Configuring network traffic scanning in the Web Console

In the Web Console, you can configure network traffic scan settings in the policy properties (Application settings → General settings → Network settings).

Encrypted connections scan settings

Setting

Description

Encrypted connections scan is enabled / disabled

This toggle switch enables or disables the encrypted connections scan.

The check toggle button is switched on by default.

Trusted root certificates

Contains the Manage trusted root certificates link, which opens the Trusted root certificates window. In this window, you can configure the list of trusted root certificates. The list is used when scanning encrypted connections.

Visiting a domain with an untrusted certificate

You can select the action that the application performs when a domain with an untrusted certificate is visited:

  • Allow (default value) — Allow connecting to the domain with an untrusted certificate.
  • Block — Block connection to the domain with an untrusted certificate.

Visiting a domain with an encrypted connections scan error

You can select the action that the application performs when a domain with an encrypted connections scan error is visited:

  • Allow and add domain to exclusions (default value) — Add the domain that resulted in the error to the list of domains with scan errors and do not scan encrypted network traffic when this domain is visited.
  • Block — Block connection to the domain with a scan error.

Certificate verification policy

You can select how the application verifies certificates:

  • Local check: the application does not use the internet to validate a certificate.
  • Full check (default value): the application uses the internet to check and download the missing chains that are needed to verify a certificate.

Trusted domains

Contains the Configure trusted domains link, which opens the Trusted domains window. In this window, you can configure the list of trusted domain names.

Monitored ports

Contains network port monitoring settings:

  • Monitor all network ports. If this option is selected, the application monitors all network ports.
  • Monitor selected network ports only. If this option is selected, the application monitors only the network ports specified in the Monitored ports window. This option is selected by default.

Clicking the Configure network port settings link opens the Monitored ports window, where you can specify the network ports to be monitored by the application.

Page top