List of user access permissions and restrictions to specified web resources and the direction of traffic.
Authentication mechanism involving sending the user name and password in unencrypted form to the server for verification.
Information that can be used to confirm the authenticity of a server certificate. The fingerprint is created by applying a cryptographic hash function to the content of the server certificate.
Group of servers that have Kaspersky Web Traffic Security installed and are combined for centralized management through the application web interface.
A software system that can store information about network resources (such as users) in one place and provides centralized management capabilities.
The technology designed to detect threats that cannot be detected using the current version of Kaspersky Lab program databases. It detects files that may be infected with an unknown virus or a new variety of a known virus.
A server implementing the ICAP protocol. This protocol allows filtering and modifying HTTP request and HTTP response data. For example, it can be used for virus scanning of the data, blocking spam, blocking access to personal resources. The ICAP client is usually a proxy server that interacts with the ICAP server over the ICAP protocol. Kaspersky Web Traffic Security receives data from the organization's proxy server after they are processed by the ICAP server.
A solution that allows users of Kaspersky Lab anti-virus applications to access Kaspersky Security Network databases without sending data from their computers to Kaspersky Security Network servers.
An infrastructure of cloud services that provides access to the online Knowledge Base of Kaspersky Lab which contains information about the reputation of files, web resources, and software. The use of data from Kaspersky Security Network ensures faster responses by Kaspersky Lab applications to threats, improves the performance of some protection components, and reduces the likelihood of false alarms.
Mechanism for mutual authentication of client and server before establishing a connection, which allows to communicate over unprotected networks. The mechanism is based on using a ticket that is issued to the user by an authentication center.
File containing pairs of unique names (principals) for clients which are allowed to authenticate in Kerberos, and encrypted keys obtained from the Kerberos password. Keytab files are used in remote systems which support Kerberos for authenticating users without the need to enter a password.
Appearance of the application web interface window in the Dashboard section. You can add, remove, and move widgets in the layout, and configure the scale of some widgets.
Lightweight Directory Access Protocol for accessing directory services.
Unique alphanumeric combination used for unambiguous identification of a purchaser of an application license.
Web addresses leading to malicious resources, that is, web resources designed to spread malware.
Application component which allows the administrator to manage application settings through the web interface. The Master server monitors the state of Worker servers and provides them with configured settings and installed keys.
Virtual database used to manage objects that are transmitted over the SNMP protocol.
Software for UNIX systems used as a HTTP server or a mail proxy server.
Authentication mechanism based on authenticating the server's request and the client's response. The request and response are encrypted with hashes of the use password, which are transmitted over the network. If network traffic is intercepted, attackers can gain access to password hashes, which makes this mechanism less robust than Kerberos authentication.
A type of Internet fraud aimed at obtaining unauthorized access to users' confidential data.
List of scans for viruses, signs of phishing attacks, specific legitimate applications that could be exploited by hackers, and other programs that pose a threat, in network traffic, which are carried out in specified conditions.
DNS entry that associates the IP address of a computer with its domain name.
A cloud service that uses technologies for determining the reputation of messages. Information about new kinds of spam appears in the cloud service sooner than in Anti-Spam module databases, making it possible to improve the speed and accuracy of spam detection.
Application component which stores a copy of settings configured on the Master server. Requred for fault tolerance of the application.
A system for controlling access of processes to operating system resources, which is based on security policies.
Unique ID of the service in the network for authentication over the Kerberos protocol.
A network management software module of Kaspersky Web Traffic Security that tracks information about application operation.
An application event notification sent by the SNMP agent.
Software package that works as a caching proxy for HTTP(S) and FTP protocols. The Squid service uses access control lists for providing access to resources.
Squid service that is used for intercepting the content of encrypted HTTPS sessions.
Standard for transmitting and recording messages about system events used on UNIX™ and GNU/Linux platforms.
Encryption of connection between two servers which allows secure data transmission between Internet servers.
Running a program for debug purposes involving stopping execution after each instruction and displaying the result of that step.
Set of actions that the application performs for an Internet resource that satisfies the specified conditions.
A program that infects other programs by adding its code to them in order to gain control when infected files are started. This simple definition allows the main action performed by a virus infection to be identified.
Application component which scans user network traffic in accordance with traffic processing rules. The Worker server receives settings configured by the administrator from the Master server.
Page top