Configure Web Reputation

Configure the Web Reputation module to define its behavior for a policy. When designing the module’s behavior and implementing it using the API, use the same background information and guidance that is provided in the Deep Security Help Center.

Policy objects contain two objects that you use to configure the Web Reputation module:

  • WebReputationPolicyExtension: Controls the module state (on or off).
  • PolicySettings: Policy settings include many Web Reputation-related settings that control the runtime behavior of the module, such as the allowed and blocked URLs and domains, the ports to monitor, security level, and the use of Smart Protection Server.

The following JSON represents the data structure of a WebReputationPolicyExtension object:

{
    "state": "off",
    "moduleStatus": {...}
}

The moduleStatus property is read-only. It provides the runtime status of the Web Reputation module. (See Report on Computer Status.)

General steps

Generally, use the following steps to configure the Web Reputation module:

  1. Create a WebReputationPolicyExtension object and set the properties.
  2. Create a PolicySettings object to configure runtime settings of the module.
  3. Create a Policy object and add the WebReputationPolicyExtension and PolicySettings objects.
  4. Use a PoliciesApi object to add or update the policy on Deep Security Manager.
If you only need to set a single Web Reputation-related policy setting, see Configure a single policy or default policy setting.

To turn on the module, create a WebReputationPolicyExtension object and set the state:

Python
policy_config_web_reputation = api.WebReputationPolicyExtension()
policy_config_web_reputation.state = "on"
JavaScript
const webReputationPolicyExtension = new api.WebReputationPolicyExtension();
webReputationPolicyExtension.state = api.WebReputationPolicyExtension.StateEnum.on;
Java
WebReputationPolicyExtension webReputationPolicyExtension = new WebReputationPolicyExtension();
webReputationPolicyExtension.setState(WebReputationPolicyExtension.StateEnum.ON);

Create a PolicySettings object to configure Web Reputation-related settings. (For detailed information about policy settings, see Configure policy and default policy settings.) For example, you can set the security level:

Python
policy_settings = api.PolicySettings()
security_level_setting = api.SettingValue()
security_level_setting.value = security_level
policy_settings.web_reputation_setting_security_level = security_level_setting
JavaScript
const policySettings = new api.PolicySettings();
const securityLevelSetting = new api.SettingValue();
securityLevelSetting.value = securityLevel;
policySettings.webReputationSettingSecurityLevel = securityLevelSetting;
Java
SettingValue securityLevelValue = new SettingValue(); 
securityLevelValue.setValue(securityLevel);
PolicySettings policySettings = new PolicySettings();
policySettings.setWebReputationSettingSecurityLevel(securityLevelValue);

At this point, the Web Reputation policy extension and the policy settings are configured. Next, they are added to a Policy object. Then, use a PoliciesApi object to modify a policy on Deep Security Manager.

Python
policy = api.Policy()
policy.web_reputation = policy_config_web_reputation
policy.policy_settings = policy_settings
policies_api = api.PoliciesApi(api.ApiClient(configuration))
return policies_api.modify_policy(policy_id, policy, api_version)
JavaScript
const policy = new api.Policy();
policy.webReputation = webReputationPolicyExtension;
policy.policySettings = policySettings;
const policiesApi = new api.PoliciesApi();
return policiesApi.modifyPolicy(policyID, policy, apiVersion, { overrides: false });
Java
Policy policy = new Policy();
policy.setWebReputation(webReputationPolicyExtension);
policy.setPolicySettings(policySettings);
PoliciesApi policiesApi = new PoliciesApi();
return policiesApi.modifyPolicy(policyId, policy, Boolean.FALSE, apiVersion);

The policy_id (or policyID) parameter of modifyPolicy identifies the actual policy on Deep Security Manager that is to be modified. This policy is modified according to the policy object that is used as the policy parameter.  Any properties of the policy parameter that are not set remain unchanged on the actual policy.

Example

The following example creates a WebReputationPolicyExtension object, then sets the web reputation state, security level, and enables Smart Protection Server. The object is then added to a Policy object which is used to modify a policy on Deep Security Manager.

Python

View source

# Enable Web Reputation
policy_config_web_reputation = api.WebReputationPolicyExtension()
policy_config_web_reputation.state = "on"
# Add to a policy
policy = api.Policy()
policy.web_reputation = policy_config_web_reputation
# Set the security level
policy_settings = api.PolicySettings()
security_level_setting = api.SettingValue()
security_level_setting.value = security_level
policy_settings.web_reputation_setting_security_level = security_level_setting
# Enable Smart Protection
smart_protection_allow_global = api.SettingValue()
smart_protection_allow_global.value = True
policy_settings.web_reputation_setting_smart_protection_local_server_allow_off_domain_global = smart_protection_allow_global
# Add the settings
policy.policy_settings = policy_settings
try:
    # Modify the policy on Deep Security Manager
    policies_api = api.PoliciesApi(api.ApiClient(configuration))
    modified_policy = policies_api.modify_policy(policy_id, policy, api_version)
    return modified_policy.id
except api_exception as e:
    return "Exception: " + str(e)
JavaScript

View source

// Set the state
  const webReputationPolicyExtension = new api.WebReputationPolicyExtension();
  webReputationPolicyExtension.state = api.WebReputationPolicyExtension.StateEnum.on;= new api.Policy();
  policy.webReputation = webReputationPolicyExtension;= new api.PolicySettings();
  const securityLevelSetting = new api.SettingValue();
  securityLevelSetting.value = securityLevel;
  policySettings.webReputationSettingSecurityLevel = securityLevelSetting;= new api.SettingValue();
  smartProtectionAllowGlobal.value = "true";
  policySettings.webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal = smartProtectionAllowGlobal;policy.policySettings = policySettings;= () => {
    const policiesApi = new api.PoliciesApi();
    return policiesApi.modifyPolicy(policyID, policy, apiVersion, { overrides: false });
  };
  modify()
    .then(modifiedPolicy => {
      resolve(modifiedPolicy.ID);
    })
    .catch(error => {
      reject(error);
    });
});
Java

View source

// Set the state, security level, and Smart Protection Server
WebReputationPolicyExtension webReputationPolicyExtension = new WebReputationPolicyExtension();
webReputationPolicyExtension.setState(WebReputationPolicyExtension.StateEnum.ON);
SettingValue securityLevelValue = new SettingValue();
securityLevelValue.setValue(securityLevel);
PolicySettings policySettings = new PolicySettings();
policySettings.setWebReputationSettingSecurityLevel(securityLevelValue);
SettingValue allowGlobalValue = new SettingValue();
allowGlobalValue.setValue("true");
policySettings.setWebReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal(allowGlobalValue);= new Policy();
policy.setWebReputation(webReputationPolicyExtension);
policy.setPolicySettings(policySettings);= new PoliciesApi();
return policiesApi.modifyPolicy(policyId, policy, Boolean.FALSE, apiVersion).getID();
Also see the Modify a Policy operation in the API Reference. For information about authenticating API calls, see Authenticate with Deep Security Manager.