Symantec WebPulse Explained: Category Update Coming October 12

At the heart of the Symantec Secure Web Gateway solution is WebPulse, a sophisticated AI-driven platform that analyzes uncategorized URLs on the fly and delivers a risk assessment back to the gateway in milliseconds to protect your network. WebPulse has been in operation for 15 years and it gets stronger every day because it is powered by user-driven behavior at 15,000 of our enterprise customers. It is a key part of our Global Intelligence Network (GIN).

WebPulse uses its cloud infrastructure to seamlessly deliver frequent database updates as well as new defense types, such as analytical methods and additional language support. Users benefit instantly from these new defenses and updates without having to revise their appliances or software as a service. Here’s how it works:

1. Requests for URLs are first checked against the local Intelligence Services database on the proxy, or the local categorization cache on other Symantec products. If the URL can be categorized locally (usually about 95 percent of the time), the information can be used to allow or block the request. If the URL is not in the local database or categorizations cache, the URL is dynamically sent to WebPulse.
2. WebPulse will check the URL against a central master database in the cloud and return the result to the gateway to allow or block the request.
3. If the URL is not in the central master database, WebPulse utilizes a real-time voting system to arrive at Risk Levels (one to 10) for the particular URL request as well as the content category. That information is sent to the requesting service.

On October 12th, Broadcom Software’s Symantec Network Security Team will perform updates to the WebFilter URL categories. These changes will enable modern threats to be correctly sorted to assist with policy creation and incident response. There is a new Intelligence Services Category consisting of Email Marketing, URL Shorteners, Cryptocurrency, Cloud Infrastructure and Compromised Sites. We have deleted the Sexual Expression category and most of these URLs will be moved to the Adult/Mature Content grouping.

Any product that uses Symantec Intelligence Services or Symantec WebFilter could be affected, including Security Analytics, SSL Visibility Appliance Software, Web Security Service, Reporter, Packet Shaper, Web Isolation and ProxySG.

Be aware that changes to categories or applications could potentially affect customer policy. Please review the changes carefully and adjust your policy accordingly so your policies are aligned with the available categories and applications.

At Symantec, as a division of Broadcom Software, we remain ever vigilant so our customers can spend more time on task – not putting out fires.