Filter by web resource addresses

To control access to individual web resources, you must create a Web Control rule, create a list of web addresses, and select a Web Control action. When creating a web address list, you can enter URL addresses or use masks.

Rules may include a rule schedule and a list of users to which the rule applies. For example, you can restrict access to websites during working hours only, or allow visiting websites to users in certain groups.

How to enable a web resource address filter in Administration Console (MMC)

Open the Kaspersky Security Center Administration Console.
In the console tree, select Policies.
Select the necessary policy and double-click to open the policy properties.
In the policy window, select Security Controls → Web Control.
Select the Web Control check box.
In the Web Control settings block, click the Add button.
The Rule of access to web resources window opens.
Configure the web resource access rule:
1. In the Name field, enter the name of the rule.
2. In the Apply to addresses drop-down list, select To individual addresses.
3. Create a list of web resource addresses. You can enter a web address or use masks. You can also export a list of web resource addresses from a TXT file.
  If Encrypted Connections Scan is disabled, for the HTTPS protocol you can only filter by the server name.
4. In the Apply to users drop-down list, select the relevant filter for users:
  - To all users. Web Control will not filter web resources by address.
  - To individual users or groups. Web Control will filter only web resource addresses from the list. You can enter a web address or use masks. You can also export a list of web resource addresses from a TXT file. You can select users in Active Directory, in the list of accounts in Kaspersky Security Center, or by entering a local user name manually. Kaspersky recommends using local user accounts only in special cases when it is not possible to use domain user accounts.
5. In the Action drop-down list, select an option:
  - Allow. Web Control allows access to web resources that match the parameters of the rule.
  - Block. Web Control blocks access to web resources that match the parameters of the rule and displays a website access denied message.
  - Warn. When the user attempts to gain access to a web resource that matches the rule, Web Control displays a warning that visiting the web resource is inadvisable. By using links from the warning message, the user can obtain access to the requested web resource.
6. In the Rule schedule drop-down list, select a schedule or create a new schedule.
Save your changes.

How to enable a web resource address filter in Web Console and Cloud Console

In the main window of the Web Console, select Devices → Policies & profiles.
Click the name of the Kaspersky Endpoint Security policy.
The policy properties window opens.
Select the Application settings tab.
Go to Security Controls → Web Control.
In the Web Control Settings block, click the Add button.
Configure the web resource access rule:
1. In the Rule name field, enter the name of the rule.
2. Select the Active status for the web resource access rule.
  You can use the toggle switch to disable the web resource access rule at any time without removing it from the list.
3. In the Action block, select the relevant option:
  - Allow. Web Control allows access to web resources that match the parameters of the rule.
  - Block. Web Control blocks access to web resources that match the parameters of the rule and displays a website access denied message.
  - Warn. When the user attempts to gain access to a web resource that matches the rule, Web Control displays a warning that visiting the web resource is inadvisable. By using links from the warning message, the user can obtain access to the requested web resource.
4. Under Addresses, select Apply to individual addresses and/or groups.
5. Create a list of web resource addresses. You can enter a web address or use masks. You can also export a list of web resource addresses from a TXT file.
  If Encrypted Connections Scan is disabled, for the HTTPS protocol you can only filter by the server name.
6. In the Users block, select the relevant filter for users:
  - Apply to all users. Web Control will not filter web resources by address.
  - Apply to individual users and / or groups. Web Control will filter only web resource addresses from the list. You can enter a web address or use masks. You can also export a list of web resource addresses from a TXT file. You can select users in Active Directory, in the list of accounts in Kaspersky Security Center, or by entering a local user name manually. Kaspersky recommends using local user accounts only in special cases when it is not possible to use domain user accounts.
7. In the Rule schedule block, select a schedule or create a new schedule.
Save your changes.

How to enable a web resource address filter in the application interface

In the main application window, click the button.
In the application settings window, select Security Controls → Web Control.

Web Control settings
In the Settings block, click the Rules of access to web resources button.
In the window that opens, click the Add button.
The Rule of access to web resources window opens.
In the Rule name field, enter the name of the rule.
Select the On status for the web resource access rule.
You can use the toggle to disable the web resource access rule at any time.
In the Action block, select the relevant option:
- Allow. Web Control allows access to web resources that match the parameters of the rule.
- Block. Web Control blocks access to web resources that match the parameters of the rule and displays a website access denied message.
- Warn. When the user attempts to gain access to a web resource that matches the rule, Web Control displays a warning that visiting the web resource is inadvisable. By using links from the warning message, the user can obtain access to the requested web resource.
Under Addresses, select To individual addresses.
Create a list of web resource addresses. You can enter a web address or use masks. You can also export a list of web resource addresses from a TXT file.

If Encrypted Connections Scan is disabled, for the HTTPS protocol you can only filter by the server name.
In the Users block, select the relevant filter for users:
- To all users. Web Control will not filter web resources for specific users.
- To individual users and / or groups. Web Control will filter only web resource addresses from the list. You can enter a web address or use masks. You can also export a list of web resource addresses from a TXT file. You can select users in Active Directory, in the list of accounts in Kaspersky Security Center, or by entering a local user name manually. Kaspersky recommends using local user accounts only in special cases when it is not possible to use domain user accounts.
In the Rule schedule drop-down list, select a schedule or create a new schedule.
Save your changes.

As a result, the new Web Control rule is added to the list. If necessary, change the priority of the Web Control rule. You can also use the toggle switch to disable the web resource access rule at any time without removing it from the list.

Page top