To add or edit the web resource access rule in Kaspersky Security Center:
Open Kaspersky Security Center Administration Console.
In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
In the workspace, select the Policies tab.
Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
In the policy properties window, select the Web Control section in the list on the left.
In the right part of the window, do one of the following:
To create a new rule, click the Add button.
If you want to edit the rule, select it in the list of rules and click the Edit button.
In the Web resource access rule window that opens, in the Name field, enter or edit the name of the rule.
From the Filter content drop-down list, select the required option:
Any content.
By content categories.
By types of data.
By content categories and types of data.
If an option other than Any content is selected, a section for selecting content categories and / or data type categories opens. Select the check boxes next to the names of the necessary content categories and/or data type categories.
Selecting the check box next to the name of a content category and/or data type category means that the application applies the rule to control access to web resources that belong to the selected content categories and/or data type categories.
From the Apply to addresses drop-down list, select the required option:
To all addresses.
To individual addresses.
If the To individual addresses option is selected, a section opens where you create a list of web resources. You can create and edit the list of web resources by using the Add, Edit, and Delete buttons. To create a list of web resource addresses, you can also use web resource address masks.
Select the Specify users and/or groups check box and click the Select button.
The standard Select Users or Groups window in Microsoft Windows opens.
Define or edit the list of users and/or groups of users for whom access to the web resources described by the rule is allowed or restricted, and click OK.
In the Action drop-down list, select the necessary item:
Allow. If this value is selected, the application allows access to web resources that match the settings of the rule.
Block. If this value is selected, the application blocks access to web resources that match the settings of the rule.
Warn. If this value is selected, the application displays a message to warn that a web resource is unwanted when the user attempts to access web resources that match the settings of the rule. By using links from the warning message, the user can obtain access to the requested web resource.
In the Rule schedule drop-down list that opens, select the name of the necessary schedule or create a new schedule that is based on the selected rule schedule. To do this, perform the following actions:
Click the Settings button next to the Rule schedule drop-down list.
To supplement the rule schedule with a time interval, during which the rule does not apply, in the Rule schedule window that opens, in the table that shows the rule schedule, click the table cells that correspond to the time and day of the week that you want to select.
The color of the cells turns gray.
To substitute a time span during which the rule applies with a time span during which the rule does not apply, click the gray cells in the table which correspond to the time and day of the week that you want to select.
The color of the cells turns green.
If you are creating a rule schedule that is based on the schedule of the Always rule that is created by default, click OK or Save as. If you are creating a rule schedule based on the schedule of a rule that was not created by default, click Save as.
In the Rule schedule name window that opens, enter the name of the rule schedule or leave the default name.
Click OK in the Rule schedule name window.
In the Web resource access rule window, click OK.
Click the Apply button.
To add or edit the web resource access rule in the local interface:
In the left part of the window, in the Endpoint control section, select Web Control.
In the right part of the window, the Web Control component’s settings are displayed.
If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.