Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Difference between WRS Safety Pattern and WRS Blocking Pattern of Smart Protection Server (SPS) 3.0 Patch 2

    • Updated:
    • 5 Oct 2021
    • Product/Version:
    • Smart Protection Server 3.0
    • Platform:
    • Amazon AMI 32-bit
    • Amazon AMI 64-bit
    • Android 2.0, 2.1 Eclair
    • Android 2.1+
    • Android 2.2 Froyo
    • Android 2.3 Gingerbread
    • Android 3.x Honeycomb
    • Android 4.0 Ice Cream Sandwich
    • Android 4.1 Jellybean
    • Android 4.2 Jellybean
    • Android 4.3 Jellybean
    • Android 4.4 KitKat
    • Android 5.0 Lollipop
    • Android 5.1 Lollipop
    • Android 6.0 Marshmallow
    • Android All
    • Android すべて
    • Appliance DELL R210II
    • Appliance DELL R410
    • Appliance DELL R710
    • Appliance DELL R720
    • Appliance すべて
    • AS400 すべて
    • Bare Metal N/A
    • Blackberry 5.x
    • Blackberry すべて
    • CentOS 5.4 32-bit
    • CentOS 5.4 64-bit
    • CentOS 5.5 32-bit
    • CentOS 5.5 64-bit
    • CentOS 5.6 32-bit
    • CentOS 5.6 64-bit
    • CentOS 5.7 32-bit
    • CentOS 5.7 64-bit
    • CentOS 5.8 32-bit
    • CentOS 5.8 64-bit
    • CentOS 6 32-bit
    • CentOS 6 64-bit
    • CentOS 6.1 32-bit
    • CentOS 6.1 64-bit
    • CentOS 6.2 32-bit
    • CentOS 6.2 64-bit
    • Citrix XenServer 5.5
    • Citrix XenServer 6.0
    • EMC すべて
    • HPUX 11.x
    • IBM AIX
    • IBM IBM - OS/390
    • IBM IBM - OS/400/i5OS
    • IBM IBM zLinux
    • IBM AIX 5.2
    • IBM AIX 5.3
    • IBM AIX 6.1
    • IBM AIX 7.1
    • IBM OS/400/i5OS V5R4
    • IBM OS/400/i5OS V6R1
    • IBM OS/400/i5OS V7R1
    • IBM zLinux RHEL 5 64-bit
    • IBM zLinux SLES 10
    • IBM zLinux SLES 11
    • iOS 3.0+
    • iOS 4.0+
    • iOS 5.0+
    • iOS 6.0+
    • iOS 7.0+
    • iOS 7.1+
    • iOS 8.0+
    • iOS 8.1
    • iOS 8.2
    • iOS 8.3
    • iOS 8.4
    • iOS 9.0
    • iOS 9.1
    • iOS 9.2
    • iOS All
    • iOS すべて
    • Linux すべて
    • Linux - Red Hat RHEL 3 32-bit
    • Linux - Red Hat RHEL 3 64-bit
    • Linux - Red Hat RHEL 4 32-bit
    • Linux - Red Hat RHEL 4 64-bit
    • Linux - Red Hat RHEL 5 32-bit
    • Linux - Red Hat RHEL 5 64-bit
    • Linux - Red Hat RHEL 5.1 32-bit
    • Linux - Red Hat RHEL 5.1 64-bit
    • Linux - Red Hat RHEL 5.2 32-bit
    • Linux - Red Hat RHEL 5.2 64-bit
    • Linux - Red Hat RHEL 5.6 32-bit
    • Linux - Red Hat RHEL 5.6 64-bit
    • Linux - Red Hat RHEL 5.7 32-bit
    • Linux - Red Hat RHEL 5.7 64-bit
    • Linux - Red Hat RHEL 5.8 32-bit
    • Linux - Red Hat RHEL 5.8 64-bit
    • Linux - Red Hat RHEL 6 32-bit
    • Linux - Red Hat RHEL 6 64-bit
    • Linux - Red Hat RHEL 6.1 32-bit
    • Linux - Red Hat RHEL 6.1 64-bit
    • Linux - Red Hat RHEL 6.2 32-bit
    • Linux - Red Hat RHEL 6.2 64-bit
    • Linux - Red Hat RHEL 8 32-bit
    • Linux - Red Hat RHEL 8 64-bit
    • Linux - Red Hat RHEL 9 32-bit
    • Linux - Red Hat RHEL 9 64-bit
    • Linux - SuSE 10
    • Linux - SuSE 10 64-bit
    • Linux - SuSE 11
    • Linux - SuSE 11 64-bit
    • Linux - SuSE 9.0
    • Linux - Turbolinux Server 10
    • Linux - Turbolinux Server 8
    • Lync Server 2010
    • Lync Server 2013
    • Macintosh El Capitan
    • Macintosh iOS 3.x
    • Macintosh iOS 4.x
    • Macintosh iOS 5.x
    • Macintosh Leopard
    • Macintosh Lion
    • Macintosh Mavericks
    • Macintosh Mountain Lion
    • Macintosh Snow Leopard
    • Macintosh Tiger
    • Macintosh Yosemite
    • MacOS すべて
    • N/A N/A
    • NetApp すべて
    • Netware version 5.1
    • Netware version 6.0
    • Netware version 6.5
    • Oracle Linux 5 32-bit
    • Oracle Linux 5 64-bit
    • Oracle Linux 6 32-bit
    • Oracle Linux 6 64-bit
    • Oracle Solaris 11 SPARC
    • Oracle Solaris 11 x86
    • SaaS すべて
    • Solaris すべて
    • Sony PS3
    • Sony PS4
    • Sony PSP
    • Symbian ^3
    • Symbian S60
    • Symbian S60 3rd Edition
    • Symbian S60 5th Edition
    • Ubuntu 10.04 32-bit
    • Ubuntu 10.04 64-bit
    • Ubuntu 10.1 32-bit
    • Ubuntu 10.1 64-bit
    • Ubuntu 11.04 32-bit
