Configuring web address scan settings

To configure web address scan settings:

1. Open the Administration Console of Kaspersky Security Center.
2. In the console tree, perform one of the following actions:
   • If you want to configure the operating settings of SVMs of one KSC cluster, in the Managed devices folder of the console tree select the administration group containing the KSC cluster.
   • If you want to configure the operating settings of SVMs of all KSC clusters, select the Managed devices folder.
3. In the workspace, select the Policies tab.
4. Select a policy in the list of policies and double-click the policy to open the Properties: <Policy name> window.
5. In policy properties window, select the Web addresses scan section.
6. Select an action in the Action on threat detection list.
   

   This drop-down list lets you select the action that Kaspersky Security performs when it detects a web address that is listed in the database of malicious web addresses and/or the database of phishing web addresses:

   • Choose action automatically. Kaspersky Security performs the default action specified by Kaspersky Lab specialists. If network protection is deployed in standard mode, the Block action is automatically selected. If network protection is deployed in monitoring mode, the Ignore action is automatically selected.

     This action is selected by default.

   • Ignore. Kaspersky Security allows access to the web address detected in the database of malicious web addresses and/or in the database of phishing web addresses. In such a case, Kaspersky Security Center generates an event with information stating that access to web address has been provided.
   • Block. Kaspersky Security blocks access to the web address detected in the database of malicious web addresses and/or in the database of phishing web addresses.

   You can select an action if at least one of the following check boxes is selected: Scan web addresses based on the database of malicious web addresses or Scan web addresses based on the database of phishing web addresses.

   If network protection is deployed in monitoring mode, the Ignore action is applied regardless of the selected action upon detection of a web address that is listed in the database of malicious web addresses and/or in the database of phishing web addresses.

7. In the Do not block access to the following web addresses table, click Add or press INSERT and type a web address in the Web address column.
   

   Web address that Kaspersky Security does not block if it detects this web address in the databases of malicious and phishing web addresses.

   Please take the following considerations into account when specifying web addresses:

   • You can specify web addresses with the network protocol identifier (for example, http://example.org/index.html) or without the protocol identifier (for example, example.org/index.html).
   • Masks are not supported when entering web addresses.
   • You can specify the address of a specific web page or the address of a website. If you specified a website address, all web pages of this website are also excluded from blocking. For example, if the web address http://www.example.org is specified, the web addresses http://example.org/index.html and http://example.org/test/index.html are also excluded.
   • Web addresses with the prefix www and without the prefix www are considered to be different web addresses. For example, if the web address example.org is specified, only the web addresses example.org and http://example.org are excluded from blocking. However, the application may block the web addresses www.example.org and http://www.example.org.
8. In the Properties: <Policy name> window, click OK.