Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring Custom Messages for Enhanced Web Filtering

    Web filtering provides the ability to permit or deny access to specific URLs based on the category to which they belong. Custom block message is a predefined response, that allows you to configure a custom message which is displayed when an user attempts to connect to a site that is configured with block actions in the web filtering profile. Some Custom block messages are created for custom objects and the custom-objects are configured for each profile, then finally the profile is attached to the policy.

    The custom-message configuration option is used to notify the users when the URL is blocked or quarantined for each EWF category. You can customize the message with options such as user message or redirect URL. User messages indicate that website access has been blocked by an organization's access policy. Redirect URLs redirect a blocked or quarantined URL to a user-defined URL.

    This overview describes the basic steps to configure a custom message.

    To configure a custom message for each EWF category using user-message and redirect URL:

    1. Configure unified threat management (UTM) custom objects for the UTM features. The following example enables the url-pattern, and custom-url-category custom objects:
      user@host# set security utm custom-objects url-pattern urllist2 value [http://www.example.net 1.2.3.4]
      user@host# set security utm custom-objects custom-url-category custurl2 value urllist2
    2. Configure the custom message using user-message.
      user@host# set security utm custom-objects custom-message msg1 type user-message
      user@host# set security utm custom-objects custom-message msg1 content "User defined custom message"
    3. Configure the custom message using redirect URL.
      user@host# set security utm custom-objects custom-message msg2 type redirect-url
      user@host# set security utm custom-objects custom-message msg2 content http://www.userdefinedurl.com
    4. Specify the Web filtering type, profile name, category name, and action.
      user@host# set security utm feature-profile web-filtering type juniper-enhanced
      user@host# set security utm feature-profile web-filtering juniper-enhanced profile ewf1 category cat1 action block
      user@host# set security utm feature-profile web-filtering juniper-enhanced profile ewf1 category cat1 custom-message msg1
      user@host# set security utm feature-profile web-filtering juniper-enhanced profile ewf1 category Enhanced_Search_Engines_and_Portals action block
      user@host# set security utm feature-profile web-filtering juniper-enhanced profile ewf1 category Enhanced_Search_Engines_and_Portals custom-message msg2
      user@host# set security utm utm-policy utmpolicy web-filtering http-profile ewf1
    5. Configure a security policy for UTM to which to attach the UTM policy.
      user@host# set security policies from-zone untrust to-zone trust policy 1 match source-address any
      user@host# set security policies from-zone untrust to-zone trust policy 1 match destination-address any
      user@host# set security policies from-zone untrust to-zone trust policy 1 match application any
      user@host# set security policies from-zone untrust to-zone trust policy 1 then permit application-services utm-policy utmpolicy
      user@host# set security policies from-zone trust to-zone untrust policy 1 match source-address any
      user@host# set security policies from-zone trust to-zone untrust policy 1 match destination-address any
      user@host# set security policies from-zone trust to-zone untrust policy 1 match application any
      user@host# set security policies from-zone trust to-zone untrust policy 1 then permit application-services utm-policy utmpolicy

    Modified: 2017-11-03