Contents
Network settings
You can configure the settings of encrypted connection scans. These settings are used by the Web Threat Protection component.
When the encrypted connection scan settings are changed, the application generates a Network settings changed event.
Network settings
Setting |
Description |
|---|---|
Encrypted connections scan enabled / disabled |
This toggle button enables or disables scanning of encrypted connections. The check toggle button is switched on by default. |
Trusted certificates |
The Configure list of trusted certificates link opens a window where you can configure a list of trusted certificates. Trusted certificates are used when scanning encrypted connections. |
Action when an untrusted certificate is encountered |
You can select the action that the application performs on a container when it detects an untrusted certificate:
|
Action on errors during an encrypted connections scan |
You can select the action that the application performs when an error occurs during an encrypted connection scan:
|
Certificate verification policy |
You can select how the application verifies certificates:
|
Trusted domains |
Clicking the Configure list of trusted domains link opens the Trusted domains window. |
Network ports |
Clicking the Configure network port settings link opens the Network ports window, where you can specify the network ports to be monitored by the application. |
Monitor all network ports |
If this option is selected, the application monitors all network ports. |
Monitor specified ports only |
If this option is selected, the application monitors only the network ports specified in the Network ports window. This option is selected by default. |
Trusted certificates window
You can configure a list of certificates considered trusted by Kaspersky Embedded Systems Security. The list of trusted certificates is used when scanning encrypted connections.
The following information is displayed for each certificate:
- certificate subject
- serial number
- certificate issuer
- certificate start date
- certificate expiration date
- SHA-256 certificate thumbprint
By default, the certificate list is empty.
You can add and remove certificates.
Adding a trusted certificate window
In this window, you can add a certificate that will be trusted by Kaspersky Embedded Systems Security.
The Add certificate link opens the standard file selection window. Indicate the path to the file that contains the certificate, in DER or PEM format.
After the certificate file is selected, the window displays certificate information and the file path.
Page topTrusted domains window
This list contains the domain names and domain name masks that will be excluded from encrypted connection scans.
Example: *example.com. For example, *example.com/* is incorrect because a domain address, not a web page, needs to be specified.
By default, the list is empty.
You can add, edit and remove domains from the list of trusted domains.
Page topNetwork ports window
This table contains the network ports monitored by the application if the Monitor specified ports only option is selected in the Network settings window.
The table contains two columns:
- Port – monitored port.
- Description – description of the monitored port.
By default, the table displays a list of network ports that are usually used for the transmission of mail and network traffic. The list of network ports is included in the application package.
You can add, edit, and delete items in the table.
Page top