Trusted web addresses

Windows

macOS

Linux

You can create a list of URLs whose content you trust. The Web Threat Protection component does not analyze information from trusted web addresses to check them for viruses or other threats. This option may be useful, for example, if the Web Threat Protection component interferes with the downloading of a file from a known website.

Kaspersky Endpoint Security supports the * and ? characters when entering a mask.

Scan exclusions

Windows

A scan exclusion is a set of conditions that must be fulfilled so that Kaspersky Endpoint Security will not scan a particular object for viruses and other threats. Scan exclusions make it possible to safely use legitimate software that can be exploited by criminals to damage the computer or user data. Although they do not have any malicious functions, such applications can be exploited by intruders. For details on legitimate software that can be used by intruders to damage your computer or personal data, please refer to the Kaspersky IT Encyclopedia website.

Kaspersky Endpoint Security supports the * and ? characters when entering a mask.

Security level

Windows

macOS

Linux

For Web Threat Protection, the application can apply different groups of settings. These groups of settings that are stored in the application are called security levels:

• Max protection. The security level under which the Web Threat Protection component performs maximum scanning of web traffic that the computer receives over the HTTP and FTP protocols. Web Threat Protection performs detailed scanning of all web traffic objects by using the full set of application databases, and performs the deepest possible heuristic analysis.

  The technology was developed for detecting threats that cannot be detected by using the current version of Kaspersky application databases. It detects files that may be infected with an unknown virus or a new variety of a known virus.

• Recommended. The security level that provides the optimal balance between the performance of the application and the security of web traffic. The Web Threat Protection component performs heuristic analysis at the medium scan level. This web traffic security level is recommended by Kaspersky specialists.
• Max performance. The settings of this web traffic security level ensure the maximum web traffic scanning speed. The Web Threat Protection component performs heuristic analysis at the light scan level.

Action on threat detection

Windows

macOS

Linux

Block. If this option is selected and an infected object is detected in web traffic, the Web Threat Protection component blocks access to the object and displays a message in the browser.

Allow, inform or prompt for action (depends on OS).

Windows If this option is selected and an infected object is detected in web traffic, Kaspersky Endpoint Security allows this object to be downloaded to the computer but adds information about the infected object to the list of active threats.

macOS Kaspersky Endpoint Security displays a notification window with information about the type of malware that has infected the web traffic object and prompts you to choose the action to be taken by Kaspersky Endpoint Security on this object. The available actions may vary depending on the status of the object.

Linux Kaspersky Endpoint Security informs the user about the detection of an infected object in web traffic. Web Threat Protection allows this object to be downloaded to the device. At that, the application logs the information about the infected object and adds it to the list of active threats.