Web Reputation Security Levels

After enabling WR on your endpoints, you can raise the security level to Medium or High (the default is Low) to increase the degree of sensitivity that WR uses when evaluating URLs.

How Web Reputation Works

Whenever an end user tries to open an Internet site, the requested URL is scored at the proxy, in real-time, and that score is then evaluated against the security level. URLs with a score that exceeds the level you select will be prevented from opening. Note that this scoring is relative to security, not whether a site may contain objectionable content.

Note: As you set the security level higher, the web threat detection rate improves but the likelihood of false positives also increases.

You can override incorrect blocking by adding the URL to the Approved List. Likewise, you can force blocking of a site by adding it to the Blocked List.

Figure 1: URL Blocked Message


URLs are scored on a security scale that runs from 0 to 100.

  • Safe: Scores range from 81 to 100. Static and normal ratings. URLs are confirmed as secure, however content may be anything, including objectionable content.

  • Unknown: Score equals 71. Unknown ratings. These URLs are not included in the rating database.

  • Suspicious: Scores range from 51 to 80. URLs that have been implicated in Phishing or Pharming attacks.

  • Dangerous: Scores range from 0 to 49. Static and malicious ratings. URLs are confirmed as malicious, for example a known vector for spyware or viruses.

Security Levels range from high to low and have the following default actions:

  • High: Blocks unknown, suspicious, and dangerous sites.

  • Medium: Blocks dangerous and suspicious sites.

  • Low: Blocks only dangerous sites.

For example, if you set the Security Level to Low, Web Reputation will only block URLs that are known to contain malicious software or security threats.

Figure 2: Web Reputation Security Level Configurations