[KB5833] Manage Protocol/SSL/TLS filtering in ESET Windows home products (15.x–16.x)

Issue

Details

Click to expand

ESET products automatically check the security of communications to and from your computer by default. In addition to standard network communications, SSL and TLS communications are also checked for security.

See our Online Help topic for more information about Protocol Filtering and SSL/TLS scanning in ESET Smart Security Premium.

Solution

Protocol Filtering

Protocol filtering is enabled by default. To disable or re-enable protocol filtering for troubleshooting:

  1. Open the main program window of your Windows ESET product.

  2. Press the F5 to open Advanced setup.

  3. Click Web and Email and click the slider bar next to Enable application protocol content filtering to enable or disable this feature. Click OK.

    Figure 1-1
What is the risk of disabling SSL/TLS protocol filtering?

With more online content using an "HTTPS everywhere" approach, the importance of SSL/TLS scanning increases because threats can be hidden inside encrypted communications.

ESET products are designed to detect threats at the application level regardless of network filtering settings. However, for the most secure configuration, we recommend leaving SSL/TLS protocol filtering enabled whenever possible.

Exclude an Application or IP address from Protocol filtering: 
  1. Next to Excluded applications or Excluded IP addresses, click Edit.
    Figure 2-1

  2. Click Add, select an application or type in an IP address and click OK → OK. The new application/IP address has been added to the Protocol filtering exclusion list.

    Figure 2-2
  1. To edit or remove an application/IP address from the Protocol filtering exclusion list, select the applicable application/IP address, click Edit or Remove and click OK.
    Figure 2-3

SSL/TLS Scanning

SSL/TLS Scanning is enabled by default. To disable or re-enable SSL/TLS Scanning for troubleshooting:

  1. Open the main program window of your Windows ESET product.

  2. Press F5 on your keyboard to access Advanced setup.

  3. Click Web and Email, expand SSL/TLS and click the slider bar next to Enable SSL/TLS protocol filtering to enable or disable this feature. Click OK.

    Figure 3-1
Remove a certificate from the known certificates list

  1. Open the main program window of your Windows ESET product.

  2. Press the F5 key to open Advanced setup.

  3. Click Web and Email, expand SSL/TLS and click Edit next to List of known certificates.

    Figure 4-1
  1. Select the applicable certificate, click Delete and click OK.
    Figure 4-2

Additional options

SSL/TLS protocol filtering mode

Use the drop-down menu to select the filtering mode you want to use. See our Online Help topic for descriptions of each available filtering mode.

List of SSL/TLS filtered applications

Exclude a new application from SSL/TLS scanning:

Click Add and in the Application field, browse for the applicable application. The radio buttons in the Scan action field allow you to select whether to Scan all communications from an application, Ignore these communications, or Ask (you will receive a prompt asking what to do) each time communication is detected. Click OKOK.

Figure 5-1

To make a change or remove an application from the list, select the application and click Edit or Delete. Click OK.

Figure 5-2

For additional information about SSL/TLS scanning options, see our Online Help topic.

Last Updated: Oct 28, 2022

Additional resources

User Guides

ESET Forum

YouTube videos

Need further assistance?

Contact ESET Technical Support

More Information

Support News
Customer Advisories