For each UTM feature, you should configure feature parameters
in the following order:
First configure UTM custom objects (if any),
for the feature in question. Custom objects are global parameters
for UTM features. This means that configured custom objects apply
to all UTM policies where applicable, rather than only to individual
policies.
The CLI command for setting antispam url custom objects is :
user@host# set security utm custom-objects url-pattern
Configure main feature parameters, called
feature profiles.
The CLI command for setting antispam feature profiles is :
user@host# set security utm feature-profile anti-spam
Configure a UTM policy for each protocol
and attach this policy to a profile.
CLI commands for configuring a UTM policy for SMTP and attaching
that policy to a profile are:
user@host# set security utm utm-policy <name>
user@host# set security utm utm-policy utmp1 anti-spam smtp-profile smtp1
Attach the UTM policy to a firewall security
policy.
The CLI command for attaching a UTM policy to a security policy
is:
user@host# set security policies
user@host# set security policies from-zone trust to-zone
untrust policy p1 then permit application-services
utm-policy utmp1
J-Web Quick Configuration
To configure local list antispam using the J-Web Quick Configuration
editor, you must first create your local white and black list custom
objects.
Configure a URL Pattern List Custom Object as follows:
Select the Configuration tab
at the top of the page.
Select UTM in the left pane,
under Quick Configuration, to expand the UTM category. Once UTM is
expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering,
and Custom Objects become available.
Select Custom Objects in the
left pane.
In the right pane, under URL Pattern List, click
the Add button to create URL pattern lists. See Figure 180.
Next
to URL Pattern Name, enter a unique name for the list you are creating.
If you are creating a white list, it is helpful to indicate this in
the list name. The same applies to a black list. The name you enter
here becomes available in the Address Whitelist and Address Blacklist
fields when you are configuring your antispam profiles.
Under Values, in the box next to the Add button,
enter the URL pattern for white list or black list antispam filtering.
Note:
URL pattern wildcard support— The wildcard rule is as
follows: \*\.[]\?* and you must precede all wildcard URLs with http://.
You can only use “*” if it is at the beginning of the
URL and is followed by a “.”. You can only use “?”
at the end of the URL.
The following wildcard syntax IS supported: http://*.juniper.net,
http://www.juniper.ne?, http://www.juniper.n??. The following wildcard
syntax is NOT supported: *.juniper.net , www.juniper.ne?, http://*juniper.net,
http://*.
Click the Add button to add
your URL pattern to the Values list box. Within this box, you can
select an entry and use the up and down arrows to change the order
of the list. You can also select an entry and use the X button to delete it from the list. The list can contain up
to 8192 items.
Click OK. See Figure 181. Clicking the OK button takes you back
to the main configuration page.
Under URL Pattern List, select the check box beside the pattern list
you created.
Click Apply.
Note:
Because you use URL Pattern Lists to create Custom URL Category
Lists, you must configure URL Pattern List Custom Objects before you
configure a Custom URL Category List. URL Pattern List Custom Objects
are described in the previous section.
Configure a Custom URL Category List Custom Object as follows:
Select the Configuration tab
at the top of the page.
Select UTM in the left pane,
under Quick Configuration, to expand the UTM category. Once UTM is
expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering,
and Custom Objects become available.
Select Custom Objects in the
left pane.
In the right pane, under Custom URL Category List,
click the Add button to create a URL white list.
Next to Category Name, enter a unique name for
the list you are creating. This name appears in the Address Whitelist
list when you configure an antispam profile.
Under Values, in the box next to the Add button,
select a URL Pattern List name from the list for bypassing scanning.
Click the Add button to add
your entry to the Values list box. Within this box, you can select
an entry and use the up and down arrows to change the order of the
list. You can also select an entry and use the X button to delete
it from the list. Continue to add URLs or IP addresses in this manner.
Click the OK button to save
the selected values as part of the custom URL list you have created.
Under URL Category List, select the check box beside
the extension list you created.
Click Apply.
Now that you have created your white list and black list custom
objects, you can configure antispam filtering to use those lists:
Select the Configuration tab at the top of the page.
Select UTM in the left pane,
under Quick Configuration, to expand the UTM category. Once UTM is
expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering,
and Custom Objects become available.
Select Anti-Spam in the left
pane.
In the right pane, under Anti-Spam global options,
select an Address Whitelist and/or an Address Blacklist from the list for local lists for
spam filtering. These lists are configured as Custom Objects and are
made available for selection here.
Under Anti-Spam profiles, click the Add button to configure a profile for the Symantec SBL server.
This takes you to the profile configuration page.
In the Profile Name box, enter a unique name for
the antispam profile you are creating.
If you are using the default server, select the
check box beside Symantec default SBL server. If you are not using
the default server, leave the check box unselected. If you do not
select this check box, you are disabling server-based spam filtering.
You would disable it if you are using only local lists or if you do
not have a license for server-based spam filtering. If you are using
the Symantec default SBL server, refer to Configuring Server-Based Spam Filtering.
In the Anti-spam action list, select one of the
following: Tag subject of e-mail, Block e-mail, or Tag header of e-mail.
Here you are selecting the action to be taken by the device when spam
is detected.
In the Custom tag string box, enter a custom string
for identifying a message as spam. By default, the devices uses ***SPAM***.
Click OK to save your profile.
