Filtering application protocol traffic
You can set up application protocol traffic filtering in the web interface of Kaspersky IoT Secure Gateway 1000. Filtering allows blocking or unblocking FTP, HTTP, MQTT, Modbus, SMTP, IMAP, and POP3 traffic.
For the MQTT protocol only version 3.1.1 filtering is supported. For SMTP protocol only basic SMTP filtering is supported. Extended SMTP protocol filtering is not supported.
To configure application protocol traffic filtering:
- In the menu on the left side of the screen, select the Network → Filtering section.
- Configure traffic filtering for application protocols as follows:
- Select the check box next to the protocols for which you want to block traffic.
- Clear the check box next to the protocols for which you want to allow traffic.
By default, traffic is allowed for all application protocols.
- Click the Save button.
Kaspersky IoT Secure Gateway 1000 blocks all traffic for selected application protocols except for service traffic and allows traffic for the application protocols for which you cleared the check box.
When receiving a traffic packet that contains signs of a blocked application protocol, Kaspersky IoT Secure Gateway 1000 terminates the connection through which this traffic was exchanged. Several packets required to establish a connection may pass through Kaspersky IoT Secure Gateway 1000 after the traffic is detected, but then the connection will be terminated.
