HIKVision video monitoring does not work with Web Threat Protection and Web Control enabled [KES for Windows]

[Antipova Anna]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.

This article is about Kaspersky Endpoint Security for Windows (KES for Windows)

 

Problem

3d party video monitoring solution from HIKVision and KES 11.3 or more recent version, up to 12.0

When you open the URL of video web server, for example, http://172.17.64.5/ the error Playback interrupted occurs.

The problem occurs because video software does not comply with HTTP RFC. 

Use the following key words to identify the problem in KES SRV trace:

rtsp://172.17.64.5/Streaming/ .......................................................................... GET /SDK/playback HTTP/1.1 ......................................................................... Incorrect HTTP header

(replace the example IP with one of web server's)

Solution

Add the executable of the web browser to Trusted applications:

• Tick the option "Do not scan network traffic";
• Specify the IP address of the web server in question (in our example, 172.17.64.5) .

When adding Internet Explorer to Trusted applications, please make sure to add the x86 version, which is run by default:

%ProgramFiles(x86)%\Internet Explorer\iexplore.exe

Unfortunately, it is not possible to add an IP subnet or IP range to the list of excluded IP addresses in trusted applications settings. 

In recent versions of KES, the following event is logged to local reports:

Event: Connection blocked
Application name: chrome.exe
Application path: C:\Program Files\Google\Chrome\Application
Application PID: ****
User name: ****
User type: Active user
Component: Protection
Event date: ****
IP address: 1.1.1.1
Protocol: HTTP or HTTPS
Resource name: office365atwork.com
Result: The HTTP connection is terminated. Resource name: office365atwork.com
Reason: The format of transferred data does not allow to scan it for threats. If you trust this resource, add it to scan exclusions.