Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring Web Filtering (NSM Procedure)

    This section includes the following topics:

    Configuring a URL Pattern List Custom Object

    To configure a URL pattern list custom object:

    1. In the NSM navigation tree, select Device Manager > Devices.
    2. Click the Device Tree tab, and then double-click the device for which you want to configure URL pattern list custom objects.
    3. Click the Configuration tab. In the configuration tree, select Security > Utm > Custom Objects.
    4. Select Url Pattern and click New.
    5. Enter a unique name for the list.
    6. Select Value and add a new entry.
    7. In Value, enter the URLs or IP addresses that you want to be added to the list for bypassing scanning.

      Note: For URL pattern wildcard support, the wildcard rule is as follows: \*\.[]\?* and you must precede all wildcard URLs with http://. You can only use an asterisk (*) if it is at the beginning of the URL and is followed by a dot (.). You can only use a question mark (?) at the end of the URL.

      The following wildcard syntax is supported: http://*.juniper.net, http://www.juniper.ne?, http://www.juniper.n??. The following wildcard syntax is not supported: *.juniper.net , www.juniper.ne?, http://*juniper.net, http://*.

    8. Click OK to save the changes.

    Configuring a Custom URL Category List Custom Object

    To configure a custom URL category list custom object:

    1. In the NSM navigation tree, select Device Manager > Devices.
    2. Click the Device Tree tab, and then double-click the device for which you want to configure whitelist and blacklist custom objects.
    3. Click the Configuration tab. In the configuration tree, select Security > Utm > Custom Objects.
    4. Select Custom Url Category and click New.
    5. Enter a unique name for the list.
    6. Select Value and add a new entry.
    7. Enter the name of the URL pattern list you created for bypassing scanning.
    8. Click OK to save the changes.

    Configuring a Web Filtering Feature Profile

    To configure a Web filtering feature profile:

    1. In the NSM navigation tree, select Device Manager > Devices.
    2. Click the Device Tree tab, and then double-click the device for which you want to configure a Web filtering feature profile.
    3. Click the Configuration tab. In the configuration tree, select Security > Utm > Feature Profile > Web Filtering.
    4. Add or modify Web filtering feature profile settings as specified in Table 1.
    5. Click one:
      • New—Adds a new profile.
      • OK—Saves the changes.
      • Cancel—Cancels the modifications.

    Table 1: Web Filtering Feature Profile Settings

    Option

    Function

    Your Action

    Url Whitelist

    Specifies the URL whitelist.

    Enter the name of the custom URL list you created. This is the first filtering category that both integrated and redirect Web filtering use. If there is no match, the URL is sent to the SurfControl server.

    Url Blacklist

    Specifies the URL blacklist.

    Enter the name of the custom URL list you created. This is the first filtering category that both integrated and redirect Web filtering use. If there is no match, the URL is sent to the SurfControl server.

    Type

    Specifies the type of Web filtering.

    Select surf-control-integrated from the list.

    Surf Control Integrated > Cache

    Enable Feature

    Enables cache options.

    Select this option to enable cache options.

    Timeout

    Specifies the timeout limit for cache entries.

    Enter a timeout limit in minutes for expiring cache entries. (The default is 24 hours and the maximum allowed life span.)

    Size

    Specifies the size limit for the cache.

    Enter a size limit for the cache in kilobytes. (The default is 500 KB.)

    Surf Control Integrated > Server

    Enable Feature

    Enables server options.

    Select this option to enable server options.

    Host

    Specifies the Surf Control server address.

    Enter the Surf Control server name or IP address.

    Port

    Specifies the port number for communicating with the Surf Control server.

    Enter the port number for communicating with the Surf Control server. (Default ports are 80, 8080, and 8081.)

    Surf Control Integrated > Profile

    Name

    Specifies a name for the Web-filtering profile.

    Enter a unique name for this profile.

    Default

    Specifies the default action for this profile for requests that experience errors.

    Select log-and-permit, permit, or block from the list.

    Custom Block Message

    Specifies the custom message.

    Enter a custom message to be sent when HTTP requests are blocked.

    Timeout

    Specifies the timeout limit.

    Enter a value in seconds. Once this limit is reached, fail mode settings are applied. The default setting is 10 seconds.

    Surf Control Integrated > Profile > Fallback Settings

    Enable Feature

    Enables fallback options.

    Select this option to enable fallback options.

    The available fallback options are as follows:

    • Default
    • Server Connectivity
    • Timeout
    • Too Many Requests

    Specifies the fallback options.

    Select log-and-permitor block from the list.

    Surf Control Integrated > Profile > Category

    Name

    Specifies the name of the category.

    Enter the name of the custom URL category list custom object you created.

    Action

    Specifies the action to be taken.

    Select log-and-permit, permit, or block from the list.

    Configuring a UTM Policy for Web Filtering

    To configure a UTM policy for Web filtering:

    1. In the NSM navigation tree, select Device Manager > Devices.
    2. Click the Device Tree tab, and then double-click the device that you want to configure.
    3. Click the Configuration tab. In the configuration tree, select Security > Utm > Utm Policy.
    4. Click New to add a new UTM policy entry.
    5. Enter a unique name for the UTM policy.
    6. Select Web Filtering and enter the name of Web filtering profile you created earlier in Http Profile.
    7. In the Http profile box, enter the name of the profile you created earlier.
    8. Click OK to save the changes.

    Once you have configured a UTM policy for Web filtering, attach the UTM policy to a security policy that you create.

    Published: 2013-01-06