Web Control

Web Control manages users' access to web resources. This helps reduce traffic and inappropriate use of work time. When a user tries to open a website that is restricted by Web Control, Kaspersky Endpoint Security will block access or show a warning (see the figure below).

Kaspersky Endpoint Security monitors only HTTP- and HTTPS traffic.

For HTTPS traffic monitoring, you need to enable encrypted connections scan.

Methods for managing access to websites

Web Control lets you configure access to websites by using the following methods:

Website category. Websites are categorized according to the Kaspersky Security Network cloud service, heuristic analysis, and the database of known websites (included in application databases). For example, you can restrict user access to the Social networks category or to other categories.
Data type. You can restrict users' access to data on a website, and hide graphic images, for example. Kaspersky Endpoint Security determines the data type based on the file format and not based on its extension.
Kaspersky Endpoint Security does not scan files within archives. For example, if image files were placed in an archive, Kaspersky Endpoint Security identifies the Archives data type and not Graphics.
Individual address. You can enter a web address or use masks.

You can simultaneously use multiple methods for regulating access to websites. For example, you can restrict access to the "Office files" data type just for the Web-based mail website category.

Website access rules

Web Control manages users' access to websites by using access rules. You can configure the following advanced settings for a website access rule:

Users to which the rule applies.
For example, you can restrict Internet access through a browser for all users of the company except the IT department.
Rule schedule.
For example, you can restrict Internet access through a browser during working hours only.

Access rule priorities

Each rule has a priority. The higher a rule is on the list, the higher its priority. If a website has been added to multiple rules, Web Control regulates access to the website based on the rule with the highest priority. For example, Kaspersky Endpoint Security may identify a corporate portal as a social network. To restrict access to social networks and provide access to the corporate web portal, create two rules: one block rule for the Social networks website category and one allow rule for the corporate web portal. The access rule for the corporate web portal must have a higher priority than the access rule for social networks.

Kaspersky notification about blocking access to the web page in the browser window. The user can create a request to access the web resource. Kaspersky notification about visiting a possibly insecure web page in the browser window. The user can create a request to access the web resource.

Web Control messages

In this section

Enabling and disabling Web Control

Actions with web resource access rules

Exporting and importing the list of web resource addresses

Monitoring user Internet activity

Editing templates of Web Control messages

Editing masks for web resource addresses

Page top