Excluding web resources from secure connections scan

Kaspersky Security does not decrypt traffic or check security certificates for web resources of trusted domains. You can generate a list of trusted domains through Kaspersky Security Center or in the local interface of Light Agent for Windows.

To create a list of trusted domains via Kaspersky Security Center:

  1. Open Kaspersky Security Center Administration Console.
  2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
  3. In the workspace, select the Policies tab.
  4. Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
  5. In the Light Agent for Windows policy properties window, select the Network Traffic Monitoring section in the list on the left.

    In the right part of the window the settings for Network Ports Monitoring and for Scanning Secure Connections are displayed.

  6. In the right part of the window, in the Secure connections scan section, click the Trusted domains button.

    The Trusted domains window opens.

  7. If you want to add a domain to the list of trusted domains:
    1. Click the Add button.

      The Domain name window opens.

    2. Enter the domain name or web address.

      The scan exclusion is not applied to web resources of subdomains of the specified domain. If you want to exclude web resources of subdomains from secure connections scan, enter the domain mask in the format *.example.com.

    3. In the Domain name window, click OK.

      The new domain name will appear in the list of trusted domains.

      By default, all web resources of domains added to the list are excluded from secure connections scan. If necessary, you can temporarily cancel a scan exclusion for web resources of a domain without deleting the domain from the list of trusted domains. To do so, clear the check box near the domain name in the list.

  8. If you want to change the domain name in the list of trusted domains:
    1. Select the domain name in the list and click Edit.

      The Domain name window opens.

    2. Enter the new domain name, web address or domain mask in the format *.example.com and click OK.
  9. If you want to remove a domain name from the list of trusted domains, select it in the list and click Delete.
  10. In the Trusted domains window, click OK.
  11. Click the Apply button.

To generate a list of trusted domains in the local interface:

  1. On the protected virtual machine, open the application settings window.
  2. In the left part of the window, in the Other settings section, select Network traffic monitoring.

    In the right part of the window the settings for Network Ports Monitoring and for Scanning Secure Connections are displayed.

    If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.

  3. Complete steps 6–10 of the previous instructions.
  4. To save changes, click the Save button.
Page top