Exclusion of applications from secure connections scan
You can configure an exclusion from secure connections scan for applications through Kaspersky Security Center or in the local interface of Light Agent for Windows.
To use Kaspersky Security Center to configure application exclusions from secure connections scanning:
Open Kaspersky Security Center Administration Console.
In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
In the workspace, select the Policies tab.
Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
In the policy properties window, select the Network traffic monitoring section in the list on the left.
In the right part of the window, in the Secure connections scan section, click the Trusted applications button.
In the Trusted zone window that opens, in the Trusted applications tab, select the application for which you want to configure an exclusion from secure connections scanning in one of the following ways:
If the application is absent from the list of trusted applications, click Add. In the Exclusions for application window, specify the path to the executable file of the application.
If the application is on the list of trusted applications, select it and click Edit.
In the Exclusions for application window, configure the settings for scanning network traffic transmitted for this application by using the Do not scan network traffic check box and the links located in the lower part of the window.
You can configure the following settings for scanning traffic transmitted for this application:
Exclude all traffic or only encrypted traffic from scans.
Exclude from scans the traffic transmitted for this application from any IP address or only from specified IP addresses.
Exclude from scans the traffic transmitted for this application from any or only from specified ports.
You can modify these settings by clicking the link.
In the Exclusions for application window, click OK.
In the Trusted zone window, click OK.
Click the Apply button.
To configure application exclusions from secure connections scanning in the local interface:
In the left part of the window, in the Other settings section, select Network traffic monitoring.
In the right part of the window the settings for Network Ports Monitoring and for Scanning Secure Connections are displayed.
If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.
Select the application for which you want to configure an exclusion from secure connections scan in one of the following ways:
If the application is absent from the list of trusted applications, click Add and select the application using one of the items in the context menu.
If the application is on the list of trusted applications, select it and click Edit.
In the Exclusions for application window, configure the settings for scanning network traffic transmitted for this application by using the Do not scan network traffic check box and the links located in the lower part of the window.
You can configure the following settings for scanning traffic transmitted for this application:
Exclude all traffic or only encrypted traffic from scans.
Exclude from scans the traffic transmitted for this application from any IP address or only from specified IP addresses.
Exclude from scans the traffic transmitted for this application from any or only from specified ports.
You can modify these settings by clicking the link.
In the Exclusions for application window, click OK.