Kaspersky Web Traffic Security

Kaspersky Web Traffic Security (hereinafter also referred to as "the application" or "KWTS") is a solution designed for protecting HTTP, HTTPS, and FTP traffic passing through a proxy server.

The application protects users of a corporate network when accessing web resources. For example, it removes malware and other threatening software from the data stream entering the corporate network via the HTTP(S) and FTP protocols, blocks infected and phishing websites, and controls access to web resources based on web resource categories and content types.

The solution is intended for corporate users.

Kaspersky Web Traffic Security:

• Protects the IT infrastructure of your organization from most modern malware and encrypting ransomware thanks to machine-learning algorithms and operating system data emulation technology.
• Blocks access to infected and phishing websites.
• Uses Kaspersky Security Network data to obtain information about the reputation of files and web resources, ensure that Kaspersky applications react to threats faster without waiting for an application database update, and reduce the likelihood of false positives.
• Integrates with Kaspersky Private Security Network (hereinafter also referred to as KPSN) to gain access to reputation databases of Kaspersky Security Network and other statistical data without sending data from its computers to Kaspersky Security Network.
• Scans encrypted traffic with certificate replacement on the proxy server side.
• Performs content filtering of incoming and outgoing files based on the URL, file name, MIME type, size, type of source file (the application can determine the true format and type of the file, regardless of its extension), and checksum (MD5 or SHA256).
• Lets you restrict access to various categories of web resources (hereinafter also referred to as "web categories"), for example: Gambling, lotteries, sweepstakes; Adult content; Internet for children; Prohibited by laws of the Russian Federation.
• Lets you configure application settings and manage the application through the web interface.
• Lets you monitor the application status, the web traffic processed by the application, the number of scanned and detected objects, most recent threats, blocked users and URLs in the application web interface.
• Lets you create workspaces for configuring individual rules for processing traffic of departments of organizations or managed organizations (for Internet service providers).
• Lets you configure access permissions of administrators for working with managed organizations.
• Lets you investigate incidents involving Internet access by searching and viewing events.
• Adjusts traffic processing conditions in cases when traffic processing does not match the defined rules.
• Updates application databases from Kaspersky update servers or custom resources (HTTP servers, shared network folders) according to schedule or on demand.

  Updates functionality (including providing anti-virus signature updates and codebase updates), as well as KSN functionality may not be available in the software in the U.S.

• Integrates with Microsoft® Active Directory® to assign roles and manage access and protection rules. Supports NTLM- and Kerberos authentication in Active Directory for access to the web interface.
• Lets you access application information over SNMP.
• Lets you deploy an ISO image of an operating system with the pre-installed application (including the proxy server).
• Lets you configure proxy server settings through the application web interface (when using an ISO image).

Kaspersky Web Traffic Security is compliant with the General Data Protection Regulation (GDPR) and applicable European Union laws on confidential information, personal data, and data protection.

See also Licensing the application Scaling Kaspersky Web Traffic Security Installation and initial configuration of the application from an RPM or DEB package Installation and initial configuration of the application deployed from an ISO image Migrating Kaspersky Web Traffic Security from CentOS to Rocky Linux Getting started with the application Monitoring of application operation Reports Kaspersky Web Traffic Security event log Using traffic processing rules Managing workspaces Working with roles and user accounts Managing the cluster Protecting network traffic ICAP server settings Block page Exporting and importing settings Upgrading the application from version 6.0 to version 6.1 Installing update packages Installing the kwts_upgrade_6.1.0.4762_os_security_november_2024 update package Configuring the server time Configuring proxy server connection settings Updating Kaspersky Web Traffic Security databases Participating in Kaspersky Security Network and using Kaspersky Private Security Network Connecting to a LDAP server Configuring integration with Kaspersky Anti Targeted Attack Platform Syslog event log Managing the application over SNMP Single Sign-On authentication Managing the settings of the built-in proxy server in the application web interface Decrypting TLS/SSL connections Sources of information about the application Publishing application events to a SIEM system Contacting the Technical Support Appendix 1. Installing and configuring the Squid service Appendix 2. Configuring integration of the Squid service with Active Directory Appendix 3. Configuring ICAP balancing using HAProxy Appendix 4. MIME types of objects Appendix 5. URL normalization Appendix 6. Website categories Appendix 7. Physical processor core bandwidth values depending on the type of proxy server and the required protection level Appendix 8. Virtual processor bandwidth values depending on the type of proxy server and the required protection level AO Kaspersky Lab Information about third-party code Trademark notices

Page top