Network Protection

Network ports monitoring

During the operation of Kaspersky Endpoint Security, the Web Control, Mail Threat Protection and Web Threat Protection components monitor data streams that are transmitted via specific protocols and that pass through specific open TCP and UDP ports on user computer. For example, the Mail Threat Protection component analyzes information transmitted via SMTP, while the Web Threat Protection component analyzes information transmitted via HTTP and FTP.

Kaspersky Endpoint Security divides TCP and UDP ports of the operating system into several groups, depending on the likelihood of their being compromised. Some network ports are reserved for vulnerable services. You are advised to monitor these ports more thoroughly because they have a greater likelihood of being targeted by a network attack. If you use non-standard services that rely on non-standard network ports, these network ports may also be targeted by an attacking computer. You can specify a list of network ports and a list of applications that request network access. These ports and applications then receive special attention from the Mail Threat Protection and Web Threat Protection components during network traffic monitoring.

Scan secure connections (HTTPS)

At first start after installation of Kaspersky Endpoint Security, Kaspersky certificate is added to the system certificate repository.

The functionality of encrypted connections scan is available if Kaspersky Endpoint Security is installed on a computer that runs Microsoft Windows for workstations. The functionality of encrypted connections scan is not available if Kaspersky Endpoint Security is installed on a computer that runs Microsoft Windows for file servers.

To scan encrypted connections using Firefox and Thunderbird, Kaspersky Endpoint Security enables usage of system storage of trusted certificates in the settings of these applications.

The Web Control, Mail Threat Protection, Web Threat Protection components can decrypt and scan network traffic transmitted over encrypted connections using the following protocols:

In this section:

Configuring the settings of network port monitoring

Configuring the encrypted connections scan

Page top