Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Creating Web Filtering Profiles

Web filtering profiles enable you to manage Internet usage by preventing access to inappropriate Web content over HTTP.

To create a Web filtering profile:

  1. Select Configuration > Unified Threat Mgmt > Web Filtering Profiles in Customer Portal.

    The Web Filtering Profiles page appears.

  2. Click the add icon (+) to create a new Web filtering profile.

    The Create Web Filtering Profiles wizard appears, displaying brief instructions about creating a Web filtering profile.

  3. Click Next to navigate to the next page.
  4. Complete the configuration according to the guidelines provided in Table 1.
    Note:

    Fields marked with * are mandatory.

  5. Click Finish.

    A Web filtering profile is created, which you can associate with a Content Security profile. You are returned to the Web Filtering Profiles page where a confirmation message is displayed.

Table 1: Creating Web Filtering Profiles Settings

Setting

Guideline

General Information

Name

Enter a unique name for the Web filtering profile. The maximum length is 29 characters.

Description

Enter a description for the Web filtering profile. The maximum length is 255 characters.

Timeout

Enter a timeout (in seconds) to wait for a response from the Websense server. The default is 15 seconds and the maximum is 1000 seconds.

Engine Type

Select an engine type for Web filtering:

  • (Default) Juniper Enhanced—Content Security-enhanced Web filtering.

  • Websense Redirect—Redirect Web filtering profile.

Safe Search

Select the check box (default) to ensure that embedded objects, such as images on the URLs received from the search engines, are safe and that undesirable content is not returned to the client.

Clear the check box to disable safe search redirects.

Note:

This option is available only for the Juniper Enhanced engine type. Save search redirect supports only HTTP and you cannot extract the URL for HTTPS. Therefore, it is not possible to generate a redirect response for HTTPS search URLs.

Custom Block Message/URL

Specify the redirect URL or a custom message to be sent when HTTP requests are blocked. The maximum length is 512 characters.

Note:

If a message begins with http: or https:, the message is considered a block message URL. Messages that begin with values other than http: or https: are considered custom block messages.

Click Back to go the preceding step or click Next to go to the next step.

Custom Quarantine Message

Define a custom message to allow or deny access to a blocked site based on a user's response to the message. The maximum length is 512 characters.

The quarantine message contains the following information:

  • URL name

  • Quarantine name

  • Category (if available)

  • Site reputation (if available)

For example, if you set the action for Enhanced_Search_Engines_and_Portals to quarantine, and you try to access www.search.yahoo.com, the quarantine message is as follows: ***The requested webpage is blocked by your organization’s access policy***.

Click Back to go the preceding step or click Next to go to the next step.

Account

Specify the user account associated with the Websense Web filtering profile.

Server

Specify the hostname or IP address for the Websense server.

Port

Specify the port number to use to communicate with the Websense server. The default port value is 15968.

Click Back to go the preceding step or click Next to go to the next step.

Sockets

Enter the number of sockets used for communication between the client and the server. The default value is 8.

URL Categories

Deny Action List

Click the Add URL Categories button to specify a list of URL categories that should be denied access.

The Select URL Categories page appears. Complete the configuration according to the guidelines provided in Table 2.

The list of URL categories selected is displayed in a text box.

Log & Permit Action List

Specify a list of URL categories that are logged and then permitted.

The Select URL Categories page appears. Complete the configuration according to the guidelines provided in Table 2.

The list of URL categories selected is displayed in a text box.

Permit Action List

Specify a list of URL categories that should be permitted access.

The Select URL Categories page appears. Complete the configuration according to the guidelines provided in Table 2

The list of URL categories selected is displayed in a text box.

Quarantine Action List

Specify a list of URL categories that should be quarantined.

The Select URL Categories page appears. Complete the configuration according to the guidelines provided in Table 2.

The list of URL categories selected is displayed in a text box.

Click Back to go the preceding step or click Next to go to the next step.

Fallback Options

Global Reputation Actions

Select this check box (default) if you want to apply global reputation actions.

Enhanced Web filtering intercepts HTTP and HTTPS requests and sends the HTTP URL or the HTTPS source IP to the Websense ThreatSeeker Cloud (TSC). The TSC categorizes the URL into one of the predefined categories and also provides site reputation information for the URL to the device. The device determines if it can permit or block the request based on the information provided by the TSC.

The URLs can be processed using their reputation score if there is no category available. Select the action that you want to take for the uncategorized URLs based on their reputation score:

  • Very Safe—Permit, log and permit, block, or quarantine a request if a site reputation of 90 through 100 is returned. By default, Permit is selected.

  • Moderately Safe—Permit, log and permit, block, or quarantine a request if a site reputation of 80 through 89 is returned. By default, Log and Permit is selected.

  • Fairly Safe—Permit, log and permit, block or quarantine a request if a site-reputation of 70 through 79 is returned. By default, Log and Permit is selected.

  • Suspicious—Permit, log and permit, block, or quarantine a request if a site reputation of 60 through 69 is returned. By default, Quarantine is selected.

  • Harmful—Permit, log and permit, block, or quarantine a request if a site reputation of zero through 59 is returned. By default, Block is selected.

Default Action

Choose the actions to be taken for URL categories with no assigned action and for uncategorized URLs. This is used only if no reputation action is assigned.

Fallback Action

Select the fallback action, which is used when:

  • The ThreatSeeker Websense Cloud servers are unreachable.

  • A timeout occurs for requests to ThreatSeeker Cloud.

  • There are too many requests to be handled by the device.
Table 2: Select URL Categories Settings

Setting

Guideline

Show

Choose which URL categories should be displayed for selection: All categories, Custom URL categories, or Websense URL categories.

The Available column of the URL Categories field displays URL categories based on your selection.

URL Categories

Select one or more URL categories in the Available column and click the forward arrow to confirm your selection. The selected URL categories are displayed in the Selected column.

Alternatively, click Create New URL Category to create a URL category and assign it to the URL category. The Create URL Categories page appears; for more information, see Creating URL Categories.

Click OK to confirm your selection. You are returned to the Create Web Filtering Profiles page.

Related Documentation