Support

Support for business applications

Kaspersky Security for Virtualization 6.x Agentless

Events, notifications, and reports

Report types

Web Control report

Kaspersky Security for Virtualization 6.x Agentless
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ System requirements Download Forum Contact support Recovery tools Product videos

Web Control report

December 13, 2023

ID 71186

The Web Control report contains information about attempts by users or applications installed on protected virtual machines to access dangerous or inadvisable web addresses that belong to the web address categories selected for detection.

The Period field displays the period of time covered by the data included in the report. By default, the report contains for the last 30 days, including the report generation date.

It contains the following consolidated information:

  • Result. The result of the action taken by Kaspersky Security when it detects an attempt to access a dangerous or undesirable web address.
  • Rule. The network rule applied by the application when it takes action in response to a detected attempt to access a dangerous or undesirable web address. Possible values:
    • Kaspersky Security for Virtualization Agentless: Attempt to access a malicious web address
    • Kaspersky Security for Virtualization Agentless: Attempt to access a phishing web address
    • Kaspersky Security for Virtualization Agentless: Attempt to access an advertising web address
    • Kaspersky Security for Virtualization Agentless: Attempt to access a web address from the "Other" category
  • Attempts. Number of attempts to access a dangerous or undesirable web address.
  • User accounts. The number of protected virtual machines from which attempts were made to access a dangerous or undesirable web address.
  • Web addresses. The number of dangerous or undesirable web addresses for which access attempts were detected.
  • Devices. Depends on the infrastructure where Kaspersky Security is deployed:
    • In the infrastructure managed by VMware NSX-T Manager – number of SVMs that detected an attempt to access a dangerous or undesirable web address.
    • In the infrastructure managed by VMware NSX-V Manager – number of protected virtual machines where an attempt to access a dangerous or undesirable web address was detected.
  • Administration groups. Depends on the infrastructure where Kaspersky Security is deployed:
    • In the infrastructure managed by VMware NSX-T Manager – number of administration groups, which include SVMs that detected an attempt to access a dangerous or undesirable web address.
    • In the infrastructure managed by VMware NSX-V Manager – the field displays 1, since all protected virtual machines are assigned to the same "pseudohosts" conditional group. The "pseudohosts" group does not belong to administration groups and is not displayed in the Kaspersky Security Center Administration Console. Protected virtual machines cannot belong to administration groups, because they are not considered as client devices of Kaspersky Security Center.
  • First attempt. The date and time of the first attempt to access a dangerous or undesirable web address.
  • Last attempt. The date and time of the last attempt to access a dangerous or undesirable web address.

    The row below contains the following consolidated information:

    • Rules. The number of network rules that determine which action the application takes when it detects an attempt to access a dangerous or undesirable web address. For Kaspersky Security, the value in this field is: 4.
    • Blocked attempts. The number of attempts to access dangerous or undesirable web addresses blocked by Kaspersky Security.
    • Warnings. The number of attempts to access dangerous or undesirable web addresses that were allowed according to the application settings.
    • Blocked web addresses. The number of dangerous or undesirable web addresses that were blocked by Kaspersky Security.
    • Web addresses with warnings. The number of dangerous or undesirable web addresses that were allowed to be accessed according to the application settings.
    • Blocked users. The number of protected virtual machines from which attempts were made to access blocked web addresses.
    • Warned users. The number of protected virtual machines for which Kaspersky Security allowed access to dangerous or undesirable web addresses.
    • First blocked attempt. The date and time of the first attempt to access a dangerous or undesirable web address that was blocked by Kaspersky Security.
    • Last blocked attempt. The date and time of the last attempt to access a dangerous or undesirable web address that was blocked by Kaspersky Security.
    • First warning. The date and time of the first attempt to access a dangerous or undesirable web address that was allowed according to the application settings.
    • Last warning. The date and time of the last attempt to access a dangerous or undesirable web address that was allowed according to the application settings.

The report contains the following detailed information for each attempt to access a dangerous or undesirable web address:

  • Result. The result of the action taken by Kaspersky Security when it detects an attempt to access a dangerous or undesirable web address.
  • Rule. The network rule applied by the application when it takes action in response to a detected attempt to access a dangerous or undesirable web address. Possible values:
    • Kaspersky Security for Virtualization Agentless: Attempt to access a malicious web address
    • Kaspersky Security for Virtualization Agentless: Attempt to access a phishing web address
    • Kaspersky Security for Virtualization Agentless: Attempt to access an advertising web address
    • Kaspersky Security for Virtualization Agentless: Attempt to access a web address from the "Other" category
  • User account. The IP address of the protected virtual machine from which an attempt was made to access a dangerous or undesirable web address.
  • Web address. The dangerous or undesirable web address for which an access attempt was detected.
  • Time. The date and time when an attempt to access a dangerous or undesirable web address was detected.
  • Group. Depends on the infrastructure where Kaspersky Security is deployed:
    • In the infrastructure managed by VMware NSX-T Manager – administration group, which includes the SVM that detected an attempt to access a dangerous or undesirable web address.
    • In the infrastructure managed by VMware NSX-V Manager – the field displays the pseudohosts value, since all protected virtual machines are assigned to the same "pseudohosts" conditional group. The "pseudohosts" group does not belong to administration groups and is not displayed in the Kaspersky Security Center Administration Console. Protected virtual machines cannot belong to administration groups, because they are not considered as client devices of Kaspersky Security Center.
  • Device. Depends on the infrastructure where Kaspersky Security is deployed:
    • In the infrastructure managed by VMware NSX-T Manager – name of the SVM that detected an attempt to access a dangerous or undesirable web address, and the path to the SVM in the virtual infrastructure.
    • In the infrastructure managed by VMware NSX-T Manager – name of the protected virtual machine where an attempt to access a dangerous or undesirable web address was detected, and the path to the virtual machine in the virtual infrastructure.
  • Version number. The version number of the Kaspersky Security Network Threat Protection component that detected the attempt to access a dangerous or undesirable web address.
  • Last visible on the network. The date and time of the last event associated with the protected virtual machine from which an attempt was made to access a dangerous or undesirable web address.
  • IP address. Depends on the infrastructure where Kaspersky Security is deployed:
    • In the infrastructure managed by VMware NSX-T Manager – IP address of the SVM that detected an attempt to access a dangerous or undesirable web address.
    • In the infrastructure managed by VMware NSX-V Manager – IP address of the protected virtual machines where an attempt to access a dangerous or undesirable web address was detected.
  • NetBIOS name. Depends on the infrastructure where Kaspersky Security is deployed:
    • In the infrastructure managed by VMware NSX-T Manager this field is left blank.
    • In the infrastructure managed by VMware NSX-T Manager – name of the protected virtual machine where an attempt to access a dangerous or undesirable web address was detected, and the path to the virtual machine in the virtual infrastructure.
  • DNS name. Depends on the infrastructure where Kaspersky Security is deployed:
    • In the infrastructure managed by VMware NSX-T Manager – name of the SVM that detected an attempt to access a dangerous or undesirable web address, and the path to the SVM in the virtual infrastructure.
    • In the infrastructure managed by VMware NSX-T Manager – name of the protected virtual machine where an attempt to access a dangerous or undesirable web address was detected, and the path to the virtual machine in the virtual infrastructure.
  • As rated by KSN. The information about whether the attempt to access a dangerous or undesirable web address was detected using KSN. Possible values: Yes or No.

Kaspersky Professional Services
Implementation services. Health check and security system configuration. Contact us if you need expert help.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.