Help Center User GuideGetting StartedFAQRelease Notes
 
X
User Guide
Getting Started
FAQs
Release Notes
Contents  

Creating Web Filtering Profiles

Use the Unified Threat Management (UTM) policy page to configure Web filtering profiles.

Web filtering lets you manage Internet usage by preventing access to inappropriate Web content. The following Web filtering solutions are supported:

Once you create a profile, you can assign it to UTM policies. Within the UTM policy, you can apply either the same Web filtering profile or create one inline.

Before You Begin

Configuring Web Filtering Profile Settings

To create a Web filtering profile:

Table 156: Web Filtering Profile Settings

Setting

Guideline

General Information

Name

Enter a unique name for the Web filtering profile that is a string of alphanumeric characters, colons, periods, dashes, and underscores. No spaces are allowed and the maximum length is 29 characters.

Description

Enter a description for the Web filtering profile; maximum length is 255 characters.

Engine Type

Select the required engine type from the drop-down list:

  • Juniper Enhanced— Configure UTM enhanced Web filtering.
  • Surf Control—Configure a profile for the Web filtering surf-control integrated feature.
  • Websense Redirect—Configure a redirect Web filtering profile.

Default Action

Select the default action from the drop-down list.

Note: This option is available only for Juniper Enhanced and Surf Control engine types.

Safe Search

Select a safe search solution to ensure that the embedded objects such as images on the URLs received from the search engines are safe and that no undesirable content is returned to the client.

By default, the Safe Search check box is selected

Note: This option is available only for the Juniper Enhanced engine type. Save search redirect supports HTTP only. You cannot extract the URL for HTTPS. Therefore, it is not possible to generate a redirect response for HTTPS search URLs. Safe search redirects can be disabled by clearing the Safe Search check box.

Custom Block Message

Specify a custom message to be sent when HTTP requests are blocked.

Note: If a message begins with http: or https:, the message is considered a block message URL. Messages that begin with values other than http: or https: are considered custom block messages.

Custom Quarantine Message

Custom Quarantine Message Use UTM enhanced Web filtering to support block, log and permit, and permit actions on HTTP/HTTPS requests. Additionally, it supports the quarantine action, which allows or denies access to the blocked site based on the user’s response to the message.

The quarantine message contains the following information:

  • URL name
  • Quarantine name
  • Category (if available)
  • Site-reputation (if available)

Example: If you set the action for Enhanced_Search_Engines_and_Portals to quarantine, and you try to access www.search.yahoo.com, the quarantine message is as follows:

***The requested webpage is blocked by your organization’s access policy***.

URL Category Action List

 

A URL category is a list of URL patterns grouped under a single title so a single action that applies to all URL patterns can be performed on the list.

The following actions are available:

  • Deny Action List —Use this option to create a list of URL patterns that are denied access. Click the Add URL Categories button to show all categories, only the custom URL categories, or only the Websense URL categories in the Available URL Categories column.

    Note: You can also create a new category inline by clicking the Create New URL Category button.

  • Log & Permit Action List—Use this option to create a list of URL patterns that are logged then permitted. Click the Add URL Categories button to show all categories, only the custom URL categories, or only the Websense URL categories in the Available URL Categories column.

    Note: You can also create a new category inline by clicking the Create New URL Category button.

Fallback Options

 

The fallback options are used when the web filtering system experiences errors and must fallback to one of the previously configured actions to either deny (block) or permit the object.

  • Default Action— Select Log and Permit or Block from the drop-down list.

Global Reputation Actions

Uncategorized URL Actions

Select this check box if you want to apply global reputation actions.

Enhanced Web filtering intercepts HTTP and HTTPS requests and sends the HTTP URL or the HTTPS source IP to the Websense ThreatSeeker Cloud (TSC). The TSC categorizes the URL into one of the predefined categories and also provides site reputation information for the URL to the device. The device determines if it can permit or block the request based on the information provided by the TSC.

The URLs can be processed using their reputation score if there is no category available. Select the action that you wish to take for the uncategorized URLs based on their reputation score:

  • Very Safe—Permit, log and permit, block, or quarantine a request if a site reputation of 90 through 100 is returned. By default, Permit is selected.
  • Moderately Safe—Permit, log and permit, block, or quarantine a request if a site reputation of 80 through 89 is returned. By default, Log and Permit is selected.
  • Fairly Safe—Permit, log and permit, block or quarantine a request if a site-reputation of 70 through 79 is returned. By default, Log and Permit is selected.
  • Suspicious—Permit, log and permit, block, or quarantine a request if a site reputation of 60 through 69 is returned. By default, Quarantine is selected.
  • Harmful—Permit, log and permit, block, or quarantine a request if a site reputation of zero through 59 is returned. By default, Block is selected.

Note: The Use global reputation check box is selected by default.

Related Documentation

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit