Kaspersky Security 11.x for Windows Server

About the Traffic Security task

June 10, 2022

ID 153741

The Traffic Security component processes web traffic (including traffic received via mail services) and intercepts and scans objects transferred through web traffic in order to detect known computer and other threats on the protected device. The ICAP service scans incoming traffic for threats and blocks or allows traffic depending on the scan results and configured scan settings.

Kaspersky Security for Windows Server also detects and intercepts traffic requested by any processes running under Windows Subsystem for Linux. For such processes, the Traffic Security task applies the action defined by the current task configuration.

Traffic Security component is installed by default.

The component provides the following types of protection:

  • Mail threat protection:
    • Anti-phishing
    • Protection against mail-based malware
  • Web threat protection:
    • Anti-phishing
    • Malicious URL scan
    • Protection against web-based malware
    • Web Control:
      • URL control
      • Certificate control
      • Category-based web control

We highly recommend that you use KSN services when starting the Traffic Security task in order to enhance threat detection. KSN cloud databases contain more recent information about web threats than local anti-virus databases. Several web control categories are analyzed purely based on conclusions received from KSN services.

Traffic Security modes

Traffic Security can operate in the following modes:

  • Driver Interceptor. The application intercepts traffic with a network driver. It uses a network kernel driver to intercept and analyze all incoming traffic for the specified ports.
  • Redirector. The application processes requests coming from the user's web browser as a proxy server and redirects the received traffic to an internal ICAP-server. This mode implies additional configuration of the web browser: it is necessary to specify the address and the port for the proxy server connection.
  • External Proxy. The application processes traffic from an external proxy server. The traffic is transferred from the external proxy server to Kaspersky Security for Windows Server. The application analyzes the traffic and recommends an action to the external proxy. Kaspersky Security for Windows Server is only compatible with proxies that transfer traffic via the ICAP protocol.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.