Special categories

Administrator Help | Forcepoint Web Security and Forcepoint URL Filtering | v8.5.x

The Forcepoint URL Database contains special categories to help you manage specific types of Internet usage.

The Special Events category is used to classify bandwidth-oriented content related to hot topics to help you manage event-related surges in Internet traffic. For example, the video pages offering live stream of the World Cup might generally appear in the Internet Radio and TV category, but be moved to the Special Events category during the World Cup Finals.

Updates to the Special Events category are added to the Forcepoint URL Database during scheduled downloads. Sites are added to this category for a short period of time, after which they are either moved to another category or deleted from the Forcepoint URL Database.

The Security category focuses on Internet sites containing malicious code, which can bypass virus-detection software programs.

Advanced Malware Command and Control (Forcepoint Web Security only)

Advanced Malware Payloads (Forcepoint Web Security only)

Bot Networks

Compromised Websites

Custom-Encrypted Uploads (Forcepoint Web Security only)

Files Containing Passwords (Forcepoint Web Security only)

Keyloggers

Malicious Embedded iFrame

Malicious Embedded Link

Malicious Websites

Mobile Malware

Phishing and Other Frauds

Potentially Exploited Documents (Forcepoint Web Security only)

Potentially Unwanted Software

Spyware

Suspicious Embedded Link

The Productivity category focuses on preventing time-wasting behavior.

Advertisements

Application and Software Download

Instant Messaging

Message Boards and Forums

Online Brokerage and Trading

Pay-to-Surf

The Bandwidth category focuses on saving network bandwidth.

Educational Video

Entertainment Video

Internet Radio and TV

Internet Telephony

Peer-to-Peer File Sharing

Personal Network Storage and Backup

Streaming Media

Surveillance

Viral Video

The Extended Protection category focuses on potentially malicious websites.

Dynamic DNS includes sites that mask their identity using Dynamic DNS services, often associated with advanced persistent threats.

Elevated Exposure contains sites that camouflage their true nature or identity, or that include elements suggesting latent malign intent.

Emerging Exploits holds sites found to be hosting known and potential exploit code.

Newly Registered Websites

Suspicious Content includes sites likely to contain little or no useful content.

The Extended Protection group filters potentially malicious websites based on reputation. Site reputation is based on early signs of potential malicious activity. An attacker might target a URL containing a common misspelling, for example, or otherwise similar to a legitimate URL. Such a site could be used to distribute malware to users before traditional filters can be updated to reflect these sites as malicious.

When Security Labs researchers detect that a site includes a potential threat, the site is added to the Extended Protection category until researchers are 100% confident of the site's final categorization.