Settings |
Description |
|---|---|
Limit traffic on metered connections |
If this check box is selected, the application limits its own network traffic when the Internet connection is limited. Kaspersky application identifies a high-speed mobile Internet connection as a limited connection and identifies a Wi-Fi connection as an unlimited connection. Cost-Aware Networking works on computers running Windows 8 or higher. |
Inject script into web traffic to interact with web pages |
If the check box is selected, Kaspersky application injects a web page interaction script into web traffic. This script ensures the operation of such components as Safe Money, Private Browsing, Anti-Banner, and URL Advisor. |
Support DNS over HTTPS (DoH) |
If the check box is selected, the application correctly processes DNS data transmitted over HTTPS. We do not recommend clearing this check box. |
Manage DoH servers |
The link opens a window where you can manually add a DoH server through which DNS data will be transferred in a browser. Here you can read about DNS over HTTPS (DoH) and how to add a DoH server. |
Monitored ports |
Monitor all network ports. In this port monitoring mode, Mail Anti-Virus and Safe Browsing monitor all open ports of your computer. Monitor selected network ports only. In this port monitoring mode, Mail Anti-Virus and Safe Browsing monitor the selected ports of your computer. You can specify the monitored network ports in the Network ports window, which can be opened by clicking the Select link. You can also specify the particular applications where monitoring of all the network ports used by these applications should be enabled:
|
Network ports |
A list of ports that are normally used for transferring email and web traffic is included in Kaspersky application distribution kit. By default, Kaspersky application monitors traffic passing through all ports from this list. You can add ports to the list or delete them from the list. If the Active value is set in the port line in the Status column, Kaspersky application monitors the traffic passing through this port. If the Inactive value is set in the port line in the Status column, Kaspersky application excludes this port from scans, but does not remove it from the list of ports. You can change the status and other port settings in the window by clicking the Edit button. |
Encrypted connections scan |
You can select one of the following modes for scanning encrypted connections over SSL:
If you do not want the application to verify an SSL connection with a website, you can add the website to the list of exclusions by clicking the Configure trusted addresses link. |
Visiting a domain with an encrypted connections scan error |
In the drop-down list, you can select the action that the application will perform if a secure connections scan error occurs on a website.
|
Domains with scan errors |
List of domains that could not be scanned due to errors when connecting to them. The addresses of the domains were checked against the database of malicious objects. |
Configure trusted addresses |
Click this link to open the Trusted addresses window, which contains a list of websites that you added as an exclusion for the Safe Browsing and URL Advisor components. |
Configure trusted applications |
List of applications whose activity is not monitored by Kaspersky application during its operation. You can select the types of application activity that Kaspersky application will not monitor (for example, do not scan network traffic). Kaspersky application supports environment variables, and the |
Block SSL 2.0 connections (recommended) |
If the check box is selected, the application blocks network connections established over the SSL 2.0 protocol. If the check box is cleared, the application does not block network connections established over the SSL 2.0 protocol and does not monitor network traffic transmitted over these connections. |
Decrypt an encrypted connection with the website that uses EV certificate |
EV certificates (Extended Validation Certificates) confirm the authenticity of websites and enhance the security of the connection. Browsers use a lock icon in their address bar to indicate that a website has an EV certificate. Browsers may also fully or partially color the address bar in green. If the check box is selected, the application decrypts and monitors encrypted connections with websites that use an EV certificate. If the check box is cleared, the application does not have access to the contents of HTTPS traffic. For this reason, the application monitors HTTPS traffic only based on the website address, for example, If you are opening a website with an EV certificate for the first time, the encrypted connection will be decrypted regardless of whether or not the check box is selected. |
Proxy server settings |
Settings of the proxy server used for Internet access of users of client computers. Kaspersky application uses these settings for certain protection components, including for updating databases and application modules. For automatic configuration of a proxy server, Kaspersky application uses the WPAD protocol (Web Proxy Auto-Discovery Protocol). If the IP address of the proxy server cannot be determined by using this protocol, the application uses the proxy server address that is specified in the Microsoft Internet Explorer browser settings. |
To scan encrypted connections in applications with their own certificate store, use |
If this check box is selected, the application scans encrypted traffic in supported browsers and mail clients. Access to some websites via the HTTPS protocol may be blocked. To scan traffic in Mozilla Firefox and Thunderbird, you must enable Encrypted Connections Scan. If Encrypted Connections Scan is disabled, the application does not scan encrypted traffic in Mozilla Firefox and Thunderbird. The application uses Kaspersky root certificate to decrypt and analyze encrypted traffic. You can select the certificate store that will contain the Kaspersky root certificate.
|