Web-hosted cyberthreats are among the most common dangers encountered by a modern user, second only to email-borne attacks. Kaspersky Web Traffic Security guards your internet gateway, securing incoming and outgoing traffic and governing your employees’ internet use. This critical first line of defense identifies and blocks incoming web-based threats, including malware, ransomware and phishing, before they can enter your network and spread through your infrastructure – as well as minimizing the risk associated with careless web surfing and inappropriate data transmission.
Kaspersky Web Traffic Security incorporates the latest version of Kaspersky's award-winning anti-malware engine and is fed by real-time information from the cloud-based Kaspersky Security Network (KSN). The result is unequalled levels of gateway protection performance - detecting and removing dangerous objects, including exploits, malicious scripts and all other forms of known, unknown and advanced malware.
This technology detects suspicious and unwanted files and URLs, based on globally-acquired reputation data received from Kaspersky Security Network or its closed-loop version, Kaspersky Private Security Network.
Embedding malicious scripts into documents is a technique used in some of the most lethal malware recently developed, such as ExPetr/Petya/NotPetya. Kaspersky Web Traffic Security scans a whole range of document types, including MS Office files and PDFs, for any form of embedded malicious content. On detection, the infected file is blocked from opening.
Using the extended protection option, the application can detect and delete not only known malicious programs, but also potentially harmful programs (such as spyware or remote administration kits).
Kaspersky Web Traffic Security protects against the broadest range of ransomware, including newly emerging, complex specimens.
Categorization of web resources under more than 40 different groupings, based on our vast database of URLs, means that granular restrictions can be applied simply and accurately. Blocking URLs doesn’t require ‘SSL bumping’ even if the traffic is encrypted.
The transmission of files travelling in both directions through your internet gateway can be blocked according to filtering rules, based on the name (wildcards can be used), extension (using a format recogniser to counteract spoofing), size, MIME type and/or hash.
The product supports integration with proxy servers and storage via the ICAP and ICAP(s) protocols.
Where traffic monitoring (‘SSL bumping’) is implemented, and once the existing corporate proxy server has been configured, Kaspersky Web Traffic Security can control SSL-encrypted traffic and analyse objects (such as HTTPS web traffic objects) passing through the secured channel.
To handle large volumes of traffic in transit, Kaspersky Web Traffic Security supports cluster deployment, consisting of multiple traffic-processing nodes (servers). As traffic increases, more nodes can be deployed to keep everything secure.
An all-in-one, ready-to-use software appliance, complete with its own pre-configured proxy server, makes boosting your corporate IT network protection by adding a secure web gateway a no-brainer.
Recognizing that rapidly growing, diversified businesses may wish to keep independent projects or branch offices separate and governed by their own policies – while retaining top level of all-encompassing policy-making and control - Kaspersky Web Traffic Security supports the use of multiple independent workspaces.
Where security fine-tuning isn’t necessary (such as for bulk traffic scanning in telco scenarios), a trimmed down configuration can add yet a further boost to performance.
A web-based console is convenient for managing gateway security regardless of location –especially important for geographically distributed infrastructures.
Differing restrictions can be applied to different administrative roles in terms of access to areas of the management console.
Threat analysis results are presented using an event-centric approach and show real-time activity. User internet behavior can also be analysed.
Gateway-level threat event information can be easily incorporated into the infrastructure-wide scope of events monitored via a corporate SIEM system.
Multiple workspaces can be easily adopted for centralised management of multiple customer tenants, making Kaspersky Web Traffic Security a perfect choice for Managed Service Providers (MSPs)