Network ports monitoring

When Kaspersky Security is running, the Mail Anti-Virus, Web Anti-Virus, and Web Control components can monitor data streams that are transmitted over specific protocols and that pass through specific open TCP and UDP ports on the protected virtual machine. For example, Mail Anti-Virus scans data that is transmitted via SMTP, while Web Anti-Virus scans data that is transmitted via HTTP and FTP.

Kaspersky Security divides TCP and UDP ports of the operating system into several groups, depending on the likelihood of their being compromised. Some network ports are reserved for vulnerable services. You are advised to monitor these ports more thoroughly, because the likelihood that they are attacked is greater. If you use non-standard services that rely on non-standard network ports, these network ports may also be targeted by an attacking device. You can specify a list of network ports and a list of applications that request network access. These ports and applications then receive special attention from the Mail Anti-Virus and Web Anti-Virus components as they monitor network traffic.

You can perform the following actions to configure the settings of network ports control:

• Select the network ports monitoring mode.
• Create a list of monitored network ports.
• Create a list of applications for which all network ports are monitored.