[Prev][Next][Report an Error]

J-Web Quick Configuration

To configure Web filtering using the J-Web Quick Configuration editor, if you are using custom objects, you must first create those custom objects. (URL pattern list, custom URL category list).

Note: Rather than or in addition to custom object lists, you can use included default lists and included white list and black list categories. See for profile list information.

Configure a URL Pattern List Custom Object as follows:

Note: Because you use URL pattern lists to create custom URL category lists, you must configure URL pattern list custom objects before you configure a custom URL category list.

  1. Select the Configuration tab at the top of the page.
  2. Select UTM in the left pane, under Quick Configuration, to expand the UTM category. Once UTM is expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering, and Custom Objects become available.
  3. Select Custom Objects in the left pane.
  4. In the right pane, under URL Pattern List, click the Add button to create a URL list. See Figure 72.

    Figure 72: Custom Object, URL Pattern List, Quick Configuration

     Custom Object, URL Pattern List,
Quick Configuration

  5. Next to Category Name, enter a unique name for the list you are creating. This name appears in the custom URL category list custom object page for selection.
  6. Under Values, in the box next to the Add button, enter the URL or IP address you want added to the list for bypassing scanning.

    Note: URL pattern wildcard support— The wildcard rule is as follows: \*\.[]\?* and you must precede all wildcard URLs with http://. You can only use “*” if it is at the beginning of the URL and is followed by a “.”. You can only use “?” at the end of the URL.

    The following wildcard syntax IS supported: http://*.juniper.net, http://www.juniper.ne?, http://www.juniper.n??. The following wildcard syntax is NOT supported: *.juniper.net , www.juniper.ne?, http://*juniper.net, http://*.

  7. Click the Add button to add your entry to the Values list. Within this list, you can select an entry and use the up and down arrows to change the order of the list. You can also select an entry and use the X button to delete it from the list. Continue to add URLs or IP addresses in this manner.
  8. Click the OK button to save the selected values as part of the URL pattern list you have created. See Figure 73.

    Figure 73: Custom Object, URL Pattern Configuration, Quick Configuration

    Custom Object, URL Pattern Configuration,
Quick Configuration

  9. Under URL Category List, select the check box beside the URL pattern list you created.
  10. Click Apply.

Configure a custom URL category list custom object as follows: (See URL White List for overview information on URL white lists.)

Note: Because you use URL pattern lists to create custom URL category lists, you must configure URL pattern list custom objects before you configure a custom URL category list. URL pattern list custom objects are described in J-Web Quick Configuration.

  1. Select the Configuration tab at the top of the page.
  2. Select UTM in the left pane, under Quick Configuration, to expand the UTM category. Once UTM is expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering, and Custom Objects become available.
  3. Select Custom Objects in the left pane.
  4. In the right pane, under Custom URL Category List, click the Add button to create a URL white list. See Figure 74.

    Figure 74: Custom Object, Custom URL Category List, Quick Configuration

    Custom Object, Custom URL Category
List, Quick Configuration

  5. Next to Category Name, enter a unique name for the list you are creating. This name appears in the URL Whitelist, Blacklist, and Custom Category lists when you configure Web Filtering.
  6. Under Values, in the list next to the Add button, select a URL Pattern List name from the list for bypassing scanning.
  7. Click the Add button to add your entry to the Values list box. Within this box, you can select an entry and use the up and down arrows to change the order of the list. You can also select an entry and use the X button to delete it from the list. Continue to add URLs or IP addresses in this manner.
  8. Click the OK button to save the selected values as part of the custom URL list you have created. See Figure 75.

    Figure 75: Custom Object, Custom URL Category Configuration, Quick Configuration

    Custom Object, Custom URL Category
Configuration, Quick Configuration

  9. Under URL Category List, select the check box beside the extension list you created.
  10. Click Apply.

Now that your custom objects have been created, you can configure the integrated Web filtering feature profile.

  1. Select the Configuration tab at the top of the page.
  2. Select UTM in the left pane, under Quick Configuration, to expand the UTM category. Once UTM is expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering, and Custom Objects become available.
  3. Select Web Filtering in the left pane.
  4. Next to URL Whitelist, select the Custom URL list you created from the list. This is the first filtering category that both integrated and redirect Web filtering use. If there is no match, the URL is sent to the SurfControl server. See for URL category information.
  5. Next to URL Blacklist, select the Custom URL list you created from the list. This is the first filtering category that both integrated and redirect Web filtering use. If there is no match, the URL is sent to the SurfControl server.
  6. Next to Web Filtering Type, select the type of Web filtering engine you are using. In this case, you would select Surf Control Integrated.
  7. In the SurfControl Integrated section, next to Cache Timeout, enter a timeout limit in minutes for expiring cache entries. (24 hours is the default and the maximum allowed life span.) See for information on the cache.
  8. In the SurfControl Integrated section, next to Cache Size, enter a size limit, in kilobytes, for the cache. (500 KB is the default.)
  9. In the SurfControl Integrated section, next to Server Host, enter the Surf Control server name or IP address.
  10. In the SurfControl Integrated section, next to Server Port, enter the port number for communicating with the Surf Control server. (Default ports are 80, 8080, and 8081.)
  11. Click the Add button below the Profile Name table to create a profile for Web filtering that uses custom filtering lists that you have configured. See Figure 76.

