Scenario for configuring access to web resources

The set of traffic processing rules enables the following tasks:

We recommend to configure traffic processing rules in the following order:

  1. Create workspaces and/or groups of traffic processing rules, if necessary.

    Traffic processing rules are checked in accordance with their position in the rules table. For the necessary rule to trigger, you need to prepare a method to organize rules. Using workspaces is recommended for large departments of an organization or for different clients of an ISP. Subsequently, rules can be grouped together. For example, you can create workspaces Branch office 1 and Branch office 2, and within the workspaces, add groups: Administrators, Accountants, etc.

  2. Add bypass rules, if necessary.

    You can use a bypass rule to provide users with access to web resources without scanning them. For example, allow downloading of updates for software used in your organization from the official website of the developer. This helps reduce application resources expended on processing traffic from trusted sources.

  3. Adding access rules and protection rules

    You can add access rules and protection rules for an individual workspace or for all workspaces. In addition, rules can be combined into groups, or you can add them outside of groups.

  4. Configuring a rule triggering initiator

    For each added rule, you must specify a user or program whose network connections must be scanned by Kaspersky Web Traffic Security.

  5. Configuring traffic filtering criteria

    Use traffic filtering criteria to configure conditions that govern which web resources requested by the user must be checked in accordance with the rule.

    The following criteria are available for bypass rules: URL, MIME type of HTTP message, Traffic direction, HTTP Method, and HTTP Content-Length, KB.

  6. Adding an exclusion for a rule, if necessary.

    You can add a rule triggering initiator or a filtering criterion to exclusions. For example, you can prohibit access to the Software, audio, video category for all members of the Accountants domain group except the head of the department. Or you can prohibit downloads of files over 500 MB except files with corporate standards, etc.

  7. Configuring the schedule of a rule, if necessary.

    The schedule allows to automatically disable a rule during specific times of the day. For example, you can configure rules to work only during work hours of the organization or disable a rule on a specific day.

  8. Configuring a default protection policy

    If a web resource does not satisfy the filtering criteria of any of the traffic processing rules, the default protection policy is applied. The settings of the default protection policy are applied for processing traffic of all workspaces and outside of workspaces.

Page top