To configure Web Reputation Service:
- On the Apex One server, log on to the Management Console.
- Go to Agents > Agent Management.
- Select the endpoint or domain group of the clients to configure.
- Click Settings > Web Reputation Settings.
- Under Enable Web Reputation on the following operating systems, select the types of Windows platforms to protect: Windows desktop platforms or Windows Server platforms.
Trend Micro recommends disabling Web Reputation for internal agents if you already use a Trend Micro product with the web reputation capability, such as InterScan Web Security Virtual Appliance.
- Enable Check HTTPS URLs.
HTTPS URL scanning also supports the HTTP/2 protocol. Before Web Reputation can check HTTPS or HTTP/2 URLs, you must configure some prerequisite settings for different browsers.
For more information, see HTTPS URL Scan Support. - Select Medium security level for the policy.
- For internal Security Agents, select Send queries to Smart Protection Servers if you want Security Agents to send web reputation queries to Smart Protection Servers
- For external Security Agents, under Untested URLs, you can use this option to block pages that have not been tested by Trend Micro.
- Under Browser Exploit Prevention, enable Block pages containing malicious script.
- The Browser Exploit Prevention feature only supports HTTP traffic analysis for Internet Explorer, Microsoft Edge Legacy, Microsoft Edge Chromium, Mozilla Firefox, and Chrome browsers.
- The Browser Exploit Prevention feature requires that you enable the Advanced Protection Service.
- To enable the Advanced Protection Service, go to Agents > Agent Management, click Settings > Additional Service Settings. After enabling the Browser Exploit Prevention feature for the first time on Security Agents, users must enable the required add-on in the browser before Browser Exploit Prevention is operational. For Security Agents running Internet Explorer 9, 10, or 11, users must enable the Trend Micro IE Protection add-on in the browser pop-up window.
- Configure the approved and blocked lists.
- Select Enable approved/blocked list.
- Type a URL.
You can add a wildcard character '*' anywhere on the URL. For example:
www.trendmicro.com/* means all pages on the www.trendmicro.com domain.
*.trendmicro.com/* means all pages on any sub-domain of trendmicro.com. - Click Add to Approved List or Add to Blocked List.
By default, Trend Micro and Microsoft websites are included in the Approved lists.
- To export the list to a .dat file, click Export and then click Save.
- If you have exported a list from another server and want to import it to this screen, click Import and locate the .dat file. The list will load on the screen.
- Select whether to allow agents to send logs to Apex One Server. You can use this option to analyze URLs blocked by WRS.
- If you selected domain(s) or agent(s) in the agent tree, click Save. If you clicked the root domain icon, choose from the following options:
- Apply to All Agents: Applies settings to all existing agents and to any new agent added to an existing/future domain. Future domains are domains not yet created at the time you configured the settings.
- Apply to Future Domains Only: Applies settings only to agents added to future domains. This option will not apply settings to new agents added to an existing domain.
- Log on to Apex Central Management Console.
- Go to Policies > Policy Management
- Click Create for a new policy or click Policy Name to edit
- Under Advanced Threat Protection select Web Reputation
- Under Enable Web Reputation on the following operating systems, select the types of Windows platforms to protect: Windows desktop platforms or Windows Server platforms.
- Enable Check HTTPS URLs. HTTPS URL scanning also supports the HTTP/ protocol. Before Web Reputation can check HTTPS or HTTP/2 URLs, you must configure some prerequisite settings for different browsers. For more information, see HTTPS URL Scan Support.
- Select Medium security level for the policy.
- For internal Security Agents, select Send queries to Smart Protection Servers if you want Security Agents to send web reputation queries to Smart Protection Servers
- Under Untested URLs, you can use this option to block pages that have not been tested by Trend Micro.
- Under Browser Exploit Prevention, enable Block pages containing malicious script.
- The Browser Exploit Prevention feature only supports HTTP traffic analysis for Internet Explorer, Microsoft Edge Legacy, Microsoft Edge Chromium, Mozilla Firefox, and Chrome browsers.
- The Browser Exploit Prevention feature requires that you enable the Advanced Protection Service.
- To enable the Advanced Protection Service, go to Policies > Policy Management, click Policy Name > Additional Service Settings. After enabling the Browser Exploit Prevention feature for the first time on Security Agents, users must enable the required add-on in the browser before Browser Exploit Prevention is operational. For Security Agents running Internet Explorer 9, 10, or 11, users must enable the Trend Micro IE Protection add-on in the browser pop-up window.
- Configure the approved and blocked lists.
- Select Enable approved/blocked list.
- Type a URL.
You can add a wildcard character '*' anywhere on the URL. For example:
www.trendmicro.com/* means all pages on the www.trendmicro.com domain.
*.trendmicro.com/* means all pages on any sub-domain of trendmicro.com. - Click Add to Approved List or Add to Blocked List.
- By default, Trend Micro and Microsoft websites are included in the Approved lists.
- To export the list to a .dat file, click Export and then click Save.
- If you have exported a list from another server and want to import it to this screen, click Import and locate the .dat file. The list will load on the screen.
- Select whether to allow agents to send logs to Apex One Server. You can use this option to analyze URLs blocked by WRS.
- Click Save/Deploy.