Special categories

Administrator Help | TRITON AP-WEB and Web Filter & Security | Version 8.2.x

The Master Database contains special categories to help you manage specific types of Internet usage.

The Special Events category is used to classify bandwidth-oriented content related to hot topics to help you manage event-related surges in Internet traffic. For example, the video pages offering live stream of the World Cup might generally appear in the Internet Radio and TV category, but be moved to the Special Events category during the World Cup Finals.

Updates to the Special Events category are added to the Master Database during scheduled downloads. Sites are added to this category for a short period of time, after which they are either moved to another category or deleted from the Master Database.

The Security category focuses on Internet sites containing malicious code, which can bypass virus-detection software programs.

Advanced Malware Command and Control (TRITON AP-WEB only)

Advanced Malware Payloads (TRITON AP-WEB only)

Bot Networks

Compromised Websites

Custom-Encrypted Uploads (TRITON AP-WEB only)

Files Containing Passwords (TRITON AP-WEB only)

Keyloggers

Malicious Embedded iFrame

Malicious Embedded Link

Malicious Websites

Mobile Malware

Phishing and Other Frauds

Potentially Exploited Documents (TRITON AP-WEB only)

Potentially Unwanted Software

Spyware

Suspicious Embedded Link

The Productivity category focuses on preventing time-wasting behavior.

Advertisements

Application and Software Download

Instant Messaging

Message Boards and Forums

Online Brokerage and Trading

Pay-to-Surf

The Bandwidth category focuses on saving network bandwidth.

Educational Video

Entertainment Video

Internet Radio and TV

Internet Telephony

Peer-to-Peer File Sharing

Personal Network Storage and Backup

Streaming Media

Surveillance

Viral Video

The Extended Protection category focuses on potentially malicious websites.

Dynamic DNS includes sites that mask their identity using Dynamic DNS services, often associated with advanced persistent threats.

Elevated Exposure contains sites that camouflage their true nature or identity, or that include elements suggesting latent malign intent.

Emerging Exploits holds sites found to be hosting known and potential exploit code.

Newly Registered Websites

Suspicious Content includes sites likely to contain little or no useful content.

The Extended Protection group filters potentially malicious websites based on reputation. Site reputation is based on early signs of potential malicious activity. An attacker might target a URL containing a common misspelling, for example, or otherwise similar to a legitimate URL. Such a site could be used to distribute malware to users before traditional filters can be updated to reflect these sites as malicious.

When Security Labs researchers detect that a site includes a potential threat, the site is added to the Extended Protection category until researchers are 100% confident of the site's final categorization.