    • Ubuntu 11.04 64-bit
    • Ubuntu 12.04 32-bit
    • Ubuntu 12.04 64-bit
    • Ubuntu 9.1 32-bit
    • Ubuntu 9.1 64-bit
    • UNIX すべて
    • Unix - Solaris (Sun) version 10 (SunOS 5.10)
    • Unix - Solaris (Sun) version 8 (SunOS 5.8)
    • Unix - Solaris (Sun) version 9 (SunOS 5.9)
    • Virtual Appliance 4.1
    • Virtual Appliance 5.1
    • Virtual Appliance すべて
    • VMware ESX - 5.0
    • VMware ESX 3.0
    • VMware ESX 3.5
    • VMware ESX 4.0
    • VMware ESX 4.1
    • VMware ESX 5.0
    • VMware ESXi 3.5
    • VMware ESXi 4.0
    • VMware ESXi 4.1
    • VMware ESXi 5.0
    • VMware ESXi 5.1
    • VMware ESXi 5.5
    • VMware Server 2.0
    • VMware vCenter 5.0
    • VMware vCenter 5.5
    • VMware vSphere 4.x
    • VMware vSphere 5.0
    • VMware vSphere 5.1
    • VMware vSphere 5.5
    • Windows 10 32-bit
    • Windows 10 64-bit
    • Windows 2000 Advanced Server
    • Windows 2000 Datacenter Server
    • Windows 2000 Professional
    • Windows 2000 Server
    • Windows 2000 Small Business Server
    • Windows 2003 Compute Cluster Server
    • Windows 2003 Datacenter
    • Windows 2003 Datacenter 64-bit
    • Windows 2003 Enterprise
    • Windows 2003 Enterprise 64-bit
    • Windows 2003 Home Server
    • Windows 2003 Server R2
    • Windows 2003 Small Business Server
    • Windows 2003 Small Business Server R2
    • Windows 2003 Standard
    • Windows 2003 Standard 64-bit
    • Windows 2003 Web Server 64-bit
    • Windows 2003 Web Server Edition
    • Windows 2008 Datacenter
    • Windows 2008 Datacenter 64-bit
    • Windows 2008 Enterprise
    • Windows 2008 Enterprise 64-bit
    • Windows 2008 Essential Business Server
    • Windows 2008 Server Core
    • Windows 2008 Server Foundation
    • Windows 2008 Server R2
    • Windows 2008 Server R2 Datacenter
    • Windows 2008 Server R2 Enterprise
    • Windows 2008 Server R2 with Hyper-V(TM)
    • Windows 2008 Small Business Server
    • Windows 2008 Standard
    • Windows 2008 Standard 64-bit
    • Windows 2008 Storage Server
    • Windows 2008 Web Server Edition
    • Windows 2008 Web Server Edition 64-bit
    • Windows 2011 Small Business Server Essentials
    • Windows 2011 Small Business Server Premium Add-on
    • Windows 2011 Small Business Server Standard
    • Windows 2012 Datacenter
    • Windows 2012 Datacenter R2
    • Windows 2012 Enterprise
    • Windows 2012 Enterprise R2
    • Windows 2012 Server Essential R2
    • Windows 2012 Server Essentials
    • Windows 2012 Server Foundation R2
    • Windows 2012 Standard
    • Windows 2012 Standard R2
    • Windows 2012 Web Server Edition
    • Windows 7 32-bit
    • Windows 7 64-bit
    • Windows 7 Home Premium 32-bit
    • Windows 7 Home Premium 64-bit
    • Windows 7 SP1 32-bit
    • Windows 7 SP1 64bit
    • Windows 7 SP1 64-bit
    • Windows 7 Starter 32-bit
    • Windows 7 Starter 64-bit
    • Windows 7 Ultimate 32-bit
    • Windows 7 Ultimate 64-bit
    • Windows 8 32-bit
    • Windows 8 64-bit
    • Windows 8 RT
    • Windows 8.1 32-bit
    • Windows 8.1 64-bit
    • Windows 9
    • Windows All
    • Windows Embedded POSReady 7 (32-bit/64-bit)
    • Windows Mobile 5 Pocket PC
    • Windows Mobile 5 Pocket PC Phone Edition
    • Windows Mobile 5 Smartphone
    • Windows Mobile 6 Classic
    • Windows Mobile 6 Professional
    • Windows Mobile 6 Standard
    • Windows Mobile 6.1 Professional
    • Windows Mobile 6.1 Standard
    • Windows Mobile 6.5 Professional
    • Windows Mobile 6.5 Standard
    • Windows Server 2012
    • Windows Storage Server 2003
    • Windows Vista 32-bit
    • Windows Vista 64-bit
    • Windows Vista SP1 32-bit / 64-bit
    • Windows Vista SP2 32-bit
    • Windows Vista SP2 32-bit / 64-bit
    • Windows Vista SP2 64-bit
    • Windows XP Home
    • Windows XP Professional
    • Windows XP Professional 64-bit
    • Windows XP SP2 32-bit
    • Windows XP SP3 32-bit
    • Windows XP Tablet PC
    • Windows すべて
    • Windows Mobile すべて
    • Windows Phone 8.0
    • Windows Phone 8.1
Summary

The default mode in SPS is the Web Reputation Services (WRS) Blocking Pattern, which serves as protection by providing malicious URL indicators (scores), but it does not include extra information regarding website content indexes (categories).

The WRS Safety Pattern mode provides more than that.

Details
Public

About WRS Safety Pattern mode

The WRS Safety Pattern mode enables both the Web Safety Pattern and the New Web Domain Pattern.

The Web Safety Pattern is the full version of the Web Blocking Pattern. It contains all URL indicators, as well as website categories, that the Global WRS has collected and verified. Compared to the default Web Blocking Pattern, it has a much higher coverage of website ratings because it allows WRS to respond to non-malicious ratings along with website and/or webpage categories for the user’s reference. Using the Web Safety Pattern provides the full Web Threat Protection (WTP) score range:

 

 

WTP Score

Web Blocking Pattern

Web Safety Pattern

Description

81 ~ 100
(Safe)

 

?

No known or potential threats

51 ~ 80 (Suspicious)

 

?

Spam or compromised sites or possibly a potential source of malware/spyware

71
(Unrated)

 

?

Unrated page

0 ~ 50 (Dangerous)

?

?

Verified to be a phishing page or a source of malware/spyware


For category support, Web Blocking Pattern only provides a category record for malicious URLs since the pattern entries contain malicious URLs only. With Web Safety Pattern, the full rating database resource provides all collected URL entries and categories.

 Web Blocking PatternWeb Safety Pattern
Category (Only for Malicious URLs)
ALL
WTP Score < 50 (Malicious)
ALL
 

The New Web Domain Pattern is a new concept in the WRS rating process. It provides SPS a public suffix list and a new domain service to detect whether a URL's domain is new or old. This could cover and identify new domain names, which lets the user or query flow take the necessary actions. If new domains are related with advanced persistent threats (APT) or have potentially malicious behaviors, the user will have a chance to collect or process these URLs. URLs from a new domain will be rated with a score of 71 (Unrated) and a new category 93.
 

How to enable WRS Safety Pattern mode

To switch to the WRS Safety Pattern mode:

  1. Log in to the SPS console with the root account.
  2. Enter the following commands in succession:

    $> clish
    $> enable
    $> enable web-reputation-patterns

After executing these commands, SPS will stop WRS and download Web Safety Pattern. The whole process will take a while since the Web Safety Pattern's file size is larger than the Web Blocking Pattern's. WRS will launch automatically once the WRS switching process is complete. Meanwhile, the last Web Blocking Pattern database will be preserved.

 Currently, it is recommended that only customers using Deep Discovery (DD) and/or InterScan Messaging Security Virtual Appliance (IMSVA) should switch from the SPS Web Blocking Pattern to the Web Safety Pattern due to performance considerations.


How to disable WRS Safety Pattern mode

To disable the WRS Safety Pattern mode:

  1. Log in to the SPS console with the root account.
  2. Enter the following commands in succession:

    $> clish
    $> enable
    $> disable web-reputation-patterns

After executing these commands, SPS will restart WRS and re-use the preserved Web Blocking Pattern database.

Premium
Internal
Partner
Rating:
Category:
Configure; Troubleshoot; Remove a Malware / Virus; SPEC
Solution Id:
1113608
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.