Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Create a Web Filtering Profile

Web filtering profiles enable you to manage Internet usage by preventing access to inappropriate Web content over HTTP.

  1. Click SRX > Security Subscriptions > Content Security > Web Filtering Profiles.
    The Web Filtering Profiles page is displayed.
  2. Click + to create a new Web filtering profile.
    The Create Web Filtering Profiles wizard with brief instructions to create a Web filtering profile is displayed.
  3. On the General page, configure the fields acccording to the guidelines below and click Next:
    Table 1: General Information

    Field

    Guideline

    Name

    Enter a unique name for the Web filtering profile. The maximum length is 29 characters.

    Description

    Enter a description for the Web filtering profile. The maximum length is 255 characters.

    Timeout

    		 Enter a timeout (in seconds) to wait for a response from the Websense server. The default is 15 seconds and the maximum is 1800 seconds.

    Engine Type

    Select an engine type for Web filtering:

    • (Default) Juniper Enhanced—Content Security-enhanced Web filtering.

    • Juniper NextGen—Intercepts the HTTP and HTTPS traffic and sends URL information or the destination IP address to the Juniper NextGen Web Filtering (NGWF) Cloud. The NGWF Cloud categorizes the URL and provides site reputation information. Based on this information, SRX Series Firewall takes action on the traffic.

      Note:

      To use this option, you must have Junos OS version 23.4R1 or later installed.

    • Websense Redirect—Redirect Web filtering profile.

    • Local—Allows you to define custom URL categories, which can be included in blocklists and allowlists that are evaluated on the device.

    Safe Search

    Click the toggle button to enable (default) or disable the safe search. Safe search ensures that embedded objects, such as images on the URLs received from the search engines, are safe and that undesirable content is not returned to the client.

    Note:

    Safe search redirect supports only HTTP as it is not possible to generate a redirect response for HTTPS search URLs.

    Custom Block Message/URL

    Specify the redirect URL or a custom message to be sent when HTTP requests are blocked. The maximum length is 1024 characters.

    Note:

    If a message begins with http: or https:, the message is considered a block URL. Messages that begin with values other than http: or https: are considered custom block messages.

    Click Back to go the preceding step or click Next to go to the next step.

    Custom Quarantine Message

    Define a custom message to allow or deny access to a blocked site based on a user's response to the message. The maximum length is 512 characters.

    The quarantine message contains the following information:

    • URL name

    • Quarantine name

    • Category (if available)

    • Site reputation (if available)

    For example, if you set the action for Enhanced_Search_Engines_and_Portals to quarantine, and you try to access www.search.yahoo.com, the quarantine message is as follows: ***The requested webpage is blocked by your organization’s access policy***.

    Click Back to go the preceding step or click Next to go to the next step.

    Account

    Specify the user account associated with the Websense Web filtering profile.

    Server

    Specify the hostname or an IP address for the Websense server.

    Port

    Specify the port number to use to communicate with the Websense server. The default port value is 15968.

    Click Back to go the preceding step or click Next to go to the next step.

    Sockets

    Enter the number of sockets used for communication between the client and the server. The default value is 8.
  4. On the URL Categories page, click + and configure the fields according to the guidelines below, click OK, and then click Next.
    Table 2: URL Categories

    Field

    Description

    Show

    Select the type of URL categories that must be displayed in the URL Categories list. You can view all, custom, or Juniper enhanced categories.

    URL Categories

    		 Select the URL categories whose requests must be filtered when a request is received.

    Action

    Select the action you want to perform on the filtered URL request. You can permit, block, quarantine, or log and permit the request.

    Type

    Select if you want to display a redirect message or configure a redirect URL for the selected URL categories.

    This field is displayed only when you select Block or Quarantine in the Action drop-down menu.

    Redirect message

    Select a preconfigured message from the drop-down menu. The message is displayed when the user attempts to access the URL.

    This field is displayed only when you select Block or Quarantine in the Action drop-down menu.

    Redirect URL

    Select a preconfigured URL from the drop-down menu. The user is redirected to the URL when they attempt to access the URL.

    To add new redirect URL, click Add redirect URL and follow the on-screen instructions.

    This field is displayed only when you select Block or Quarantine in the Action drop-down menu.
  5. On the Fallback Options page, configure the fields according to the guidelines below and then click Next.
    Table 3: Fallback Options

    Field

    Guideline

    Fallback Options

    Global Reputation Actions

    Enhanced Web filtering intercepts HTTP and HTTPS requests and sends the HTTP URL or the HTTPS source IP to the Websense ThreatSeeker Cloud (TSC). The TSC categorizes the URL into one of the predefined categories and provides the site reputation information to the device. The device determines if it can permit or block the request based on the information provided by the TSC.

    By default, the URLs are processed using their reputation score if there is no category available. Click the toggle button to disable global reputation actions or select the action that you want to take for the uncategorized URLs based on their reputation score:

    • Very Safe—Permit, log and permit, block, or quarantine a request if a site reputation value is 90 through 100. By default, Permit is selected.

    • Moderately Safe—Permit, log and permit, block, or quarantine a request if a site reputation of 80 through 89 is returned. By default, Log and Permit is selected.

    • Fairly Safe—Permit, log and permit, block or quarantine a request if a site-reputation of 70 through 79 is returned. By default, Log and Permit is selected.

    • Suspicious—Permit, log and permit, block, or quarantine a request if a site reputation of 60 through 69 is returned. By default, Quarantine is selected.

    • Harmful—Permit, log and permit, block, or quarantine a request if a site reputation of zero through 59 is returned. By default, Block is selected.

    Note:

    The site reputation score for each level can be modified as per user requirements under Content Security Settings menu. For more information, see Configure the Content Security Settings.

    The site reputation score is not applicable for Juniper NextGen Web filtering.

    Default Action

    Choose the actions for URL categories with no assigned action and for uncategorized URLs. This is used only if no reputation action is assigned.
    Fallback Actions

    Default

    Select Log and Permit or Block (a default action) when an error occurs.

    Server connectivity

    Select Log and Permit or Block when the ThreatSeeker Websense Cloud servers are unreachable.

    Timeout

    Select Log and Permit or Block when a timeout occurs for requests to ThreatSeeker Cloud.

    Too many requests

    Select an option to specify whether the number of messages should be blocked (default) or logged and permitted if the messages received concurrently exceeds the device limits.
  6. Click Finish.

    A Web filtering profile is created, which you can associate with a content security profile. You are redirected to the Web Filtering Profiles page where a confirmation message is displayed.