Configuring the Driver Interceptor mode

Support

Support for business applications

Kaspersky Security 11.x for Windows Server

Traffic Security

Managing Traffic Security via the Administration Plug-in

Configuring the Traffic Security task

Configuring the Driver Interceptor mode

June 10, 2022

ID 153854

Save as PDF

To configure the Driver Interceptor mode:

Open the Traffic Security window.
On the General tab, select Driver Interceptor mode.
In the Task mode settings block, configure the following settings:
- Check safe connections through the HTTPS protocol.
  If the check box is selected, intercepted encrypted HTTPS traffic is decompressed and scanned for threats.
  
  If the check box is cleared, encrypted HTTPS traffic is not decompressed.
  
  The check box is selected by default.
  
  Scanning is available only if the HTTPS port is open.
- Select the versions of the cryptographic protocol that you want to use:
  - TLS 1.0
  - TLS 1.1
  - TLS 1.2
  All versions are selected by default. Moreover, the TLS 1.0 option cannot be disabled.
  
  Note, that you can use the TLS protocol in the Traffic Security task configuration only on protected devices running Microsoft Windows 7 or later, Microsoft Windows Server 2008 R2 or later.
- Do not trust web-servers with invalid certificate.
  The check box can be selected if the Check safe connections through the HTTPS protocol check box is selected.
  
  If this check box is selected, a web page with an invalid certificate is blocked (certificate has expired, signature verification error, certificate is withdrawn, etc.)
  
  If the Do not trust web-servers with invalid certificate check box is selected, Kaspersky Security for Windows Server blocks all connections with invalid certificates and also all connections with self signed certificate.
- Security port.
  Specify the port number used to redirect traffic from the browser or network driver to the inner port created by Kaspersky Security for Windows Server in order to detect web-based threats. We recommend that you do not modify the default port. The port number must not coincide with any ports that are open for the ICAP service. If you use the Redirector mode, ports that are already being used are listed in the Check safe connections through the HTTPS protocol field.
To add or exclude ports from the interception area, click the Configure interception area button.
The Interception area window opens.
Select one of the following options on the Intercept ports tab:
- Intercept all
- Intercept specified ports
  1. Enter the port number in the text field. You can add several ports by using a semicolon delimiter between port numbers.
  2. Click Add.
    Port is included in the interception area.
  By default, Kaspersky Security for Windows Server intercepts traffic that is transferred via the following ports: 80, 8080, 3128, 443.
  
  If you run Traffic Security task in Driver Interceptor mode with the Intercept all option enabled, make sure to configure the Kaspersky Security Center Administration Server to use the default port (13299) for connection with the Kaspersky Security Center Web Console (for more information, refer to Kaspersky Security Center Online Help), or, if you use a custom port, make sure to add this port to the Traffic Security task's list of excluded ports. Otherwise, Traffic Security blocks the connection from the Kaspersky Security Center Web Console to the Kaspersky Security Center Administration Server.
To specify ports you want to exclude from the interception area on the Exclude ports tab:
1. Enter the port number in the text field. You can add several ports by using a semicolon delimiter between port numbers.
2. Click Add.
  Port is excluded from the area.
  
  By default, Kaspersky Security for Windows Server excludes ports which are used by other applications and might cause issues when attempting to read data transferred via encrypted connection: 3389, 1723, 13291, 13299.
To exclude IP addresses from the interception area on the Exclude IP addresses tab:
1. Enter IP addresses in IPv4 format (in a short form or specifying an address with a subnet mask).
2. Click Add.
3. Click OK to save the changes.
To exclude process or executable file which requires traffic exchange on the Exclude processes tab:
1. Select the Apply exclusions for processes check box.
2. To exclude a file:
  1. Click the Executable files button.
    The standard Open windows is displayed.
  2. Select the executable file you want to exclude and click Open.
In the Interception area window click the OK button.
In the Traffic Security window click the OK button.

The task mode configuration is saved.

Kaspersky Security for Windows Server: Prompt detection of all kinds of threats

Launch control and exploit prevention for businesses of all sizes. Buy as part of Endpoint Security for Business Advanced.

Kaspersky Premium Support (MSA): High‑priority incident processing

Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.