[Prev][Next][Report an Error]

J-Web Quick Configuration

To configure content filtering using the J-Web configuration editor, you must first create your custom objects (Protocol Command List, Filename Extension List, MIME Pattern List).

Configure a Protocol Command Custom Object as follows: (See for information on protocol commands.)

  1. Select the Configuration tab at the top of the page.
  2. Select UTM in the left pane, under Quick Configuration, to expand the UTM category. Once UTM is expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering, and Custom Objects become available.
  3. Select Custom Objects in the left pane.
  4. In the right pane, under Protocol command list, click the Add button to create command lists. See Figure 83.

    Figure 83: Custom Object, Protocol Command List, Quick Configuration

     Custom Object, Protocol Command
List, Quick Configuration

  5. Next to Protocol Command, enter a unique name for the list you are creating. (This name appears in the Permit command and Block command lists when you configure a content filter profile.)
  6. Under Values, in the box next to the Add button, enter the command for the protocol in question.
  7. Click the Add button to add your protocol command to the Values list box. Within this box, you can select an entry and use the up and down arrows to change the order of the list. You can also select an entry and use the X button to delete it from the list. Continue to add protocol commands in this manner.
  8. Click the OK button to save the selected values as part of the list you have created. See Figure 84.

    Figure 84: Custom Object, Protocol Command Configuration, Quick Configuration

     Custom Object, Protocol Command
Configuration, Quick Configuration

  9. Under Protocol command list, select the check box beside the command list you created.
  10. Click Apply.

Configure a Filename Extension List Custom Object as follows (see ):

  1. Select the Configuration tab at the top of the page.
  2. Select UTM in the left pane, under Quick Configuration, to expand the UTM category. Once UTM is expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering, and Custom Objects become available.
  3. Select Custom Objects in the left pane.
  4. In the right pane, under Filename Extension List, click the Add button to create a file extension list. See Figure 85.

    Figure 85: Custom Object, Filename Extension List, Quick Configuration

     Custom Object, Filename Extension
List, Quick Configuration

  5. Next to Extension Name (see Figure 86) enter a unique name for the list you are creating. (This name appears in the Block extension list when you configure a content filter profile.)
  6. In the Default Filename Extension box, select one or more default values (press Shift to select multiple concurrent items or press Ctrl to select multiple separate items) and click the <— left arrow button to move the value or values to the Value box.
  7. Click the OK button to save the selected values as part of the extension list you have created. See Figure 86.

    Figure 86: Custom Object, Filename Extension Configuration, Quick Configuration

    Custom Object, Filename Extension
Configuration, Quick Configuration

  8. Under File Extension List, select the check box beside the extension list you created.
  9. Click Apply.

Configure a MIME Pattern List Custom Object as follows: (See for overview information on MIME white lists.)

  1. Select the Configuration tab at the top of the page.
  2. Select UTM in the left pane, under Quick Configuration, to expand the UTM category. Once UTM is expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering, and Custom Objects become available.
  3. Select Custom Objects in the left pane.
  4. In the right pane, under MIME Pattern List, click the Add button to create MIME pattern lists. See Figure 87.

    Figure 87: Custom Object, MIME Pattern List, Quick Configuration

    Custom Object, MIME Pattern List,
Quick Configuration

  5. Next to MIME Name, enter a unique name for the list you are creating. Keep in mind that you are creating a MIME block list and a MIME block exception list (if necessary). Both MIME lists appear in the Block MIME list and the Block MIME exception list fields when you configure content filtering. Therefore, the MIME list names you create should be as descriptive as possible.
  6. Under Values, in the box next to the Add button, enter the MIME pattern.
  7. Click the Add button to add your MIME pattern to the Values list box. Within this box, you can select an entry and use the up and down arrows to change the order of the list. You can also select an entry and use the X button to delete it from the list. Continue to add MIME patterns in this manner.
  8. Optionally, create a new MIME list to act as an exception list. The exception list is generally a subset of the main MIME list.
  9. Click the OK button to save the selected values as part of the MIME list you have created. See Figure 88. (This takes you back to the main configuration page.)

    Figure 88: Custom Object, MIME Pattern Configuration, Quick Configuration

    Custom Object, MIME Pattern Configuration,
Quick Configuration

  10. Under MIME Pattern List, select the check box beside the pattern list you created.
  11. Click Apply.

Now that your custom objects have been created, you can configure the content-filtering feature profile.

