Operation of the application

Kaspersky Web Traffic Security scans user HTTP, HTTPS and FTP traffic that passes through the proxy server.

All servers with the Kaspersky Web Traffic Security application installed are grouped in a cluster. The cluster includes a Master server, Worker servers, and a Secondary master server if one is used.

The proxy server sends all user requests to the Worker server over the ICAP protocol. Kaspersky Web Traffic Security scans the request using traffic processing rules received from the Master server or Secondary master server. After that, the application sends the result of the scan to the proxy server. If access to an Internet resource is allowed, the proxy server sends the request to the Internet. The response to the request is also sent through the proxy server to a Worker server and is scanned in accordance with traffic processing rules. As a result of the scan, the user is allowed to access the requested Internet resource or sees an access denial template.

The application operating scheme is shown in the figure below.

kwts_general_scheme

Application operation without load balancing

If many Worker servers are used, it is recommended to use the HAProxy load balancer. In this case, HAProxy uses the configured load balancing method to determine the Worker server to which a scan request is sent. Subsequent traffic processing procedure does not differ from working without a load balancer.

kwts_load_balancer

Application operation with load balancing

Page top