Help for Kaspersky Web Traffic Security
- Kaspersky Web Traffic Security
- Licensing the application
- Scaling Kaspersky Web Traffic Security
- Installation and initial configuration of the application from an RPM or DEB package
- Installation and initial configuration of the application deployed from an ISO image
- Deploying a virtual machine in the VMware ESXi Hypervisor Management Console
- Deploying a virtual machine in the VMware vSphere web interface
- Deploying a virtual machine in the Management Console of Microsoft Hyper-V Manager
- Deploying a virtual machine using Microsoft SCVMM
- Application installation and initial configuration
- Removing an application deployed from an ISO image
- Preparing to remove the application
- Removing the application from a physical server
- Removing a virtual machine in the VMware ESXi Hypervisor Management Console
- Removing a virtual machine in the VMware vSphere web interface
- Removing a virtual machine in the Microsoft Hyper-V Hypervisor Management Console
- Removing a virtual machine using Microsoft SCVMM
- Getting started with the application
- Monitoring application operation
- Reports
- Kaspersky Web Traffic Security event log
- Using traffic processing rules
- Scenario for configuring access to web resources
- Adding a bypass rule
- Adding an access rule
- Adding a protection rule
- Configuring a rule triggering initiator
- Configuring traffic filtering
- Adding an exclusion for a traffic processing rule
- Configuring the schedule of a traffic processing rule
- Modifying a traffic processing rule
- Deleting a traffic processing rule
- Creating a copy of a traffic processing rule
- Enabling and disabling a traffic processing rule
- Changing the order of applied rules
- Working with traffic processing rule groups
- Configuring a default protection policy
- Monitoring traffic processing rules
- Managing workspaces
- Working with roles and user accounts
- Managing the cluster
- Creating a new cluster
- Configuring the display of the cluster node table
- Viewing information about a cluster node
- Adding a node to a cluster
- Modifying node settings
- Removing a node from a cluster
- Changing the role of a node in a cluster
- Deleting the cluster
- Checking data integrity
- Connecting to cluster nodes over the SSH protocol
- Restarting a cluster node
- Application operation in emergency mode
- Protecting network traffic
- ICAP server settings
- Block page
- Exporting and importing settings
- Upgrading the application from version 6.0 to version 6.1
- Installing update packages
- Installing the kwts_upgrade_6.1.0.4762_os_security_november_2024 update package
- Configuring the server time
- Configuring proxy server connection settings
- Updating Kaspersky Web Traffic Security databases
- Participating in Kaspersky Security Network and using Kaspersky Private Security Network
- Connecting to a LDAP server
- Configuring integration with Kaspersky Anti Targeted Attack Platform
- Syslog event log
- Application management over the SNMP protocol
- Single Sign-On authentication
- Managing the settings of a built-in proxy server in the application web interface
- Decrypting TLS/SSL connections
- Processing CONNECT requests
- About TLS connections
- Managing certificates for intercepting SSL connections
- Enabling and disabling decryption of SSL connections
- Selecting the default action for SSL connections
- Managing SSL rules
- Managing trusted certificates
- Sources of information about the application
- Publishing application events to a SIEM system
- Contacting the Technical Support
- Appendix 1. Installing and configuring the Squid service
- Appendix 2. Configuring integration of the Squid service with Active Directory
- Configuring Kerberos authentication
- Configuring NTLM authentication
- Installing the Samba service
- Configuring time synchronization
- Configuring DNS
- Configuring Samba on the server hosting the Squid service
- Checking Samba settings on the server hosting the Squid service
- Configuring the Squid service
- Configuring the client side of NTLM authentication
- Configuring NTLM authentication of a host that is not in a domain
- Configuring Basic authentication
- Appendix 3. Configuring ICAP balancing using HAProxy
- Appendix 4. MIME types of objects
- Appendix 5. URL normalization
- Appendix 6. Website categories
- Appendix 7. Physical processor core bandwidth values depending on the type of proxy server and the required protection level
