[KB5833] Manage Protocol/SSL/TLS filtering in ESET Windows home products

Details

ESET products automatically check the security of communications to and from your computer by default. In addition to standard network communications, SSL and TLS communications are also checked for security. See our Online Help topic for more information about Protocol Filtering and SSL/TLS scanning in ESET Smart Security Premium.

Solution

Protocol Filtering | SSL/TLS Scanning

Protocol Filtering

Protocol filtering is enabled by default.

To disable or re-enable protocol filtering for troubleshooting:

  1. Open the main program window of your Windows ESET product.

  2. PressF5to access Advanced setup.
  3. ClickWeb and Email,expand Protocol Filtering and then click the slider bar next to Enable application protocol content filtering toenable or disablethis feature.

  4. ClickOK.

Figure 1-1

What is the risk of disabling SSL/TLS protocol filtering?

With more online content using an "https everywhere" approach, the importance of SSL/TLS scanning increases because threats can be hidden inside encrypted communications.

ESET products are designed to detect threats at the application level regardless of network filtering settings, however for the most secure configuration, we recommend leaving SSL/TLS protocol filtering enabled whenever possible.

Exclude an Application or IP address from Protocol filtering:

  1. Next to Excluded applications or Excluded IP addresses, clickEdit.

Figure 2-1

  1. Click Add.

  2. Select an application or type inan IP address and then click OK.

  3. Click OK. The new application/IP address has been added to the Protocol filtering exclusion list.

Figure 2-2

  1. To edit or remove an application/IP address from the Protocol filtering exclusion list, select the applicableapplication/IP address, click Edit or Remove and then click OK.

SSL/TLS Scanning

SSL/TLS Scanning is enabled by default.

To disable or re-enable SSL/TLS Scanning for troubleshooting:

  1. Open the main program window of your Windows ESET product.

  2. PressF5to access Advanced setup.
  3. ClickWeb and Email,expandSSL/TLSand then click the slider bar next to Enable SSL/TLS protocol filtering toenable or disablethis feature.

  4. ClickOK.

Figure 3-1

Remove a certificate from the known certificates list:

  1. Open the main program window of your Windows ESET product.

  2. PressF5to access Advanced setup.
  3. ClickWeb and Email,expandSSL/TLSand then click Editnext toList of known certificates.

Figure 4-1

  1. Select the applicable certificate, click Remove and then clickOK.

Figure 4-2

Additional options

  • SSL/TLS protocol filtering mode: Use the drop-down menu to select the filtering mode you want to use. See our Online Help topic for descriptions of each available filtering mode.

  • List of SSL/TLS filtered applications: To exclude a new application from SSL/TLS scanning, click Add. In the Application field, browse for the applicable application. The radio buttons in theScan actionfield allow you to select whether toScanall communications from an application,Ignorethese communications,orAsk (you will receive a prompt asking what to do) each time communication is detected. Click OK.

Figure 5-1

  • To make a change or remove an application from the list, select the application and then clickEditorRemove. Click OK.

Figure 5-2

For additional information about SSL/TLS scanning options, see our Online Help topic.