Kaspersky Web Traffic Security
Kaspersky Web Traffic Security (hereinafter also referred to as "the application" or "KWTS") is a solution designed for protecting HTTP-, HTTPS-, and FTP traffic passing through a proxy server.
The application protects users of a corporate network when accessing web resources. For example, it deletes malware and other threats from the data stream that enters the corporate network via the HTTP(S) and FTP protocols, blocks infected and phishing websites, and controls access to web resources based on web resource categories and content types.
The application is developed for corporate users.
Kaspersky Web Traffic Security:
- Protects the IT infrastructure of your organization from most modern malware and encrypting ransomware thanks to machine-learning algorithms and operating system data emulation technology.
- Blocks access to infected and phishing websites.
- Uses Kaspersky Security Network data to obtain information about the reputation of files and web resources, ensure that Kaspersky applications react to threats faster without waiting for an application database update, and reduce the likelihood of false positives.
- Integrates with Kaspersky Private Security Network (hereinafter also referred to as KPSN) to access reputation databases of Kaspersky Security Network and other statistical data without sending data from their computers to Kaspersky Security Network.
- Scans encrypted traffic with certificate replacement on the proxy server side.
- Performs content filtering of incoming and outgoing files based on the URL, file name, MIME type, size, type of source file (the application can determine the true format and type of the file, regardless of its extension), and checksum (MD5 or SHA256).
- Lets you restrict access to various categories of web resources (hereinafter also referred to as "web categories"), for example: Gambling, lotteries, sweepstakes; Adult content; Internet for children; Prohibited by laws of the Russian Federation.
- Lets you configure application settings and manage the application through the web interface.
- Lets you monitor the application status, the web traffic processed by the application, the number of scanned and detected objects, most recent threats, blocked users and URLs in the application web interface.
- Lets you create workspaces for configuring individual rules for processing traffic of departments of organizations or managed organizations (for Internet service providers).
- Lets you configure access permissions of administrators for working with managed organizations.
- Lets you investigate incidents involving Internet access by searching and viewing events.
- Adjusts traffic processing conditions in cases when traffic processing does not match the defined rules.
- Updates application databases from Kaspersky update servers or custom resources (HTTP servers, shared network folders) according to schedule or on demand.
- Integrates with Microsoft® Active Directory® to assign roles and manage access and protection rules. Supports NTLM- and Kerberos authentication in Active Directory for access to the web interface.
- Publishes application events to a SIEM system that is already in use in your organization over the Syslog protocol. Information about each event is sent to a separate syslog message.
- Lets you access application information over the SNMP protocol.
- Lets you deploy an ISO image of an operating system with the pre-installed application (including the proxy server).
- Lets you configure proxy server settings through the application web interface (when using an ISO image).
Kaspersky Web Traffic Security is compliant with the General Data Protection Regulation (GDPR) and applicable European Union laws on confidential information, personal data, and data protection.