Based on my experience I'll split your question in two sections :
q: can SEP Client block traffic to URL malicious without upgrade to 14.3
a: URL reputation, is a reputation service and as long as traffic ( in pre 14.3 version ) is matching against an IPS signature that traffic will get blocked
q: URL Reputation itself ( introduced in 14.3 RU1https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-protection/all/release-notes/Whats-new-for-Symantec-Endpoint-Protection-14_3-RU1.html )
a: Think of it as the file based reputation, but now Broadcom is having a seperate web based reputation/scoring service for URLs. I'd assume that based on certain URL artifacts ( like age, number of users visiting it ) that will have a certain score which in combination with IPS/FW can block web traffic and potentially prevent an attack in a very early stage, even before traffic gets matched against an IPS signature.
Again ( and that's just my opinion ) - pre 14.3 RU1 clients are still fine with IPS, but will be lacking that extra URL reputation feature. I'll let someone from Broadcom give more in depth explanation.
Cheers !
Original Message:
Sent: 05-04-2021 11:59 PM
From: Much Alvin
Subject: IPS
Hello,
My SEP Client 14.2 RU1 enabled all components of IPS. So, can SEP Client block traffic to URL malicious without upgrade to 14.3 and enable URL Reputation?