Kaspersky Web Traffic Security NEW
Web-hosted cyberthreats are among the most common dangers encountered by a modern user, second only to email-borne attacks. Kaspersky Web Traffic Security guards your internet gateway, securing incoming and outgoing traffic and governing your employees’ internet use. This critical first line of defense identifies and blocks incoming web-based threats, including malware, ransomware and phishing, before they can enter your network and spread through your infrastructure – as well as minimizing the risk associated with careless web surfing and inappropriate data transmission.
Multi-layered anti-malware capabilities
Multi-layered anti-malware - cloud-assisted via the Kaspersky Security Network
Kaspersky Web Traffic Security incorporates the latest version of Kaspersky's award-winning anti-malware engine and is fed by real-time information from the cloud-based Kaspersky Security Network (KSN). The result is unequalled levels of gateway protection performance - detecting and removing dangerous objects, including exploits, malicious scripts and all other forms of known, unknown and advanced malware.
This technology detects suspicious and unwanted files and URLs, based on globally-acquired reputation data received from Kaspersky Security Network or its closed-loop version, Kaspersky Private Security Network.
Malicious document detection
Embedding malicious scripts into documents is a technique used in some of the most lethal malware recently developed, such as ExPetr/Petya/NotPetya. Kaspersky Web Traffic Security scans a whole range of document types, including MS Office files and PDFs, for any form of embedded malicious content. On detection, the infected file is blocked from opening.
Detection of potentially harmful programs
Using the extended protection option, the application can detect and delete not only known malicious programs, but also potentially harmful programs (such as spyware or remote administration kits).
Kaspersky Web Traffic Security protects against the broadest range of ransomware, including newly emerging, complex specimens.
Internet usage control
Web control with categorization
Categorization of web resources under more than 40 different groupings, based on our vast database of URLs, means that granular restrictions can be applied simply and accurately. Blocking URLs doesn’t require ‘SSL bumping’ even if the traffic is encrypted.
The transmission of files travelling in both directions through your internet gateway can be blocked according to filtering rules, based on the name (wildcards can be used), extension (using a format recogniser to counteract spoofing), size, MIME type and/or hash.
The product supports integration with proxy servers and storage via the ICAP and ICAP(s) protocols.
Ready for encrypted traffic monitoring
Where traffic monitoring (‘SSL bumping’) is implemented, and once the existing corporate proxy server has been configured, Kaspersky Web Traffic Security can control SSL-encrypted traffic and analyse objects (such as HTTPS web traffic objects) passing through the secured channel.
Deployment, performance, scalability
To handle large volumes of traffic in transit, Kaspersky Web Traffic Security supports cluster deployment, consisting of multiple traffic-processing nodes (servers). As traffic increases, more nodes can be deployed to keep everything secure.
Secure Web Gateway (SWG) software appliance NEW
An all-in-one, ready-to-use software appliance, complete with its own pre-configured proxy server, makes boosting your corporate IT network protection by adding a secure web gateway a no-brainer.
Multiple workspace support
Recognizing that rapidly growing, diversified businesses may wish to keep independent projects or branch offices separate and governed by their own policies – while retaining top level of all-encompassing policy-making and control - Kaspersky Web Traffic Security supports the use of multiple independent workspaces.
Lean configuration deployment
Where security fine-tuning isn’t necessary (such as for bulk traffic scanning in telco scenarios), a trimmed down configuration can add yet a further boost to performance.
Web-based administration console
A web-based console is convenient for managing gateway security regardless of location –especially important for geographically distributed infrastructures.
Role-based access control
Differing restrictions can be applied to different administrative roles in terms of access to areas of the management console.
Threat analysis results are presented using an event-centric approach and show real-time activity. User internet behavior can also be analysed.
Gateway-level threat event information can be easily incorporated into the infrastructure-wide scope of events monitored via a corporate SIEM system.
Multiple workspaces can be easily adopted for centralised management of multiple customer tenants, making Kaspersky Web Traffic Security a perfect choice for Managed Service Providers (MSPs)
Minimum hardware requirements for Kaspersky Web Traffic Security standalone application:
- CPU: Intel Broadwell or newer, 8 cores
- RAM: 16GB
- At least 8 GB available for swap
- 200 GB available on the hard drive to install the application and store temporary files and log files
Minimum hardware requirements for Kaspersky Web Traffic Security all-in-one appliance:
- CPU: Intel Broadwell or newer, 8 cores
- RAM: 16GB
- HDD: 200GB
To operate, the Kaspersky Web Traffic Security standalone application requires the installation and configuration of an HTTP(S) proxy server that supports ICAP and Request Modification (REQMOD) and Response Modification (RESPMOD) services. You can use a separate proxy server or, for example, install the Squid service on one of the Kaspersky Web Traffic Security servers. The Kaspersky Web Traffic Security all-in-one appliance contains a pre-configured proxy server.
Minimum software requirements for Kaspersky Web Traffic Security standalone application:
- Squid version 3.5.x, 3.6 or higher.
- Ubuntu 18.04.2 LTS
- CentOS 7.6
- RHEL 7.6, 8
- Debian 10
- SLES 15
- Apache version 2.2, 2.4 or higher
Minimum software requirements for Kaspersky Web Traffic Security secure web gateway software appliance (virtualization platform):
- VMware ESXi 6.5 Update 2 / 6.7 Update 1.
- Microsoft Hyper-V Server 2016 / 2019
- Ngnix v.1.10.3, 1.12.2 or 1.14.0 (for standalone application only)
- Haproxy v.1.5 for load balancing (needs to be con¬figured separately)
To run the web interface of Kaspersky Web Traffic Security, we recommend one of the following browsers:
- Mozilla Firefox 67 or later
- Microsoft Internet Explorer 11 or later
- Microsoft Edge 44 or later
- Google Chrome version 75 or later
Windows Server editions for Active Directory integration:
- Windows 2012 R2 Standard
- Windows 2016 Standard
- Windows 2019 Standard
A crucial application ensuring safe World Wide Web access and helping govern employee use of the Internet.
A world-class anti-malware solution that ensures safe always-on Internet access for your entire workforce.
A summary guide to all our current security solutions, products and services for your business