    Figure 76: Web Filtering Integrated Configuration, Quick Configuration

    Web Filtering Integrated
Configuration, Quick Configuration

  12. Next to Profile Name, enter a unique name in the box.
  13. Next to Default Action, select Permit, Block, or Log and Permit from the list. This is the default action for this profile for requests that experience errors.
  14. Next to Custom Block Message, enter a custom message to be sent when HTTP requests are blocked.
  15. Next to Timeout, enter a value, in seconds. Once this limit is reached, fail mode settings are applied. The default here is 10 seconds. You can enter a value from 10 to 240 seconds.
  16. In the Fallback Options section, next to Default, select Block or Log and Permit from the list as the action to occur when a request fails for any reason not specifically called out.
  17. In the Fallback Options section, next to Server Connectivity, select Block or Log and Permit from the list as the action to occur when a request fails for this reason.
  18. In the Fallback Options section, next to Timeout, select Block or Log and Permit from the list as the action to occur when a request fails for this reason.
  19. In the Fallback Options section, next to Too Many Requests, select Block or Log and Permit from the list as the action to occur when a request fails for this reason.
  20. In the custom URL category list section, click the Add button to use a configured custom URL category list custom object in the profile.
  21. Next to Custom URL category, select a configured custom object from the list.
  22. Next to Action, select Permit, Block, or Log and Permit from the list.
  23. Click OK. See Figure 77. (This takes you back to the previous configuration page.)

    Figure 77: Web Filtering Integrated Custom URL Category Configuration, Quick Configuration

    Web Filtering Integrated
Custom URL Category Configuration, Quick Configuration

  24. Select the check box in the Profile Name table for the profile you are using.
  25. Click OK. This takes you back to the previous configuration page.
  26. Select the check box in the Profile Name table for the Surf Control Integrated profile you are using.
  27. Click Apply. See Figure 78.

    Figure 78: Web Filtering Integrated Profile Selection, Quick Configuration

     Web Filtering Integrated
Profile Selection, Quick Configuration

Next, you configure a UTM policy for Web filtering to which you attach the content filtering profile you have configured.

  1. Select Security Policies> UTM Policies.
  2. Click Add.
  3. In the Policy Name box, enter a unique name for the UTM policy you are creating.
  4. Under Web filtering, select a profile you have configured in the HTTP Profile list.
  5. In the Session Per Client Over Limit list, select one of the following: Log and Permit, Block. This is the action the device takes when the session per client limit for this UTM policy is exceeded.
  6. In the Session Per Client Limit box, enter a session per client limit from 0 to 20000 for this UTM policy.
  7. Click OK. This takes you back to the UTM Policies page.
  8. Select the check box in the UTM Policy table for the policy you are using.
  9. Click Apply.

Next, you attach the UTM policy to a security policy that you create.

  1. Select Security Policies>FW / VPN Policies.
  2. Next to Default Policy Action, select one of the following: Deny-All, Permit-All.
  3. Next to From Zone, select a zone from the list.
  4. Next to To Zone, select a zone from the list.
  5. Under Zone Direction, click Add a Policy.
  6. In the Policy Name box, enter a unique name for the security policy you are creating.
  7. Under Match Criterias, choose a Source Address. Do this by selecting an entry in the Source Address Book box and clicking the <— button to move it to the Matched box.
  8. Under Match Criterias, choose a Destination Address. Do this by selecting an entry in the Destination Address Book box and clicking the <— button to move it to the Matched box.
  9. Under Match Criterias, choose an Application or Applications. Do this by selecting junos-<protocol> (for all protocols that support antivirus scanning) in the Application Sets box and clicking the <— button to move them to the Matched box.
  10. Next to Policy Action, select one of the following: Permit, Deny, Reject.

    Note: When you select Permit for Policy Action, several additional fields become available, including UTM Policy.

  11. Next to UTM Policy, select the appropriate policy from the list. This attaches your UTM policy to the security policy.

    Note: There are several fields on this page that are not described in this section. See the section on Security Policies for detailed information on configuring security policies and all the available fields.

  12. Click OK. This takes you back to the main Security Policies configuration page.
  13. Under Policies, select the check box beside the security policy you created.
  14. Click Apply.

[Prev][Next][Report an Error]