Configuring user access to websites

You can define these policy settings for Android and iOS devices.

To protect personal and corporate data stored on mobile devices during internet browsing, you can configure user access to websites by using Web Protection. Web Protection scans websites before a user opens them, and then blocks websites that distribute malicious code and phishing websites designed to steal confidential data and gain access to financial accounts.

For Android devices, this feature also supports website filtering by categories defined in the Kaspersky Security Network cloud service. Filtering allows you to restrict access to certain websites or categories of websites (for example, those from the "Gambling, lotteries, sweepstakes" or "Internet communication" categories).

To enable Web Protection on iOS devices, the user must allow the Kaspersky Security for iOS app to add a VPN configuration.

To enable Web Protection on Android devices:

Web Protection on Android devices is supported only by Google Chrome, HUAWEI Browser, Samsung Internet Browser, and Yandex Browser.

If the Kaspersky Endpoint Security for Android app in device owner mode is not enabled as an Accessibility Features service, Web Protection is supported only by the Google Chrome browser and checks only the domain of a website. To allow other browsers (Samsung Internet Browser, Yandex Browser, and HUAWEI Browser) support Web Protection, enable Kaspersky Endpoint Security as an Accessibility Features service. This will also enable the Custom Tabs feature operation.

The Custom Tabs feature is supported by Google Chrome, HUAWEI Browser, and Samsung Internet Browser.

Web Protection for HUAWEI Browser, Samsung Internet Browser, and Yandex Browser does not block sites on a mobile device if a work profile is used and Web Protection is enabled only for the work profile.

To configure user access to websites:

  1. Open the policy properties window:
    • In the main window of Kaspersky Security Center Web Console or Cloud Console, select Devices > Policies & profiles. In the list of group policies that opens, click the name of the policy that you want to configure.
    • In the main window of Kaspersky Security Center Web Console or Cloud Console, select Devices > Mobile > Devices. Click the mobile device that falls under the policy that you want to configure, and then select the policy on the Active policies and policy profiles tab.
  2. In the policy properties page, select Application settings > Security controls.
  3. In the Web Protection section, select the Enable Web Protection check box to enable the feature.
  4. For Android devices, you can select one of the following options:
    • To restrict user access to websites based on their content:
      1. Select Block websites of specified categories.
      2. Select the check boxes next to the categories of websites to which Kaspersky Endpoint Security for Android will block access.

        If Web Protection is enabled, user access to websites in the Phishing and Malware sites categories is always blocked.

    • To specify the list of allowed websites:
      1. Select Allow only specified websites.
      2. Create a list of websites by adding website addresses to which the app will not block access. You can add websites by link (full URL, including the protocol, e.g. https://example.com).

        Kaspersky Endpoint Security for Android also supports regular expressions. When entering the address of an allowed or blocked website, use the following templates:

        • https://example\.com/.*—This template blocks or allows all child pages of the website, accessed via the HTTPS protocol (for example, https://example.com/about).
        • https?://example\.com/.*—This template blocks or allows all child pages of the website, accessed via both the HTTP and HTTPS protocols.
        • https?://.*\.example\.com—This template blocks or allows all subdomain pages of the website (e.g., https://pictures.example.com).
        • https?://example\.com/[abc]/.*—This template blocks or allows all child pages of the website where the URL path begins with 'a', 'b', or 'c' as the first directory (e.g., https://example.com/b/about).
        • https?://\w{3,5}.example\.com/.*—This template blocks or allows all child pages of the website where the subdomain consists of a word with 3 to 5 characters (e.g., http://abde.example.com/about).

        Use the expression https? to select both the HTTP and HTTPS protocols. For more details on regular expressions, please refer to the Oracle Technical Support website.

    Screenshot of the Web Protection section with regular expressions' examples.

    Web Protection section with regular expressions' examples

    • To block user access to all websites, select Block all websites.
  5. Click the Save button to save the changes you have made to the policy and exit the policy properties window.

Mobile device settings are configured after the next device synchronization with Kaspersky Security Center.

Page top