  1. Select the Configuration tab at the top of the page.
  2. Select UTM in the left pane, under Quick Configuration, to expand the UTM category. Once UTM is expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering, and Custom Objects become available.
  3. Select Content Filtering in the left pane.
  4. In the right pane, click the Add button below the Profile Name table to create a profile for content filtering.
  5. Next to Profile Name, enter a unique name in the box.
  6. Next to Permit command list, select the protocol command custom object you created for permitting commands from the list. (The permit protocol command list is intended to act as an exception list for the block protocol command list.)

    Note: Protocol command lists, both permit and block, are created using the same custom object.

  7. Next to Block command list, select the protocol command custom object you created for blocking commands from the list. See for overview information on the block protocol command list.
  8. Next to Block extension list, select the file extension list custom object you created for blocking extensions from the list.
  9. Next to Block MIME list, select the MIME pattern list custom object you created for blocking MIME patterns from the list.
  10. Next to Block MIME exception list, select the MIME pattern exception list custom object (if applicable) you created for allowing exceptions to the blocked MIME patterns from the list.
  11. Next to Block content type, select content types in the Available Content Types box on the right and click the left arrow button <— to move items to the Selected Content Types box. (Press Shift to select multiple concurrent items or press Ctrl to select multiple separate items.)

    Note: Block content type applies blocks to other available content such exe, http cookie, Java applet, and so on. The list of content types available from the Block content type box are only supported for HTTP blocking.

  12. Next to Notification options type, select Message from the list.
  13. Next to Notify mail sender, select the check box to enable this notification. Otherwise, no configured notification is sent.
  14. Next to Custom notification message, enter text for your custom message for this notification in the box (if you are using a custom message).
  15. Click OK. See Figure 89. This takes you back to the main Content Filtering configuration page.

    Figure 89: Content Filtering Configuration, Quick Configuration

    Content Filtering Configuration, Quick
Configuration

  16. Select the check box in the Profile Name table for the profile you are using.
  17. Click Apply. See Figure 90.

    Figure 90: Content Filtering Profile Selection, Quick Configuration

    Content Filtering Profile Selection,
Quick Configuration

    Note: You create a separate content filtering profile for each supported content filtering protocol. When you are creating your UTM policy for content filtering , the UTM policy configuration page provides separate content filtering profile selection fields for each supported protocol.

Next, configure a UTM policy for content filtering to which you attach the content filtering profile you have configured.

  1. Select Security Policies> UTM Policies.
  2. Click Add.
  3. In the Policy Name box, enter a unique name for the UTM policy you are creating.
  4. Under Content filtering, select a profile you have configured from the list for each protocol.
  5. In the Session Per Client Over Limit list, select one of the following: Log and Permit, Block. This is the action the device takes when the session per client limit for this UTM policy is exceeded.
  6. In the Session Per Client Limit box, enter a session per client limit from 0 to 20000 for this UTM policy.
  7. Click OK. This takes you back to the UTM Policies page.
  8. Select the check box in the UTM Policy table for the policy you are using.
  9. Click Apply.

Next, attach the UTM policy to a security policy that you create.

  1. Select Security Policies> FW / VPN Policies.
  2. Next to Default Policy Action, select one of the following: Deny-All, Permit-All.
  3. Next to From Zone, select a zone from the list.
  4. Next to To Zone, select a zone from the list.
  5. Under Zone Direction, click Add a Policy.
  6. In the Policy Name box, enter a unique name for the security policy you are creating.
  7. Under Match Criterias, choose a Source Address. Do this by selecting an entry in the Source Address Book box and clicking the <— button to move it to the Matched box.
  8. Under Match Criterias, choose a Destination Address. Do this by selecting an entry in the Destination Address Book box and clicking the <— button to move it to the Matched box.
  9. Under Match Criterias, choose an Application or Applications. Do this by selecting junos-<protocol>(for all protocols that support antivirus scanning) in the Application Sets box and clicking the <— button to move them to the Matched box.
  10. Next to Policy Action, select one of the following: Permit, Deny, Reject.

    Note: When you select Permit for Policy Action, several additional fields become available, including UTM Policy.

  11. Next to UTM Policy, select the appropriate policy from the list. This attaches your UTM policy to the security policy.

    Note: There are several fields on this page that are not described in this section. See the Security Policies section for detailed information on configuring security policies and all the available fields.

  12. Click OK. This takes you back to the main Security Policies configuration page.
  13. Under Policies, select the check box beside the security policy you created.
  14. Click Apply.

[Prev][Next][Report an Error]