Configuring Web Reputation Settings

Procedure

1. Navigate to Agent Management.
2. In the agent tree, click the root icon () to include all Security Agents or select specific groups or Security Agents.
3. Click Settings → Web Reputation Settings.
4. To configure a policy for external Security Agents:
   1. Click the External Agents tab.
   2. Select Enable Web Reputation policy.
      When the policy is enabled, external Security Agents send web reputation queries to the Smart Protection Network.

      Note If a Security Agent only has an IPv6 address, read the IPv6 limitations for Web Reputation queries in Pure IPv6 Agent Limitations.

   3. Select from the available web reputation security levels: High, Medium or Low

      Note The security levels determine whether Apex One (Mac) will allow or block access to a URL. For example, if you set the security level to Low, Apex One (Mac) only blocks URLs that are known to be web threats. As you set the security level higher, the web threat detection rate improves but the possibility of false positives also increases.

   4. To submit web reputation feedback, click the URL provided. The Trend Micro Web Reputation Query system opens in a browser window.
5. To configure a policy for internal Security Agents:
   1. Click the Internal Agents tab.
   2. Select Enable Web Reputation policy.
      When the policy is enabled, internal Security Agents send web reputation queries to:

      • Smart Protection Servers if the Send queries to Smart Protection Servers option is enabled.
      • Smart Protection Network if the Send queries to Smart Protection Servers option is disabled.

      Note If a Security Agent only has an IPv6 address, read the IPv6 limitations for Web Reputation queries in Pure IPv6 Agent Limitations.

   3. Select Send queries to Smart Protection Servers if you want internal Security Agents to send web reputation queries to Smart Protection Servers.
      • If you enable this option, Security Agents refer to the same smart protection source list used by Apex One Security Agents to determine the Smart Protection Servers to which they send queries.

        Important Before enabling this option, read the guidelines in Trend Micro Smart Protection.

      • If you disable this option, Security Agents send web reputation queries to Smart Protection Network. Endpoints must have Internet connection to send queries successfully.
   4. Select from the available web reputation security levels: High, Medium or Low

      Note The security levels determine whether Apex One (Mac) will allow or block access to a URL. For example, if you set the security level to Low, Apex One (Mac) only blocks URLs that are known to be web threats. As you set the security level higher, the web threat detection rate improves but the possibility of false positives also increases. Security Agents do not block untested websites, regardless of the security level.

   5. To submit web reputation feedback, click the URL provided. The Trend Micro Web Reputation Query system opens in a browser window.
   6. Select whether to allow the Security Agents to send web reputation logs to the server. Allow Security Agents to send logs if you want to analyze URLs being blocked by Apex One (Mac) and take the appropriate action on URLs you think are safe to access.
6. If you selected one or more groups or Security Agents on the agent tree, click Save to apply settings to the groups or Security Agents. If you selected the root icon (), choose from the following options:
   • Apply to All Agents: Applies settings to all existing Security Agents and to any new Security Agent added to an existing/future group. Future groups are groups not yet created at the time you configure the settings.
   • Apply to Future Groups Only: Applies settings only to Security Agents added to future groups. This option will not apply settings to new Security Agents added to an existing group.