Kaspersky Web Traffic Security
Kaspersky Web Traffic Security is a solution (hereinafter also referred to as "application") for protecting HTTP, HTTPS, and FTP traffic passing through a proxy server.
The application protects users of a corporate network when accessing Internet resources. For example, it deletes malware and other threats from the data stream that enters the corporate network via the HTTP(S) and FTP protocols, blocks infected and phishing websites, and controls access to Internet resources based on Internet resource categories and content types.
The application has been developed for corporate users.
Kaspersky Web Traffic Security:
- Protects the IT infrastructure of your organization from most modern malware and encrypting ransomware thanks to machine-learning algorithms and operating system data emulation technology.
- Blocks access to infected and phishing websites.
- Uses Kaspersky Security Network data to obtain information about the reputation of files and Internet resources, ensure that Kaspersky Lab applications react to threats faster without waiting for an application database update, and reduce the likelihood of false positives.
- Integrates with Kaspersky Private Security Network (hereinafter also referred to as KPSN) to access reputation databases of Kaspersky Security Network and other statistical data without sending data from their computers to Kaspersky Security Network.
- Scans encrypted traffic with certificate replacement on the proxy server side.
- Performs content filtering of incoming and outgoing files based on the URL, file name, MIME type, size, type of source file (the application can determine the true format and type of the file, regardless of its extension), and checksum (MD5 or SHA256).
- Lets you restrict access to various categories of Internet resources, for example: Gambling, lotteries, sweepstakes; Adult content; Internet for children; Prohibited by legislation of the Russian Federation.
- Lets you configure application settings and manage the application through the web interface.
- Lets you monitor the application operating status, the network traffic processed by the application, the number of scanned and detected objects, most recent threats, blocked users and URLs in the application web interface.
- Lets you create workspaces for configuring individual rules for processing traffic of departments of organizations or managed organizations (for Internet service providers).
- Lets you configure access permissions of administrators for working with managed organizations.
- Lets you investigate incidents involving Internet access by searching and viewing events.
- Adjusts traffic processing conditions in cases when traffic processing does not match the defined rules.
- Updates application databases from Kaspersky Lab update servers or custom resources (HTTP servers, shared network folders) according to schedule or on demand.
- Integrates with Microsoft® Active Directory® to assign roles and manage access and protection rules. Supports NTLM- and Kerberos authentication in Active Directory for access to the web interface.
- Publishes application events to a SIEM system that is already in use in your organization over the Syslog protocol. Relays information about each event as a separate syslog message in CEF format.
- Lets you access application information over the SNMP protocol.
Kaspersky Web Traffic Security is compliant with the General Data Protection Regulation (GDPR) and applicable European Union laws on confidential information, personal data, and data protection.