Trend Micro web reputation technology helps break the infection chain by assigning websites a "reputation" based on an assessment of the trustworthiness of a URL, derived from an analysis of the domain. Web reputation protects against web-based threats including zero-day attacks, before they reach the network. Trend Micro web reputation technology tracks the lifecycle of hundreds of millions of web domains, extending proven Trend Micro antispam protection to the Internet.
The Web reputation criteria are configured to prevent access to malicious URLs in email messages.
The Web Reputation Settings screen appears.
Lowest (most conservative)
Moderately high (the default setting)
Highest (most aggressive)
Web pages change frequently, and it is difficult to find data or follow a link after the underlying page is modified. Such websites are usually used as vehicles for transporting malware and carrying out phishing attacks.
If you select this check box, Trend Micro Email Security will take actions on all email messages containing URLs that have not been tested by Trend Micro. These URLs might include some legitimate URLs.
These settings are not included in the Trend Micro Email Security Standard license.
For details about different license versions, see Available License Versions.
Virtual Analyzer performs observation and analysis on samples in a closed environment. It takes 3 minutes on average to analyze and identify the risk of a URL, and the time could be as long as 30 minutes for some URLs.
There is a submission quota limiting the number of URLs that can be sent to Virtual Analyzer within 24 hours. The quota is calculated based on a 24-hour sliding window as follows:
URL submission quota = Seat count * 8
For example, if you have 1,000 seats, a total of 8,000 URLs can be submitted to Virtual Analyzer for analysis within 24 hours. Note that the submission quota mentioned here is subject to change without notice.
In addition, the following cases will not be taken into account for quota measurement:
Samples hit the local or cloud cache.
Sample URLs are unreachable.
Other unexpected scan exceptions.
Once the quota is used up, no more URLs can be sent to Virtual Analyzer. Nevertheless, the quota will be restored as the 24-hour sliding window moves forward.
You can configure scan exception actions for the URL submissions over quota. For details, see Configuring "Scan Exceptions" Actions.
Apply to URLs that have not been tested by Trend Micro
Apply to URLs marked by Web Reputation Services as possible security risks
Apply to all URLs
Time-of-Click Protection is available only in inbound protection.
Web Reputation Services mark URLs as possible security risks if the URLs host or redirect to malicious files. For example, untested websites, file sharing websites and shortened URLs are marked as possible security risks.
Enabling Time-of-Click Protection for digitally signed messages is not recommended because digital signatures might be destroyed.
To manage the Web Reputation Approved List, navigate to the following path:
Administration > Policy Objects > Web Reputation Approved List
For details, see Managing the Web Reputation Approved List.
To manage the URL keyword exception list, navigate to the following path:
Administration > Policy Objects > URL Keyword Exception List
The protocol and domain parts of an URL will not be used for keyword match.
For details, see Managing the URL Keyword Exception List.