Some of our customers have Microsoft's remote access solution called "Remote desktop gateway (RDG)".
Some time ago, we noticed that after upgrading Kaspersky to its latest version 220.127.116.1119, we were unable to log on to the RDG server. This server receives requests over port 443 (HTTPS) through root certificates (untrusted as they are issued by the enterprise CA).
However, the error presented was ID 4625 (annex). When searching for it, the reason for logon rejection is to use the NTLM protocol instead of NTLMv2.
However, after losing a few days trying to resolve an issue on the RDG server or the station for that protocol, we came to the conclusion that the problem is the Web Control module of this new version. When you disable it, the logon works on time.
Another test we performed was the installation of the previous version 18.104.22.168. In this release, the Web Control module does not prevent logon.
The interim solution was the uninstallation of the newer version of the product and the installation of the previous version.