Configure Web Reputation
Configure the Web Reputation module to define its behavior for a policy. When designing the modules behavior and implementing it using the API, use the same background information and guidance that is provided in the Deep Security Help Center.
Policy objects contain two objects that you use to configure the Web Reputation module:
WebReputationPolicyExtension
: Controls the module state (on or off).PolicySettings
: Policy settings include many Web Reputation-related settings that control the runtime behavior of the module, such as the allowed and blocked URLs and domains, the ports to monitor, security level, and the use of Smart Protection Server.
The following JSON represents the data structure of a WebReputationPolicyExtension
object:
{ "state": "off", "moduleStatus": {...} }
The moduleStatus
property is read-only. It provides the runtime status of the Web Reputation module. (See Report on Computer Status.)
General steps
Generally, use the following steps to configure the Web Reputation module:
- Create a
WebReputationPolicyExtension
object and set the properties. - Create a
PolicySettings
object to configure runtime settings of the module. - Create a
Policy
object and add theWebReputationPolicyExtension
andPolicySettings
objects. - Use a
PoliciesApi
object to add or update the policy on Deep Security Manager.
If you only need to set a single Web Reputation-related policy setting, see Configure a single policy or default policy setting.
To turn on the module, create a WebReputationPolicyExtension
object and set the state:
policy_config_web_reputation = api.WebReputationPolicyExtension() policy_config_web_reputation.state = "on"
const webReputationPolicyExtension = new api.WebReputationPolicyExtension(); webReputationPolicyExtension.state = api.WebReputationPolicyExtension.StateEnum.on;
WebReputationPolicyExtension webReputationPolicyExtension = new WebReputationPolicyExtension(); webReputationPolicyExtension.setState(WebReputationPolicyExtension.StateEnum.ON);
Create a PolicySettings object to configure Web Reputation-related settings.(For detailed information about policy settings, seeConfigure policy and default policy settings.) For example, you can set the security level:
policy_settings = api.PolicySettings() security_level_setting = api.SettingValue() security_level_setting.value = security_level policy_settings.web_reputation_setting_security_level = security_level_setting
const policySettings = new api.PolicySettings(); const securityLevelSetting = new api.SettingValue(); securityLevelSetting.value = securityLevel; policySettings.webReputationSettingSecurityLevel = securityLevelSetting;
SettingValue securityLevelValue = new SettingValue(); securityLevelValue.setValue(securityLevel); PolicySettings policySettings = new PolicySettings(); policySettings.setWebReputationSettingSecurityLevel(securityLevelValue);
At this point, the Web Reputation policy extension and the policy settings are configured. Next, they are added to aPolicy
object. Then,use aPoliciesApi
object to modify a policy on Deep Security Manager.
policy = api.Policy() policy.web_reputation = policy_config_web_reputation policy.policy_settings = policy_settings policies_api = api.PoliciesApi(api.ApiClient(configuration)) return policies_api.modify_policy(policy_id, policy, api_version)
const policy = new api.Policy(); policy.webReputation = webReputationPolicyExtension; policy.policySettings = policySettings; const policiesApi = new api.PoliciesApi(); return policiesApi.modifyPolicy(policyID, policy, apiVersion, { overrides: false });
Policy policy = new Policy(); policy.setWebReputation(webReputationPolicyExtension); policy.setPolicySettings(policySettings); PoliciesApi policiesApi = new PoliciesApi(); return policiesApi.modifyPolicy(policyId, policy, Boolean.FALSE, apiVersion);
Thepolicy_id
(orpolicyID
) parameter ofmodifyPolicy
identifies the actual policy on Deep Security Manager that is to be modified. This policy is modified according to the policy object that is used as thepolicy
parameter. Any properties of thepolicy
parameter that are not set remain unchanged on the actual policy.
Example
The following example creates aWebReputationPolicyExtension
object, then sets the web reputation state, security level, and enables Smart Protection Server. The object is then added to a Policy
object which is used to modify a policy on Deep Security Manager.
# Enable Web Reputation policy_config_web_reputation = api.WebReputationPolicyExtension() policy_config_web_reputation.state = "on" # Add to a policy policy = api.Policy() policy.web_reputation = policy_config_web_reputation # Set the security level policy_settings = api.PolicySettings() security_level_setting = api.SettingValue() security_level_setting.value = security_level policy_settings.web_reputation_setting_security_level = security_level_setting # Enable Smart Protection smart_protection_allow_global = api.SettingValue() smart_protection_allow_global.value = True policy_settings.web_reputation_setting_smart_protection_local_server_allow_off_domain_global = smart_protection_allow_global # Add the settings policy.policy_settings = policy_settings # Modify the policy on Deep Security Manager policies_api = api.PoliciesApi(api.ApiClient(configuration)) modified_policy = policies_api.modify_policy(policy_id, policy, api_version) return modified_policy.id
// Set the state const webReputationPolicyExtension = new api.WebReputationPolicyExtension(); webReputationPolicyExtension.state = api.WebReputationPolicyExtension.StateEnum.on; // Add to a policy const policy = new api.Policy(); policy.webReputation = webReputationPolicyExtension; // Setting for security level const policySettings = new api.PolicySettings(); const securityLevelSetting = new api.SettingValue(); securityLevelSetting.value = securityLevel; policySettings.webReputationSettingSecurityLevel = securityLevelSetting; // Setting for Smart Protection const smartProtectionAllowGlobal = new api.SettingValue(); smartProtectionAllowGlobal.value = "true"; policySettings.webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal = smartProtectionAllowGlobal; // Add the settings policy.policySettings = policySettings; // Modifies the policy on Deep Security const modify = () => { const policiesApi = new api.PoliciesApi(); return policiesApi.modifyPolicy(policyID, policy, apiVersion, { overrides: false }); }; modify() .then(modifiedPolicy => { resolve(modifiedPolicy.ID); }) .catch(error => { reject(error); }); });
// Set the state, security level, and Smart Protection Server WebReputationPolicyExtension webReputationPolicyExtension = new WebReputationPolicyExtension(); webReputationPolicyExtension.setState(WebReputationPolicyExtension.StateEnum.ON); SettingValue securityLevelValue = new SettingValue(); securityLevelValue.setValue(securityLevel); PolicySettings policySettings = new PolicySettings(); policySettings.setWebReputationSettingSecurityLevel(securityLevelValue); SettingValue allowGlobalValue = new SettingValue(); allowGlobalValue.setValue("true"); policySettings.setWebReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal(allowGlobalValue); // Add to a policy object Policy policy = new Policy(); policy.setWebReputation(webReputationPolicyExtension); policy.setPolicySettings(policySettings); // Send the policy to Deep Security Manager PoliciesApi policiesApi = new PoliciesApi(); return policiesApi.modifyPolicy(policyId, policy, Boolean.FALSE, apiVersion).getID();
Also see the Modify a Policy operation in the API Reference. For information about authenticating API calls, see Authenticate with Deep Security Manager.