About the Network Threat Protection task

The Network Threat Protection can only be installed on a device running Microsoft Windows 7 and any later version or Windows Server 2008 R2 and any later version.

The Network Threat Protection task scans inbound network traffic for activity that is typical of network attacks. Upon detecting an attempted network attack that targets your computer, Kaspersky Security for Windows Server blocks network activity from the attacking computer. Your screen then displays a warning stating that a network attack was attempted, and shows information about the attacking computer.

By default, the Network Threat Protection task runs in the Block connections when attack is detected mode. In this mode, Kaspersky Security for Windows Server adds IP addresses of hosts showing activity typical of network attacks to the list of blocked hosts.

You can view the list of blocked hosts in the Blocked Hosts storage.

You can restore access to blocked hosts, and specify the number of days, hours and minutes after which hosts regain access to network file resources after being blocked by configuring the Blocked Hosts storage settings.

The IP addresses of hosts showing activity typical of network attacks are deleted from the list of blocked hosts in the following cases:

• Kaspersky Security for Windows Server is uninstalled.
• The IP address was deleted manually from the list of blocked hosts.
• Host blocking term has expired.
• The Network Threat Protection task was stopped and the Don't stop traffic analysis when the task is not running check boxed is cleared.
• The Block connections when attack is detected mode was turned off.