Table of contents
Topics on this page
General steps
Example

Configure Web Reputation

Configure the Web Reputation module to define its behavior for a policy. When designing the module’s behavior and implementing it using the API, use the background information and guidance that is provided in Block access to malicious URLs with Web Reputation.

Policy objects contain two objects that you use to configure the Web Reputation module:

  • WebReputationPolicyExtension: Controls the module state (on or off).
  • PolicySettings: Policy settings include many Web Reputation-related settings that control the runtime behavior of the module, such as the allowed and blocked URLs and domains, the ports to monitor, security level, and the use of Smart Protection Server.

The following JSON represents the data structure of a WebReputationPolicyExtension object:

{
    "state": "off",
    "moduleStatus": {...}
}

The moduleStatus property is read-only. It provides the runtime status of the Web Reputation module. See Report on Computer Status.

General steps

Generally, use the following steps to configure the Web Reputation module:

  1. Create a WebReputationPolicyExtension object and set the properties.
  2. Create a PolicySettings object to configure runtime settings of the module.
  3. Create a Policy object and add the WebReputationPolicyExtension and PolicySettings objects.
  4. Use a PoliciesApi object to add or update the policy on Workload Security.

If you only need to set a single Web Reputation-related policy setting, see Configure a single policy or default policy setting.

To turn on the module, create a WebReputationPolicyExtension object and set the state:

policy_config_web_reputation = api.WebReputationPolicyExtension()
policy_config_web_reputation.state = "on"

Create a PolicySettings object to configure Web Reputation-related settings. For detailed information about policy settings, see Configure policy and default policy settings. For example, you can set the security level:

policy_settings = api.PolicySettings()
security_level_setting = api.SettingValue()
security_level_setting.value = security_level
policy_settings.web_reputation_setting_security_level = security_level_setting

At this point, the Web Reputation policy extension and the policy settings are configured. Next, they are added to a Policy object. Then, use a PoliciesApi object to modify a policy on Workload Security.

policy = api.Policy()
policy.web_reputation = policy_config_web_reputation
policy.policy_settings = policy_settings

policies_api = api.PoliciesApi(api.ApiClient(configuration))

return policies_api.modify_policy(policy_id, policy, api_version)

The policy_id (or policyID) parameter of modifyPolicy identifies the actual policy on Workload Security that is to be modified. This policy is modified according to the policy object that is used as the policy parameter. Any properties of the policy parameter that are not set remain unchanged on the actual policy.

Example

The following example creates a WebReputationPolicyExtension object, then sets the web reputation state, security level, and enables Smart Protection Server. The object is then added to a Policy object which is used to modify a policy on Workload Security.

View source

# Enable Web Reputation
policy_config_web_reputation = api.WebReputationPolicyExtension()
policy_config_web_reputation.state = "on"

# Add to a policy
policy = api.Policy()
policy.web_reputation = policy_config_web_reputation

# Set the security level
policy_settings = api.PolicySettings()
security_level_setting = api.SettingValue()
security_level_setting.value = security_level
policy_settings.web_reputation_setting_security_level = security_level_setting

# Enable Smart Protection
smart_protection_allow_global = api.SettingValue()
smart_protection_allow_global.value = True
policy_settings.web_reputation_setting_smart_protection_local_server_allow_off_domain_global = smart_protection_allow_global

# Add the settings
policy.policy_settings = policy_settings

# Modify the policy on Workload Security
policies_api = api.PoliciesApi(api.ApiClient(configuration))
modified_policy = policies_api.modify_policy(policy_id, policy, api_version)
return modified_policy.id

Also see the Modify a Policy operation in the API Reference. For information about authenticating API calls, see Authenticate with Workload Security.