Block internet connection to selected apps using Kaspersky Endpoint Security (KES)

Block internet connection to selected apps using Kaspersky

If you are a network administrator and you have to manage internet connections for some users on the network using certain scenarios that includes blocking internet access for some apps, you can do this by following the tutorial below.

The tutorial is only for the sysadmins that are using Kaspersky Endpoint Security (KES) as the anti-virus & firewall solution on the computers or laptops that are enrolled in the network they manage. If you are a windows network administrator that is not using Kaspersky Endpoint Security, you can always try it by downloading a free 30 days trial.

Kaspersky is well known for the large portfolio of security solutions that provides great apps for securing your laptops or computers that are using Windows operating system and also for modern mobile phones running Android.

You are probably asking yourself how you can block or restrict internet access to apps and programs on a Windows laptop or computer using a security solutions that is normally meant to protect your laptop for viruses. The Kaspersky Endpoint Security is not just an antivirus solution, it also provides a firewall function. The Kaspersky firewall functionality can be used by the network administrator to control internet connectivity for individual apps, locally on every laptop and computers that runs Windows and Kaspersky Endpoint Security.

Prepare Kaspersky Endpoint Security to use a password for access

For being able to control anything within the Kaspersky app, the program is offering administrators the possibility to secure any functionality of the app using a password. Setting a password can be done through KES interface, by accessing Settings > General settings > Interface > Password protection. Here you have to click settings button, and a pop up window that displays users will open. There are two default users, one that gives rights to everyone to manage KES, called of course “Everyone” and one that can be used as an administrator, called KLAdmin.

Disable “Everyone” user permissions in Kaspersky Endpoint Security

The first step you have to make is to deny access for user called “Everyone” to any permissions this user has. For that you have to double click the user and unckeck any permission that user has. By default the Everyone user has permission to disable the control components of Kaspersky so make sure that the all the permissions for the Everyone user are unchecked. Remember that the Everyone user cannot be deleted and that is why it is important to remove any permission from it as mentioned above.

The second step you have to make is to set a password to the user called KLAdmin. To do that, you have to double click the KLAdmin user and in the window that opens you have to click on the password button. Set the password, confirm by clicking the ok button and go all the way to save your new configuration. Now you have prepared the KES for being configured, paused or closed only with an administrator password, so any changes for now on will ask for the admin user name(KLAdmin) and the password you set for it. You can change the name of the KLAdmin user to any username that you want.

Set password for KLAdmin user in Kaspersky Endpoint Security

Remember that setting KES to be configured only if you enter a password is a very important step into achieving the desired results like in this tutorial, meaning restricting individual apps to have internet connection. This will prevent any access for users to disable any component of Kaspersky Endpoint Security. Only the admin can now configure KES just the way it is needed and nobody else can do any changes, not even exit the application or to Pause protection and control.

Set KES Firewall rules to disable internet connection for specific apps

Now that you have password protected control on KES, you can go to the next step to disable internet connection for specific apps on the laptops or computers you manage as an admin.

Enable Kaspersky Firewall

For blocking access to internet for individual apps we’ll use Kaspersky Endpoint Security firewall function like this: go to Settings > Essential Thread Protection > Firewall. If firewall is disabled, you’ll have to enable it, otherwise you cannot control the internet connectivity of any app or program. After the firewall has been enabled, or if it was already enabled, the next step is to click on “Application rules”. A new window will open and here you will see a list with rules for monitoring application network activity. There are four presets for rules as follows: Trusted, Low Restricted, High Restricted and Untrusted. You can configure all this rules any way you want but we suggest to leave them just the way they are by default.

If you want to block internet access to users on the PC, you have to make use of this rules. There are different scenarios that I’m sure you have to follow on different computers and this is why this is one of the best practice to restrict internet access. Let’s say that you have a computer where you want to block any browser connectivity to the internet, but on that computer you also have a email client, like Outlook or Thunderbird that still needs internet connectivity for receiving and sending new messages. In this case you can block the connectivity of all the browsers that are installed on that computer and leave the email client access to internet.

Remove internet access for the installed browsers on Windows computers using Kaspersky Endpoint Security

To block internet connectivity for the installed browsers, simply select and expand(if not already expanded) the trusted rule and go to the app you need to block.

For blocking Google Chrome access to internet using KES firewall rules expand GOOGLE LLC, select chrome.exe and on the network column click on the green checked sign and select Block. Click OK and then click save.

Block internet access to Chrome browser using Kaspersky Endpoint Security

The following procedure should be applied to Mozilla Firefox browser for obtaining the same result. To block Firefox access to internet, expand MOZILLA CORPORATION, select firefox.exe and in the network column click the green checkbox sign and select Block. Remember to click OK to close the window and also to save the settings. If you don’t save the settings you modified, the rules will not be saved and they will not apply.

So far we removed internet access for Google Chrome and Mozilla Firefox browsers but there are also other installed browsers by default in Windows like Internet Explorer and Microsoft Edge.

To remove internet access for Internet Explorer and Microsoft Edge, you have to look for them in the Trusted tree rules under the MICROSOFT CORPORATION list of apps. For Internet explorer look for iexplore.exe and block the two apps. One internet explorer app is the 32 bit option ant the other one is the 64 bit option. For Edge browser you have to block four apps like this: MicrosoftEdge.exe, MicrosoftEdgeSH.exe and MicrosoftEdgeCP.exe (two apps for this one). Click OK and save the configuration for the rules to apply.

Block internet access to Microsoft Edge browser using Kaspersky Endpoint Security

You can also use the search function within the KES firewall rules to find Internet Explorer an Microsoft Edge apps faster and easier. In the search box from the right corner type iexplore for Internet Explorer and MicrosoftEdge (in one word) for Edge browser.

At this point users from the laptop or pc you configured these rules are no longer able to navigate the internet using any of the browsers mentioned above. They are able to use other apps that need internet connectivity, like an e-mail client or an ERP program but they will no longer browse the internet.

This solution is suitable for this scenario, when users should not have access to browse the internet but they should have internet connectivity for other apps.

If you need to block internet connectivity using other scenarios, you can do that too, also using Kaspersky Endpoint Security.

You can download and install a free trial of Kaspersky Endpoint Security here: