Kaspersky Security for Windows Server lets you add and configure allowing or denying rules for certificates and web addresses, and use preset rules for categories to block content by type. Rules for certificates can be applied if the task is running in Driver Interceptor or Redirector mode.
Web control
This type of control is carried out by applying allowing and denying rules for web addresses and certificates. Allowing rules have a higher priority than conclusions from KSN and signature analysis.
A URL or certificate can be allowed or blocked based on prioritized conclusions (from highest to lowest):
Category-based web control
Kaspersky Security for Windows Server lets you block web addresses based on categories. You can set the level of heuristic analysis used for categorization. Category-based web control uses the preset list of categories for analysis. While the list itself cannot be modified, you can select categories of web resources to allow or block, or turn off category-based control. The Other category includes all web resources that do not fall under any other category in the list. If this check box is selected, Kaspersky Security for Windows Server allows all web resources that are not categorized. If the check box is cleared, all web resources are blocked.
Categorization has the lowest priority.
By default, Kaspersky Security for Windows Server applies only one rule: the denying rule for TOR certificates. You can uncheck the rule in the rule settings to allow TOR connections. If the rule is applied, all incoming or outgoing TOR connections will be blocked.
Traffic Security also considers the conclusions for the not-a-virus
mask, which are the resources or objects that are not viruses themselves, but can be used to harm the protected device. By default, Kaspersky Security for Windows Server does not apply the not-a-virus
mask to categories.