See Figure 182. (This takes you back
to main antispam configuration page. Under Anti-Spam profiles, the
profile you created is now listed. See Figure 183.)
Figure 182: Antispam Local List Configuration,
Quick Configuration
Under Anti-Spam profiles, select the check box for the profile you
are using.
To configure local list antispam using the J-Web View and Edit
editor, you must first create your local white and black list custom
objects.
Select Configuration>View and Edit >Edit Configuration.
Next to Security, click Configure or Edit.
Next to UTM, click Configure.
Next to Custom objects, click Configure.
Next to URL pattern, click Add
new entry.
Next to Name, enter a unique name for the list
you are creating.
Next to Value, click Add new entry.
Next to Value, enter the URL pattern for white
list or black list antispam filtering.
Note:
URL pattern wildcard support— The wildcard rule is as
follows: \*\.[]\?* and you must precede all wildcard URLs with http://.
You can only use “*” if it is at the beginning of the
URL and is followed by a “.”. You can only use “?”
at the end of the URL.
The following wildcard syntax IS supported: http://*.juniper.net,
http://www.juniper.ne?, http://www.juniper.n??. The following wildcard
syntax is NOT supported: *.juniper.net , www.juniper.ne?, http://*juniper.net,
http://*.
Note:
Continue to create as many Whitelist and Blacklist entries as
necessary in your lists. You cannot use URL patterns directly. You
must configure Custom URL category lists to which you apply your URL
patterns.
Configure a Custom URL Category List Custom Object as follows:
(See URL White List for overview information.)
Select Configuration>View and Edit >Edit Configuration.
Next to Security, click Configure or Edit.
Next to UTM, click Configure.
Next to Custom objects, click Configure.
Next to Custom url category, click Add new entry.
Next to Name, enter a unique name for the list
you are creating.
Next to Value, click Add new entry.
Next to Value, enter the name of the Url pattern
list you created for bypassing scanning.
Now that you have created your white list and black list custom
objects, you can configure antispam filtering to use those lists:
Select Configuration>View and Edit >Edit Configuration.
Next to Security, click Configure or Edit.
Next to UTM, click Configure.
Next to Feature profile, click Configure.
Next to Anti spam, click Configure.
Next to Address blacklist, enter the name of the
local list you created earlier as a custom object.
Next to Address whitelist, enter the name of the
local list you created earlier as a custom object.
Next to Symantec sbl, select the check box and
click the Edit link.
Next to Profile, click Add new
entry.
In the Name box, enter a unique name for the antispam
profile you are creating.
Next to Custom tag string, enter a custom string
for identifying a message as spam. By default, the devices uses ***SPAM***.
Next to Sbl default server, if you are using the
default server, select the Yes check box. If
you are not using the default server, select the No check box. You
would select No if you are using only local lists or if you do not
have a license for server-based spam filtering.
In the Spam action list, select one of the following: tag subject (of e-mail), block (e-mail), tag header (of e-mail). Here you
are selecting the action to be taken by the device when spam is detected.
Figure 186: Antispam Local List Configuration,
View and Edit Configuration
Next, you configure a UTM policy for SMTP to which you attach
the antispam profile you have configured.
Select Configuration>View and Edit >Edit Configuration.
Next to Security, click Configure or Edit.
Next to UTM, click Configure.
Next to UTM policy, click Add new
entry.
In the Name box, enter a unique name for the UTM
policy you are creating.
Next to Anti spam, click Configure.
In the Smtp profile box, enter the name of the
antispam profile you created earlier.
Click OK.
Click OK again to return to
main UTM configuration page. Your UTM antispam policy is now listed
in the UTM policy table.
Next, you attach the UTM policy to a security policy that you
create.
Select Configuration>View and Edit >Edit Configuration.
Next to Security, click Configure or Edit.
Next to Security, click Configure.
Next to Policy, select the Yes check box click Edit.
Next to Policy, click Add new entry.
Note:
Refer to the section on security policy configuration for further
details on configuring a policy. Note that when you configure the
Then field as part of the policy, select Permit as the action, and
then configure Application services, you are able to enter the Utm
policy name as part of this security policy.
Next to Utm policy (in the Application services
security policy screen), enter the name of the appropriate policy.
This attaches your UTM policy to the security policy.
Click OK.
CLI Configuration
Configure the local list spam blocking by first
creating your global local spam lists (black list and white list).
user@host# set security utm custom-objects url-pattern as-black value [150.61.8.134 150.61.8.206
67.216.192.16 12.154.55.44 194.39.243.98 12.154.55.42 12.154.55.41
12.154.55.43]
user@host# set security utm custom-objects url-pattern as-white value [150.1.2.3 150.1.2.4]
Configure a custom URL category list
custom object using the URL pattern list you created as follows:
user@host# set security utm custom-objects custom-url-category whilecusturl1 value as-white
Configure the local list antispam feature-profile
by first attaching your custom-object black list or white list or
both. When both the white list and the black list are in use, the
white list is checked first. If there is no match, then the black
list is checked.
user@host# set security utm feature-profile anti-spam address-whitelist whiltecusturl1
Configure a profile for your local list
spam blocking. Although you are not using the symantec-sbl for local
list spam blocking, you configure your profile from within that command
similar to the server-based spam blocking procedure.
user@host# set security utm feature-profile anti-spam symantec-sbl
profile localprofile1
Configure the action to be taken by the
device when spam is detected (block, tag-header, tag-subject).