- Appendix 8. Virtual processor bandwidth values depending on the type of proxy server and the required protection level
- Glossary
- Access rule
- Basic authentication
- Bypass rule
- Certificate fingerprint
- Cluster
- Directory service
- Heuristic analysis
- ICAP server
- Kaspersky Private Security Network
- Kaspersky Security Network (KSN)
- Kerberos authentication
- Keytab file
- Layout
- LDAP
- License serial number
- Malicious links
- MIB (Management Information Base)
- nginx service
- Node with role Control
- Node with role Secondary
- Normalization
- NTLM authentication
- Phishing
- Protection rule
- PTR record
- Replay cache
- Reputation filtering
- SELinux (Security-Enhanced Linux)
- Service principal name (SPN)
- SIEM system
- SNI (Server Name Indication)
- SNMP agent
- SNMP trap
- Squid
- SRV record
- SSL Bumping
- Syslog
- TLS encryption
- Tracing
- Traffic processing rule
- Update source
- Virus
- Workspace
- AO Kaspersky Lab
- Information about third-party code
- Trademark notices
Configuring integration with Kaspersky Anti Targeted Attack Platform > KATA integration dashboard
KATA integration dashboard
KATA integration dashboard
To check the status of Kaspersky Web Traffic Security integration with KATA:
- In the application web interface, select the Nodes section.
This opens a page containing information about cluster nodes. The page displays the following information panes regarding integration with KATA:
- Uploading files to KATA. Number of cluster nodes with statuses of file transmission to the KATA server:
- No errors. All files were successfully sent to the KATA server.
- Disabled. The Uploading files integration mode is disabled.
- Errors. Errors occurred when uploading files to the KATA server during the last hour.
- Receiving objects from KATA. Number of cluster nodes with statuses for receiving objects detected by KATA:
- No errors. All KATA-detected objects were successfully received.
- Disabled. The Receiving objects integration mode is disabled.
- Errors. Errors occurred when receiving objects detected by KATA.
- Uploading files to KATA. Number of cluster nodes with statuses of file transmission to the KATA server:
- Click the View details link in one of the information panes regarding integration with KATA.
The KATA integration page opens.
- In the upper-right corner, in the drop-down lists, select the data display period and the cluster nodes whose statistics you want to view.
The KATA integration page displays the following information:
- Uploading files to KATA widget.
Displayed only when Uploading files mode is enabled.
This widget shows how many files were sent to the KATA server during the selected time period. The lines of widgets represent the following statuses of file transmission:
- Success.
- Cannot send files to KATA server because of buffer overflow.
- Error.
- Errors details chart.
Displayed only when Uploading files mode is enabled.
A pie chart and bar chart provide detailed information about the types of errors that occurred while sending files to the KATA server. The pie chart shows the ratio of the number of certain types of errors to the total number of all errors. The bar chart shows the number of errors of a certain type within the defined time interval.
The following types of errors are possible:
- Cannot establish network connection to KATA server.
- KATA server SSL certificate does not match the trusted one.
- Authorization on KATA server required.
- Connection to KATA server has timed out.
- HTTP 4xx code: client error.
- HTTP 5xx code: server error.
- Internal error.
- KATA integration status table.
The table provides consolidated information about processed objects by cluster node. The table contains the following columns:
- IP address:port.
IP address and port of the cluster node that is integrated with KATA.
- Uploading files to KATA.
Status of the transmission of files from traffic of this cluster node to the KATA server. The following values are possible:
- OK.
- Error.
- Disabled.
- Receiving objects from KATA.
Status of the receipt of KATA-detected objects on this cluster node. The following values are possible:
- OK.
- Error.
- Disabled.
- Number of objects in KATA cache.
Number of KATA-detected objects that were saved on all cluster nodes in the KATA cache.
If only one of the KATA integration modes is enabled, only the columns related to this mode are displayed.
- IP address:port.
Article ID: 187074, Last review: Dec 19, 2024