Creating Content Filtering Profiles
Use the Unified Threat Management (UTM) policy page to configure
content filtering profiles.
Content filtering blocks or permits certain types of traffic
based on the MIME type, file extension, and protocol command. The
content filter controls file transfers across the device by checking
traffic against configured filter lists.
Note: The content filter profile evaluates traffic before all
other UTM profiles, except Web Filtering. Therefore, if traffic meets
criteria configured in the content filter, the content filter acts
first upon this traffic.
You can configure the following types of content filters:
- MIME pattern filter—MIME patterns are used to identify
the type of traffic in HTTP and MAIL protocols. There are two lists
of MIME patterns that are used by the content filter to determine
the action to be taken. The block MIME list contains a list of MIME
type traffic that is to be blocked. The MIME exception list contains
MIME patterns that are not to be blocked by the content filter and
are generally subsets of items on the block list.
Note: The exception list has a higher priority than the block
list.
- Block Extension List—Because the name of a file
is available during the transfers, using file extensions is a highly
practical way to block or allow file transfers. All protocols support
the use of the block extension list.
- Protocol Command Block and Permit Lists—Different
protocols use different commands to communicate between servers and
clients. By blocking or allowing certain commands, traffic can be
controlled on the protocol command level. The block or permit command
lists are intended to be used in combination, with the permit list
acting as an exception list to the block list.
Note: If a protocol command appears on both the permit list
and the block list, the command is permitted.
Before You Begin
- Read the UTM Overview topic.
- Decide what kind of filtering you want for the UTM policy:
Web Filtering, Antispam, Antivirus, or Content Filtering.
- Review the Content Filtering Profile main page for an
understanding of your current data set. See Content Filtering Profile Main Page Fields for field
descriptions.
Configuring Content Filtering Profile Settings
To create a content filtering profile:
- Select Configur > UTM Policy > Content Filtering
Profiles.
- Click the + icon to create a new content filtering profile.
- Complete the configuration according to the guidelines
provided in Table 163.
- Click Finish. A content filtering profile is
created that can be associated with an UTM policy.
Table 163: Content Filtering
Profile Settings
Setting | Guideline |
|---|
General Information |
Name | Enter a unique name for the content filtering profile
that is a string of alphanumeric characters, colons, periods, dashes,
and underscores. No spaces are allowed and the maximum length is 29
characters. |
Description | Enter a description for the content filtering profile;
maximum length is 255 characters. |
Notification Options |
| | Use the notification options
to configure a method of notifying the user when a failure occurs
or a virus is detected: - Notify Mail Sender—Select this check box if you
want to notify the sender.
- Notification Type—Select the type of notification,
Protocol or Message from the drop-down list.
- Custom Notification Message—Enter a custom notification
message.
|
Protocol Commands |
| | Use content filtering to block specific commands for
HTTP, FTP, SMTP, IMAP, and POP3 protocols. Select the following options: - Command Block List—Enter the protocol commands to
be blocked. Use commas to separate each command.
- Command Permit List—Enter the protocol commands
to be permitted. Use commas to separate each command.
|
Content Types |
| | Use the content filter to block other types of harmful
files that the MIME type or the file extension cannot control. Block Content Type—Select from the following types of
content blocking (supported only for HTTP): - Active X
- Windows executables (.exe)
- HTTP cookie
- Java applet
- ZIP files
|
File Extensions | |
| | Use a file extension list to define a set of file extensions
to block over HTTP, FTP, SMTP, IMAP, and POP3. - Extension Block List—Enter file extensions to block
separated by commas. For example, exe, pdf, js, and so forth.
|
MIME Types |
| | Use content filtering to block or permit special MIME
types over HTTP, FTP, SMTP, IMAP, and POP3 connections. Specify the
MIME(s) to be blocked or permitted: - MIME Block List—Enter the MIME types you wish to
block. Use commas to separate each MIME type.
- MIME Permit List—Enter the MIME types you wish to
permit. Use commas to separate each MIME type.
|
Related Documentation
Help us to improve. Rate this article.
Feedback Received. Thank You!