Views:
Trend Micro web reputation technology helps break the infection chain by assigning websites a "reputation" based on an assessment of the trustworthiness of a URL, derived from an analysis of the domain. Web reputation protects against web-based threats including zero-day attacks, before they reach the network. Trend Micro web reputation technology tracks the lifecycle of hundreds of millions of web domains, extending proven Trend Micro antispam protection to the Internet.
The Web reputation criteria are configured to prevent access to malicious URLs in email messages.
Note
Note
Web reputation also scans the QR codes in the body of an email or in an attached image file in the format of JPG, PNG, GIF, or BMP.

Procedure

  1. Click Scanning Criteria.
  2. Select and click Web reputation.
    The Web Reputation Settings screen appears.
  3. Complete web reputation security settings.
    1. Select a baseline web reputation catch rate from the Security level drop-down list:
      • Lowest (most conservative)
      • Low
      • Moderately low
      • Moderately high (the default setting)
      • High
      • Highest (most aggressive)
    2. Optionally select Take action on messages containing URLs that have not been tested by Trend Micro to block websites that might pose threats.
      Note
      Note
      Web pages change frequently, and it is difficult to find data or follow a link after the underlying page is modified. Such websites are usually used as vehicles for transporting malware and carrying out phishing attacks.
      If you select this check box, Cloud Email Gateway Protection will take actions on all email messages containing URLs that have not been tested by Trend Micro. These URLs might include some legitimate URLs.
  4. Under Virtual Analyzer, do the following:
    1. Select Submit URLs to Virtual Analyzer.
    2. Select a security level from the drop-down list to perform further observation and analysis on the submitted URLs.
      Virtual Analyzer performs observation and analysis on samples in a closed environment. It takes 3 minutes on average to analyze and identify the risk of a URL, and the time could be as long as 30 minutes for some URLs.
  5. Under Time-of-Click Protection, do the following:
    1. Select Enable Time-of-Click Protection and click one of the following:
      • Apply to URLs that have not been tested by Trend Micro
      • Apply to URLs marked by Web Reputation Services as possible security risks
      • Apply to all URLs
      Note
      Note
      Time-of-Click Protection is available only in inbound protection.
      Web Reputation Services mark URLs as possible security risks if the URLs host or redirect to malicious files. For example, untested websites, file sharing websites and shortened URLs are marked as possible security risks.
    2. Optionally select Apply to URLs in digitally signed messages if necessary.
      Note
      Note
      Enabling Time-of-Click Protection for digitally signed messages is not recommended because digital signatures might be destroyed.
  6. Select Enable the Web Reputation Approved List to exclude URLs matching the specified domains or IP addresses from Web Reputation, Time-of-Click Protection, and Virtual Analyzer scanning.
    Note
    Note
    To manage the Web Reputation Approved List, navigate to the following path:
    AdministrationPolicy ObjectsWeb Reputation Approved List
    For details, see Managing the Web Reputation approved list.
  7. Optionally select Enable the URL keyword exception list to exclude URLs containing specified keywords from both Time-of-Click Protection and Virtual Analyzer scanning.
    Note
    Note
    To manage the URL keyword exception list, navigate to the following path:
    AdministrationPolicy ObjectsURL Keyword Exception List
    The protocol and domain parts of an URL will not be used for keyword match.
    For details, see Managing the URL keyword exception list.
  8. Click Save.