtualization Agentless: Attempt to access a phishing web address.
Attempts. The number of attempts to access web addresses listed in the databases of malicious and phishing web addresses.
User accounts. The number of protected virtual machines from which attempts were made to access a malicious or phishing web address.
URL. The number of malicious or phishing web addresses for which access attempts were detected.
Devices. The number of protected virtual machines from which attempts were made to access a malicious or phishing web address.
Administration groups. Kaspersky Security always displays 1 in this field, because all protected virtual machines are assigned to one "pseudohosts” conditional group. The "pseudohosts" group does not belong to administration groups and is not displayed in the Kaspersky Security Center Administration Console. Protected virtual machines cannot belong to administration groups, because they are not considered as client devices of Kaspersky Security Center.
First attempt. The date and time of the first attempt to access a malicious or phishing web address.
Last attempt. The date and time of the last attempt to access a malicious or phishing web address.
The row below contains the following consolidated information:
Rules. The number of network rules that determine which action the application takes when it detects an attempt to access a malicious or phishing web address. For Kaspersky Security, the value in this field is: 2.
Blocked attempts. The number of attempts to access malicious or phishing web addresses blocked by Kaspersky Security.
Warnings. The number of attempts to access malicious or phishing web addresses that were allowed according to the application settings.
Blocked web addresses. The number of malicious or phishing web addresses that were blocked by Kaspersky Security.
URLs with warnings. The number of malicious or phishing web addresses that were allowed to be accessed according to the application settings.
Blocked users. The number of protected virtual machines from which attempts were made to access blocked web addresses.
Warned users. The number of protected virtual machines for which Kaspersky Security allowed access to malicious or phishing web addresses.
First blocked attempt. The date and time of the first attempt to access a malicious or phishing web address that was blocked by Kaspersky Security.
Last blocked attempt. The date and time of the last attempt to access a malicious or phishing web address that was blocked by Kaspersky Security.
First warning. The date and time of the first attempt to access a malicious or phishing web address that was allowed according to the application settings.
Last warning. The date and time of the last attempt to access a malicious or phishing web address that was allowed according to the application settings.
The report contains the following detailed information for each attempt to access a malicious or phishing web address:
Result. The result of the action taken by Kaspersky Security when it detects an attempt to access a malicious or phishing web address.
Rule. The network rule applied by the application when it takes action in response to a detected attempt to access a malicious or phishing web address. For Kaspersky Security this field shows: Kaspersky Security for Virtualization Agentless: Attempt to access a malicious web address or Kaspersky Security for Virtualization Agentless: Attempt to access a phishing web address.
User account. The IP address of the protected virtual machine from which an attempt was made to access a malicious or phishing web address.
URL. The malicious or phishing web address for which an access attempt was detected.
Time. The date and time when an attempt to access a malicious or phishing web address was detected.
Group. Kaspersky Security always displays pseudohosts in this field, because all protected virtual machines are assigned to one "pseudohosts” conditional group. The "pseudohosts" group does not belong to administration groups and is not displayed in the Kaspersky Security Center Administration Console. Protected virtual machines cannot belong to administration groups, because they are not considered as client devices of Kaspersky Security Center.
Device. The name of the protected virtual machine from which an attempt was made to access a malicious or phishing web address, and the path to the virtual machine in the virtual infrastructure.
Version number. The version number of the Kaspersky Security Network Threat Detection component that detected the attempt to access a malicious or phishing web address.
Visible. The date and time of the last event associated with the protected virtual machine from which an attempt was made to access a malicious or phishing web address.
IP address. The IP address of the protected virtual machine from which an attempt was made to access a malicious or phishing web address.
NetBIOS name, DNS name. The name of the protected virtual machine from which an attempt was made to access a malicious or phishing web address, and the path to the virtual machine in the virtual infrastructure.