Configuring Content Filtering (NSM Procedure)

This section includes the following topics:

Configuring a Protocol Command Custom Object

To configure a protocol command custom object:

  1. In the NSM navigation tree, select Device Manager > Devices.
  2. Click the Device Tree tab, and then double-click the device for which you want to configure a protocol command custom object.
  3. Click the Configuration tab. In the configuration tree, select Security > Utm > Custom Objects.
  4. Select Protocol Command and click New.
  5. Enter a unique name for the protocol command custom object.
  6. Select Value and add a new entry.
  7. Enter the commands for the protocol in Value.
  8. Click OK to save the changes.

Configuring a Filename Extension List Custom Object

To configure a filename extension list custom object:

  1. In the NSM navigation tree, select Device Manager > Devices.
  2. Click the Device Tree tab, and then double-click the device for which you want to configure a filename extension list.
  3. Click the Configuration tab. In the configuration tree, select Security > Utm > Custom Objects.
  4. Select Filename Extension and click New.
  5. Enter a unique name for the extension list.
  6. Select Value and add a new entry.
  7. Enter the extensions in the Value box.
  8. Click OK to save the changes.

Configuring a MIME Pattern List Custom Object

To configure a MIME pattern list custom object:

  1. In the NSM navigation tree, select Device Manager > Devices.
  2. Click the Device Tree tab, and then double-click the device for which you want to configure a MIME pattern list custom object.
  3. Click the Configuration tab. In the configuration tree, select Security > Utm > Custom Objects.
  4. Select Mime Pattern and click New.
  5. Enter a unique name for the list.
  6. Select Value and add a new entry.
  7. Enter a value for the MIME pattern.
  8. Click OK to save the changes.

Configuring a Content–Filtering Feature Profile

To configure a content-filtering feature profile:

  1. In the NSM navigation tree, select Device Manager > Devices.
  2. Click the Device Tree tab, and then double-click the device for which you want to configure a content-filtering feature profile.
  3. Click the Configuration tab. In the configuration tree, select Security > Utm > Feature Profile > Content Filering > Profile.
  4. Add or modify content-filtering profile settings as specified in Table 229.
  5. Click one:
    • New—Adds a new profile.
    • OK—Saves the changes.
    • Cancel—Cancels the modifications.

Table 229: Content–Filtering Feature Profile Settings

Option

Function

Your Action

Profile

Name

Specifies the name of the content-filtering profile.

Enter a unique name for this profile.

Permit Command

The permit protocol command list is intended to act as an exception list for the block protocol command list.

Enter the protocol command custom object you created for permitting commands from the list.

Block Command

Specifies the block command.

Enter the protocol command custom object you created for blocking commands from the list.

Block Extension

Specifies the extensions that are blocked.

Enter the file extension list custom object you created for blocking extensions from the list.

Profile > Block Content Type

The content types that can be blocked are the following:

  • Activex
  • Java Applet
  • Exe
  • Zip
  • Http Cookie

Specifies the content types that can be blocked.

Select one or more of the content types to be blocked.

Profile > Block Mime

Enable Feature

Enables configuration of block MIME features.

Select this option to configure block MIME features.

List

Specifies the MIME list custom object.

Enter the MIME list custom object you created for blocking MIME patterns.

Exception

Specifies the exception MIME list custom object.

Enter the exception MIME list custom object you created for MIME patterns that will not be blocked.

Profile > Notification Options

Enable Feature

Enables notification options.

Select this option to enable notification options.

Type

Specifies the notification type.

Select message as the type of notification that is sent when a fallback option of block is triggered.

notify-mail-sender

Specifies that notification will be sent to the sender.

Select this option to notify the sender of the mail.

Custom Message

Specifies the notification actions for fallback block, fallback nonblock, and virus detection.

Enter the text to appear in the body of the notification e-mail.

Configuring a UTM Policy for Content-Filtering

To configure a UTM policy for content filtering:

  1. In the NSM navigation tree, select Device Manager > Devices.
  2. Click the Device Tree tab, and then double-click the device that you want to configure.
  3. Click the Configuration tab. In the configuration tree, select Security > Utm > Utm Policy.
  4. Click New to add a new UTM policy entry.
  5. Enter a unique name for the UTM policy.
  6. Select Content Filtering and enter the name of the profile you had created.
  7. In the Http, Imap, Pop3, or Smtp profile boxes, enter the name of the profile you created earlier.
  8. For Ftp, select the upload and download profiles.
  9. Click OK to save the changes.

Once you have configured a UTM policy for content filtering, attach the UTM policy to a security policy that you create.

Related Documentation