The set of traffic processing rules enables the following tasks:
To do so, you can use existing domain groups if integration with Active Directory is configured. For example, you can allow access to all web resources for the Administrators group, and prohibit the Social networks or Software, audio, video categories for the rest of the employees.
To do so, you can create rules for all workspaces that are applied to all users.
To ensure efficient usage of traffic, you can prohibit or limit downloading of multimedia files and access to web resources that are not relevant for the job.
If the Allow action is selected in the traffic processing rule, the user is allowed to access the web resource but information about the request is written to the event log. You can filter logged events, for example, you can view all requests of users to the www.kaspersky.com website.
We recommend to configure traffic processing rules in the following order:
Traffic processing rules are checked in accordance with their position in the rules table. For the necessary rule to trigger, you need to prepare a method to organize rules. Using workspaces is recommended for large departments of an organization or for different clients of an ISP. Subsequently, rules can be grouped together. For example, you can create workspaces Branch office 1 and Branch office 2, and within the workspaces, add groups: Administrators, Accountants, etc.
You can use a bypass rule to provide users with access to web resources without scanning them. For example, allow downloading of updates for software used in your organization from the official website of the developer. This helps reduce application resources expended on processing traffic from trusted sources.
You can add access rules and protection rules for an individual workspace or for all workspaces. In addition, rules can be combined into groups, or you can add them outside of groups.
For each added rule, you must specify a user or program whose network connections must be scanned by Kaspersky Web Traffic Security.
Use traffic filtering criteria to configure conditions that govern which web resources requested by the user must be checked in accordance with the rule.
The following criteria are available for bypass rules: URL, MIME type of HTTP message, Traffic direction, HTTP Method, and HTTP Content-Length, KB.
You can add a rule triggering initiator or a filtering criterion to exclusions. For example, you can prohibit access to the Software, audio, video category for all members of the Accountants domain group except the head of the department. Or you can prohibit downloads of files over 500 MB except files with corporate standards, etc.
The schedule allows to automatically disable a rule during specific times of the day. For example, you can configure rules to work only during work hours of the organization or disable a rule on a specific day.
If a web resource does not satisfy the filtering criteria of any of the traffic processing rules, the default protection policy is applied. The settings of the default protection policy are applied for processing traffic of all workspaces and outside of workspaces.