Web Filtering Configuration Page Options

  1. Select Configure>Security>UTM>Web Filtering.

    The Web Filtering configuration page appears. Table 67 explains the contents of this page.

  2. Click one:
    • Global Options—Defines general specifications for a web-filtering configuration. Enter information as specified in Table 68.
    • Add—Adds a new or duplicate web-filtering configuration. Enter information as specified in Table 69.
    • Edit—Edits a selected web-filtering configuration.
    • Delete—Deletes the selected web-filtering configuration.
  3. Click one:
    • OK—Saves the configuration and returns to the main configuration page.
    • Commit Options>Commit—Commits the configuration and returns to the main configuration page.
    • Cancel—Cancels your entries and returns to the main configuration page.

Table 67: Web Filtering Configuration Page

Field

Function

Profile Name

Displays the unique name of the antispam profile.

Profile Type

Displays the profile type selected.

Account

Displays the user account for which this profile is intended.

Server

Displays the server name.

Timeout

Displays the timeout interval.

Table 68: Global Options Web Filtering Configuration Details

Field FunctionAction

URL Whitelist

Specifies a unique customized list of all URLs or IP addresses for a given category that are to be bypassed for scanning.

Select the customized object from the list.

URL Blacklist

Specifies a unique customized list of all URLs or IP addresses for a given category that are scanned for blacklisting.

Select the customized object from the list.

Filtering Type

Surf Control Integrated

Specifies that the Surf Control CPA server intercepts every HTTP request in a TCP connection. The decision making is done on the device after it identifies a category for a URL either from user-defined categories or from the Surf Control category server.

Select this option to choose this type of Web-filtering engine.

Websense Redirect

Specifies that the Web-filtering module intercepts an HTTP request. The URL in the request is then sent to the external Websense server which makes a permit or a deny decision.

Select this option to choose this type of Web-filtering engine.

Local

Specifies that the Web-filtering module intercepts URLs and makes a permit/deny decision locally.

Select this option to choose this type of Web-filtering engine.

Juniper Enhanced

Specifies that the Juniper Enhanced Web Filtering intercepts the HTTP and the HTTPS requests and sends the HTTP URL or the HTTPS source IP to the Websense ThreatSeeker Cloud (TSC).

Select this option to choose this type of Web-filtering engine.

Table 69: Add Web Filtering Configuration Details

Field FunctionAction
Main

Profile Name

Displays the unique name of the Web filtering profile.

Enter a unique name for the web-filtering profile.

Profile Type

Displays the profile type based on the Filtering Type selected. The options available are:

  • Websense—Select this option to use the Websense profile type.
  • Surf Control—Select this option to use Surf Control profile type.
  • Local—Select this option to use the Local profile type.
  • Juniper-Enhanced–Select this option to use the Juniper-enhanced profile type.

Select an option.

Account

Displays the user account for which this profile is intended.

Enter a user account name.

Server

Displays the server name.

Enter the server name.

Port

Displays the port number used to communicate with the server.

Enter the port number.

Sockets

Displays the number of sockets used for communicating between the client and server.

Enter the number of sockets.

Default Action

Displays the default action to be taken for Web-filtering. The options available are:

  • Permit—Permits access to content.
  • Log and Permit—Logs details of the URL and permits access to content.
  • Block—Blocks access to content.

Select an option.

Timeout

Specifies the time interval to wait before the connection to the server is closed.

Type the interval in seconds.

Custom Block Message

Specifies the customized block message to be displayed when content is blocked.

Enter a message to be displayed when content is blocked.

Note: The fields Account, Server, Port, and Sockets are displayed only when you select Websense-Redirect filtering type on the Global Configuration page.

Fallback Options

Default

Specifies all errors other than the categorized settings. These could include either unhandled system exceptions (internal errors) or other unknown errors. The available actions are block or log-and-permit.

Select Log and Permit. The default action is Log and Permit.

Server Connectivity

Specifies that the server connection is not established during certain processes, for example, while the signature database is loading. The available actions are block or log-and-permit.

Select Log and Permit. The default action is Log and Permit.

Timeout

Specifies that if the time taken to scan exceeds the timeout setting in the Web-filtering profile, the processing is aborted and the content is passed or blocked without completing filtering. The decision is made based on the timeout fallback option. The available actions are block or log-and-permit.

Select Log and Permit. The default action is Log and Permit.

Too Many Requests

Specifies that if the total number of messages received concurrently exceeds the device limits, the content is passed or blocked depending on the too-many-request fallback option. The available actions are block or log-and-permit.

Select Log and Permit. The default action is Log and Permit.

Site Reputation Action

Very Safe

Specifies that the action that the device must take if the site reputation score is 90 through 100.

Select Permit, Log and Permit, or Block.

Moderately Safe

Specifies that the action that the device must take if the site reputation score is 80 through 89

Select Permit, Log and Permit, or Block.

Fairly Safe

Specifies that the action that the device must take if the site reputation score is 70 through 79

Select Permit, Log and Permit, or Block.

Suspicious

Specifies that the action that the device must take if the site reputation score is 60 through 69

Select Permit, Log and Permit, or Block.

Harmful

Specifies that the action that the device must take if the site reputation score is 0 through 59

Select Permit or Log and Permit.

URL Category Action List

Categories

Specifies a unique customized list of categories.

  • Add—Adds the selected category and the corresponding action to the list of available categories for the Juniper Enhanced Web Filtering profile.
  • Delete—Deletes the selected category from the list of available categories for the Juniper Enhanced Web Filtering profile.

Select a category from the list

Action

Specifies the action that the device must take for the category selected.

Select Permit, Log and Permit, or Block.

Related Documentation