Contents
Network settings
You can configure the settings of encrypted connection scans. These settings are used by the Web Threat Protection component.
When the encrypted connection scan settings are changed, the application generates a Network settings changed event.
Network settings
Setting |
Description |
|---|---|
Enable encrypted connection scans |
This check box enables or disables encrypted connection scans. The check box is selected by default. |
Action when an untrusted certificate is encountered |
In the drop-down list, you can select an action to be performed by the application upon detection of an untrusted certificate:
|
Action on an encrypted connection scan error |
In this drop-down list, you can select an action to be performed by the application when an error occurs during an encrypted connection scan:
|
Certificate verification policy |
In the drop-down list, you can select how the application verifies certificates:
|
Trusted domains |
This group of settings contains the Configure button. Clicking this button opens the Trusted domains window. In this window, you can configure the list of trusted domain names. |
Trusted certificates |
This group of settings contains the Configure button. Clicking this button opens the Trusted certificates window. In this window, you can configure a list of trusted certificates, which is used when scanning encrypted connections. |
Network ports settings |
This group of settings contains the Configure button. Clicking this button opens the Network ports window. |
Trusted domains window
This list contains the domain names and domain name masks that will be excluded from encrypted connection scans.
Example: *example.com. For example, *example.com/* is incorrect because a domain address, not a web page, needs to be specified.
By default, the list is empty.
You can add, edit and remove domains from the list of trusted domains.
Page topTrusted certificates window
You can configure a list of certificates considered trusted by Kaspersky Embedded Systems Security. The list of trusted certificates is used when scanning encrypted connections.
The following information is displayed for each certificate:
- Subject – certificate subject
- Serial number – serial number of the certificate
- Issuer – issuer of the certificate
- Valid from – certificate start date
- Expires on – certificate expiration date
- SHA-256 fingerprint – SHA-256 certificate thumbprint
By default, the certificate list is empty.
You can add and remove certificates.
Page topAdd certificate window
In this window, you can add a certificate to the trusted certificate list in one of the following ways:
- Indicate the path to the certificate file. The Browse button opens the standard file selection window. Indicate the path to the file that contains the certificate, in DER or PEM format.
- Copy the contents of the certificate file to the Enter certificate details field.
Network ports window
Network ports settings
Setting |
Description |
|---|---|
Monitor all network ports |
If this option is selected, the application monitors all network ports. |
Monitor specified ports only |
If this option is selected, the application monitors only the network ports specified in the table. This option is selected by default. |
Network ports settings |
This table contains network ports monitored by the application if the Monitor specified ports only option is selected. The table contains two columns:
By default, the table displays a list of network ports that are usually used for the transmission of mail and network traffic. The list of network ports is included in the application package. |