Configure Web Reputation

Configure the Web Reputation module to define its behavior for a policy. When designing the modules behavior and implementing it using the API, use the same background information and guidance that is provided in the Deep Security Help Center.

Policy objects contain two objects that you use to configure the Web Reputation module:

  • WebReputationPolicyExtension: Controls the module state (on or off).
  • PolicySettings: Policy settings include many Web Reputation-related settings that control the runtime behavior of the module, such as the allowed and blocked URLs and domains, the ports to monitor, security level, and the use of Smart Protection Server.

The following JSON represents the data structure of a WebReputationPolicyExtension object:

{
    "state": "off",
    "moduleStatus": {...}
}

The moduleStatusproperty is read-only. It provides the runtime status of the Web Reputation module. (See Report on Computer Status.)

General steps

Generally, use the following steps to configure the Web Reputation module:

  1. Create a WebReputationPolicyExtension object and set the properties.
  2. Create a PolicySettings object to configure runtime settings of the module.
  3. Create a Policy object and add the WebReputationPolicyExtension and PolicySettings objects.
  4. Use a PoliciesApi object to add or update the policy on Deep Security Manager.

If you only need to set a single Web Reputation-related policy setting, see Configure a single policy or default policy setting.

To turn on the module, create a WebReputationPolicyExtension object and set the state:

Python
policy_config_web_reputation = api.WebReputationPolicyExtension()
policy_config_web_reputation.state = "on"
JavaScript
const webReputationPolicyExtension = new api.WebReputationPolicyExtension();
webReputationPolicyExtension.state = api.WebReputationPolicyExtension.StateEnum.on;
Java
WebReputationPolicyExtension webReputationPolicyExtension = new WebReputationPolicyExtension();
webReputationPolicyExtension.setState(WebReputationPolicyExtension.StateEnum.ON);

Create a PolicySettings object to configure Web Reputation-related settings.(For detailed information about policy settings, seeConfigure policy and default policy settings.) For example, you can set the security level:

Python
policy_settings = api.PolicySettings()
security_level_setting = api.SettingValue()
security_level_setting.value = security_level
policy_settings.web_reputation_setting_security_level = security_level_setting
JavaScript
const policySettings = new api.PolicySettings();
const securityLevelSetting = new api.SettingValue();
securityLevelSetting.value = securityLevel;
policySettings.webReputationSettingSecurityLevel = securityLevelSetting;
Java
SettingValue securityLevelValue = new SettingValue(); 
securityLevelValue.setValue(securityLevel);
PolicySettings policySettings = new PolicySettings();
policySettings.setWebReputationSettingSecurityLevel(securityLevelValue);

At this point, the Web Reputation policy extension and the policy settings are configured. Next, they are added to aPolicyobject. Then,use aPoliciesApiobject to modify a policy on Deep Security Manager.

Python
policy = api.Policy()
policy.web_reputation = policy_config_web_reputation
policy.policy_settings = policy_settings

policies_api = api.PoliciesApi(api.ApiClient(configuration))
return policies_api.modify_policy(policy_id, policy, api_version)
JavaScript
const policy = new api.Policy();
policy.webReputation = webReputationPolicyExtension;
policy.policySettings = policySettings;

const policiesApi = new api.PoliciesApi();
return policiesApi.modifyPolicy(policyID, policy, apiVersion, { overrides: false });
Java
Policy policy = new Policy();
policy.setWebReputation(webReputationPolicyExtension);
policy.setPolicySettings(policySettings);

PoliciesApi policiesApi = new PoliciesApi();
return policiesApi.modifyPolicy(policyId, policy, Boolean.FALSE, apiVersion);

Thepolicy_id(orpolicyID) parameter ofmodifyPolicyidentifies the actual policy on Deep Security Manager that is to be modified. This policy is modified according to the policy object that is used as thepolicyparameter. Any properties of thepolicyparameter that are not set remain unchanged on the actual policy.

Example

The following example creates aWebReputationPolicyExtensionobject, then sets the web reputation state, security level, and enables Smart Protection Server. The object is then added to a Policy object which is used to modify a policy on Deep Security Manager.

Python
View source
# Enable Web Reputation
policy_config_web_reputation = api.WebReputationPolicyExtension()
policy_config_web_reputation.state = "on"

# Add to a policy
policy = api.Policy()
policy.web_reputation = policy_config_web_reputation

# Set the security level
policy_settings = api.PolicySettings()
security_level_setting = api.SettingValue()
security_level_setting.value = security_level
policy_settings.web_reputation_setting_security_level = security_level_setting

# Enable Smart Protection
smart_protection_allow_global = api.SettingValue()
smart_protection_allow_global.value = True
policy_settings.web_reputation_setting_smart_protection_local_server_allow_off_domain_global = smart_protection_allow_global

# Add the settings
policy.policy_settings = policy_settings

# Modify the policy on Deep Security Manager
policies_api = api.PoliciesApi(api.ApiClient(configuration))
modified_policy = policies_api.modify_policy(policy_id, policy, api_version)

return modified_policy.id
JavaScript
View source
// Set the state
  const webReputationPolicyExtension = new api.WebReputationPolicyExtension();
  webReputationPolicyExtension.state = api.WebReputationPolicyExtension.StateEnum.on;

  // Add to a policy
  const policy = new api.Policy();
  policy.webReputation = webReputationPolicyExtension;

  // Setting for security level
  const policySettings = new api.PolicySettings();
  const securityLevelSetting = new api.SettingValue();
  securityLevelSetting.value = securityLevel;
  policySettings.webReputationSettingSecurityLevel = securityLevelSetting;

  // Setting for Smart Protection
  const smartProtectionAllowGlobal = new api.SettingValue();
  smartProtectionAllowGlobal.value = "true";
  policySettings.webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal = smartProtectionAllowGlobal;

  // Add the settings
  policy.policySettings = policySettings;

  // Modifies the policy on Deep Security
  const modify = () => {
    const policiesApi = new api.PoliciesApi();
    return policiesApi.modifyPolicy(policyID, policy, apiVersion, { overrides: false });
  };

  modify()
    .then(modifiedPolicy => {
      resolve(modifiedPolicy.ID);
    })
    .catch(error => {
      reject(error);
    });
});
Java
View source
// Set the state, security level, and Smart Protection Server
WebReputationPolicyExtension webReputationPolicyExtension = new WebReputationPolicyExtension();
webReputationPolicyExtension.setState(WebReputationPolicyExtension.StateEnum.ON);

SettingValue securityLevelValue = new SettingValue();
securityLevelValue.setValue(securityLevel);

PolicySettings policySettings = new PolicySettings();
policySettings.setWebReputationSettingSecurityLevel(securityLevelValue);

SettingValue allowGlobalValue = new SettingValue();
allowGlobalValue.setValue("true");

policySettings.setWebReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal(allowGlobalValue);

// Add to a policy object
Policy policy = new Policy();
policy.setWebReputation(webReputationPolicyExtension);
policy.setPolicySettings(policySettings);

// Send the policy to Deep Security Manager
PoliciesApi policiesApi = new PoliciesApi();
return policiesApi.modifyPolicy(policyId, policy, Boolean.FALSE, apiVersion).getID();

Also see the Modify a Policy operation in the API Reference. For information about authenticating API calls, see Authenticate with Deep Security Manager.