Kaspersky Web Traffic Security NEW

The most common vectors of malware are via email and malicious websites. Kaspersky Web Traffic Security guards your internet gateway, securing your incoming and outgoing traffic and governing your employees’ internet use. This critical first line of defense identifies and blocks incoming web-based threats, including malware, ransomware and phishing, before they can enter your network and spread through your infrastructure – as well as minimizing the risk associated with careless web surfing and inappropriate data transmission.

  • Multi-layered anti-malware capabilities

    • Multi-layered anti-malware - cloud-assisted via the Kaspersky Security Network

      Kaspersky Web Traffic Security incorporates the latest version of Kaspersky Lab’s award-winning anti-malware engine and is fed by real-time information from the cloud-based Kaspersky Security Network (KSN). The result is unequalled levels of gateway protection performance - detecting and removing dangerous objects, including exploits, malicious scripts and all other forms of known, unknown and advanced malware.

    • Reputation-based filtering

      This technology detects suspicious and unwanted files and URLs, based on globally-acquired reputation data received from Kaspersky Security Network or its closed-loop version, Kaspersky Private Security Network.

    • Malicious document detection

      Embedding malicious scripts into documents is a technique used in some of the most lethal malware recently developed, such as ExPetr / Petya / NotPetya. Kaspersky Web Traffic Security scans a whole range of document types, including MS Office files and PDFs for any form of embedded malicious content and on detection they are blocked from opening.

    • Detection of potentially harmful programs

      Using the extended protection option, the application can detect and delete not only known malicious programs, but also potentially harmful programs (such as spyware or remote administration kits).

    • Ransomware protection

      Kaspersky Web Traffic Security protects against the broadest range of ransomware, including newly emerging, complex specimens.

    Internet usage control

    • Web control with categorization

      Categorization of web resources under more than 40 different groupings, based on our vast database of URLs, means that granular restrictions can be applied simply and accurately. Blocking URLs doesn’t require ‘SSL bumping’ even if the traffic is encrypted.

    • Content filtering

      The transmission of files travelling in both directions through your internet gateway can be blocked according to filtering rules, based on name (wildcards can be used), extension (using a format recognizer to counteract spoofing), size, MIME type and/or hash.

    Data acquisition

    • ICAP integration

      The product supports integration with proxy servers and storage via the ICAP and ICAP(s) protocols.

    • Ready for encrypted traffic monitoring

      Where traffic monitoring (‘SSL bumping’) is implemented, and once the existing corporate proxy server has been configured, Kaspersky Web Traffic Security can control SSL-encrypted traffic and analyze objects (such as HTTPS web traffic objects) passing through the secured channel.

    Performance, scalability, fault-tolerance

    • Load balancing

      To handle large volumes of traffic in transit, Kaspersky Web Traffic Security supports cluster deployment, consisting of multiple traffic-processing nodes supervised by a management node, which balances the traffic load between them.

    • Fault-tolerance

      While worker nodes will in fact continue working even if the master is down, the master node also has a secondary twin, which takes over should the primary master fail for any reason.

    • Multiple workspace support

      Recognizing that rapidly growing, diversified businesses may wish to keep independent projects or branch offices separate and governed by their own policies – while retaining top level of all-encompassing policy-making and control - Kaspersky Web Traffic Security supports the use of multiple independent workspaces.

    Manageability

    • Web-based administration console

      A web-based console is convenient for managing gateway security regardless of location –especially important for geographically distributed infrastructures.

    • Role-based access control

      Differing restrictions can be applied to different administrative roles in terms of access to areas of the management console.

    • Event management

      Threat analysis results are presented using an event-centric approach and show real-time activity. User internet behavior can also be analyzed.

    • SIEM integration

      Gateway-level threat event information can be easily incorporated into the infrastructure-wide scope of events monitored via a corporate SIEM system.

    • Multitenancy

      Multiple workspaces can be easily adopted for centralized management of multiple customer tenants, making Kaspersky Web Traffic Security a perfect choice for Managed Service Providers (MSPs)

    • Hardware requirements

      Traffic processing server:

      • CPU: Intel Xeon E5606 (4 cores) 1.86 GHz or more;
      • 8 GB RAM;
      • Swap partition at least 4 GB;
      • 100 GB of hard drive space, including:
      • 25 GB for temporary file storage;
      • 25 GB for log file storage.

      Management server:

      • CPU: Intel Xeon E5606 (4 cores) 1.86 GHz or more;
      • 8 GB RAM;
      • Swap partition at least 4 GB;
      • 100 GB of hard drive space.

      If you install the Master server and a Worker server on the same physical server:

      • CPU: 2 x Intel Xeon E5606 (8 cores) 1.86 GHz or more;
      • 16 GB RAM;
      • Swap partition at least 4 GB;
      • 200 GB of hard drive space, including:
      • 25 GB for temporary file storage;
      • 25 GB for log file storage.
    • Software requirements

      For Kaspersky Web Traffic Security to process the traffic of your network, you must install and configure a HTTP(S) proxy server that supports ICAP and Request Modification (REQMOD) and Response Modification (RESPMOD) services. You can use a separate proxy server or, for example, install the Squid service on a Worker server of Kaspersky Web Traffic Security.

      Software requirements for servers used for installing Kaspersky Web Traffic Security

      • Red Hat Enterprise Linux version 7.5 x64.
      • Ubuntu 18.04.1 LTS.
      • Debian 9.5.
      • SUSE Linux Enterprise Server 12 SP3.
      • CentOS version 7.5 x64.

      Additional requirements

      • Ngnix versions 1.10.3, 1.12.2 and 1.14.0.
      • Load Balancing HAProxy version 1.5.
      • Squid 3.5.20 if you install the Squid service on the Worker server.

      Software requirements for managing Kaspersky Web Traffic Security via the web interface

      We recommend using one of the following browsers to run the web interface:

      • Mozilla Firefox version 39.
      • Internet Explorer version 11.
      • Google Chrome version 43.
      • Microsoft Edge version 40.
A part of

    Not sure which Security Solution is right for your business?