Scenario for configuring access to Internet resources

The set of traffic processing rules allows:

• Compartmentalizing access to Internet resources for personnel of different departments.

  To do so, you can use existing domain groups if integration with Active Directory is configured. For example, you can allow access to all Internet resources for the Administrators group, and prohibit the Social networks or Software, audio, video (S0) categories for the rest of the employees.

• Blocking access to Internet resources prohibited by the laws of your country.

  To do so, you can create global rules of the highest priority that apply to all users.

• Controlling the volume of traffic.

  To ensure efficient usage of traffic, you can prohibit or limit downloading of multimedia files and access to Internet resources that are not relevant for the job.

• You can gather statistics about requested Internet resources in your organization.

  If the Allow action is selected in the traffic processing rule, the user is allowed to access the Internet resource but information about that request is written to the event log. You can filter logged events, for example, you can view all requests of users to the www.kaspersky.com website.

We recommend to configure traffic processing rules in the following order:

1. Creating workspaces and/or traffic processing rule groups.

   Traffic processing rules are checked in accordance with their priority. For the necessary rule to trigger, you need to prepare a method to organize rules. Using workspaces is recommended for large departments of an organization or for different clients of an ISP. Subsequently, rules can be grouped together. For example, you can create workspaces Branch office 1 and Branch office 2, and within the workspaces, add groups: Administrators, Accountants, etc.

2. Adding a traffic processing rule.

   Within each workspace or rules group, you can add access rules and protection rules.

3. Configuring a rule triggering initiator.

   For each added access rule and protection rule, you need to specify a user or program whose network connections must be controlled by Kaspersky Web Traffic Security.

4. Configuring traffic filtering criteria.

   Use traffic filtering criteria to configure conditions that govern which Internet resources accessed by the user must be checked in accordance with the rule.

5. Adding an exclusion for a traffic processing rule, if necessary.

   You can add a rule triggering initiator or a filtering criterion to exclusions. For example, you can prohibit access to the Software, audio, video (S0) category for all members of the Accountants domain group except the head of the department. Or you can prohibit downloads of files over 500 MB except files with corporate standards, etc.

6. Configuring the schedule of traffic processing rule, if necessary.

   The schedule allows to automatically disable a rule during specific times of the day. For example, you can configure rules to work only during work hours of the organization or disable a rule on a specific day.

Page top