Kaspersky Endpoint Security 11 for Linux

Web Threat Protection

January 19, 2023

ID 210543

While the Web Threat Protection component is running, Kaspersky Endpoint Security scans inbound traffic and prevents downloads of malicious files from the Internet and also blocks phishing, adware, or other malicious websites. Web Threat Protection is started by default when the application starts.

This feature is not supported in the KESL container.

The application scans HTTP, HTTPS, and FTP traffic. Also, the application scans websites and IP addresses. You can specify the network ports or network port ranges to be monitored.

To monitor HTTPS traffic, enable encrypted connection scans. To monitor FTP traffic, select the Monitor all network ports check box.

Web Threat Protection settings

Setting

Description

Enable scans of incoming traffic on the device

This check box enables or disables incoming traffic scans on the computer.

The check box is selected by default.

Trusted web addresses

This group of settings contains the Configure button, which opens the Trusted web addresses window, where you can specify the list of trusted web addresses. Kaspersky Endpoint Security will not scan the contents of websites whose web addresses are included in this list.

Action on threat detection

In the drop-down list, you can select the action to be performed by Kaspersky Endpoint Security on a web resource where a dangerous object is detected:

  • Inform the user when a dangerous object is detected in web traffic. Web Threat Protection allows this object to be downloaded to the computer. Kaspersky Endpoint Security logs information about the dangerous object and adds information about the dangerous object to the list of active threats.
  • Block access to all dangerous objects detected in web traffic, display a notification about the blocked access attempts, and log information about the dangerous objects (default value).

Scan settings

This group of settings contains the Configure button, which opens the Scan settings window, where you can configure the settings for scanning incoming traffic.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.