You can use Web Protection to configure access of Android device users to websites. Web Protection supports website filtering by categories defined in Kaspersky Security Network cloud service. Filtering allows you to restrict user access to certain websites or categories of websites (for example, those from the "Gambling, lotteries, sweepstakes", or "Internet communication" categories). Web Protection also protects the personal data of users on the internet.
To enable Web Protection:
You can accept the Web Protection Statement for the user in Kaspersky Security Center. In this case, the user is not required to take any action.
If you have not accepted the Web Protection Statement and prompt the user to do this, the user must read and accept the Web Protection Statement in the app settings.
If you have not accepted the Web Protection Statement, Web Protection is not available.
Web Protection on Android devices is supported only by Google Chrome, HUAWEI Browser, Samsung Internet, and Yandex Browser.
If the Kaspersky Endpoint Security for Android app in device owner mode is not enabled as an Accessibility Features service, Web Protection is supported only by the Google Chrome browser and checks only the domain of a website. To allow other browsers (Samsung Internet Browser, Yandex Browser, and HUAWEI Browser) support Web Protection, enable Kaspersky Endpoint Security as an Accessibility Features service. This will also enable the Custom Tabs feature operation.
The Custom Tabs feature is supported by Google Chrome, HUAWEI Browser, and Samsung Internet Browser.
Web Protection for HUAWEI Browser, Samsung Internet Browser, and Yandex Browser does not block sites on a mobile device if a work profile is used and Web Protection is enabled only for the work profile.
Web Protection is enabled by default: user access to websites in the Phishing and Malware categories is blocked. On devices managed by the Kaspersky Endpoint Security for Android app in device owner mode, Web Protection is supported only by the Google Chrome browser and checks only the domain of a website. To allow other browsers (Samsung Internet Browser, Yandex Browser, and HUAWEI Browser) to support Web Protection, Kaspersky Endpoint Security must be enabled as an Accessibility Features service.
To configure the settings of the device user's access to websites:
Complete the following steps within 15 minutes. Otherwise, you may face an error when saving changes to the policy.
This opens Statement regarding data processing for purpose of using Web Protection window.
If you do not accept Privacy Policy, mobile device user can accept Privacy Policy in the Initial Configuration Wizard or in the app ( → About → Terms and conditions → Privacy Policy).
If you select I do not accept the Web Protection Statement, the Web Protection does not block sites on a mobile device. Mobile device user cannot enable Web Protection in the Kaspersky Endpoint Security.
Step 5. Accept the Statement regarding data processing for purpose of using Web Protection.
Custom Tabs is an in-app browser that allows the user to view web pages without having to leave the app and switch to a full web browser version. This option provides better detection of a URL and its check against the configured Web Protection rules. If the check box is selected, Kaspersky Endpoint Security for Android opens the website in a full version of the browser and checks whole web address of the website. If the check box is cleared, Kaspersky Endpoint Security for Android checks only the domain of a website in Custom Tabs.
Step 8. Web Protection section. Select the categories of websites to block access to.
If Kaspersky Endpoint Security for Android is not set as an Accessibility feature, Web Protection may block an allowed website that loads some elements from a website with a domain that is not in the list of allowed domains.
https://example.com
).To make sure that the app allows or blocks access to the specified website in all supported versions of Google Chrome, HUAWEI Browser, Samsung Internet Browser, and Yandex Browser, include the same URL twice, once with the HTTP protocol (e.g., http://example.com
) and once with the HTTPS protocol (e.g., https://example.com
).
For example:
https://example.com
—The main page of the website is either allowed or blocked. This URL can only be accessed through the HTTPS protocol.http://example.com
—The main page of the website is either allowed or blocked, but only when accessed through the HTTP protocol. Other protocols like HTTPS are not affected.https://example.com/page/index.html
—Only the index.html
page of the website will be allowed or blocked. The rest of the website is not affected by this entry.The app also supports regular expressions. When entering the address of an allowed or blocked website, use the following templates:
https://example\.com/.*
—This template blocks or allows all child pages of the website, accessed via the HTTPS protocol (for example, https://example.com/about
).https?://example\.com/.*
—This template blocks or allows all child pages of the website, accessed via both the HTTP and HTTPS protocols.https?://.*\.example\.com
—This template blocks or allows all subdomain pages of the website (e.g., https://pictures.example.com
).https?://example\.com/[abc]/.*
—This template blocks or allows all child pages of the website where the URL path begins with 'a', 'b', or 'c' as the first directory (e.g., https://example.com/b/about
).https?://\w{3,5}.example\.com/.*
—This template blocks or allows all child pages of the website where the subdomain consists of a word with 3 to 5 characters (e.g., http://abde.example.com/about
).Use the expression https?
to select both the HTTP and HTTPS protocols. For more details on regular expressions, please refer to the Oracle Technical Support website.
Step 9. Web Protection section. Specify the list of websites to allow access to.
Mobile device settings are changed after the next device synchronization with Kaspersky Security Center.
Managing the website list
You can manage the list of websites with the following buttons:
.txt
file which contains the required URLs or regular expressions. The file must be encoded in UTF-8. URLs or regular expressions in the file must be separated by semicolons or by line breaks.