C613-22104-00 REV B Configuring Web Control with Firewall Enabled | Page 43
Configuring Web Control Advanced Network Protection
You can inquire about HTTPS URLs:
awplus#web-control categorize https://reddit.com/r/nfl
Step 2:
Enable web control and control access to categories
Enable web control.
awplus(config)#web-control
awplus(config-web-control)# provider digitalarts
awplus(config-web-control)# protect
awplus(config-web-control)# action permit
Create rules to deny access to selected categories corresponding to the inquiries.
awplus(config-web-control)# rule 10 deny “Online Auctions” from any
awplus(config-web-control)# rule 10 deny “Online Shopping” from any
Note:
If neither ‘http://’ nor ‘https://’ is specified in the URL, the default ‘http://’ is automatically added.
Enquiries about HTTPS URLs will return only the high level category or categories associated with
the domain, not those associated with the resources within the domain.
For inquires about HTTPS URLs, only the domain part of the URL is sent to the web control
provider for categorization, as in the ‘reddit.com’ example shown above. This is the expected
behaviour with HTTPS traffic, where only the domain name specified in TLS SNI is available for
access.
If the server cannot categorize the URL, the response for it will be 'unknown category'.
Configuring Web Control with Firewall Enabled
The UTM firewall Web Control features integrate with the categorization provider Digital Arts' Active
Rating System (ARS), which is regularly updated with about 100 predefined categories of web sites.
If the URL that a client wishes to visit is not cached, the AR-Series firewall will query the Digital Arts'
ARS. The categorization provider then returns the category of the website. To allow this happen, a
firewall rule to permit HTTP traffic originating from the AR-Series firewall to the Digital Arts server
should be configured.
awplus#web-control categorize http://www.ebay.com http://www.amazon.com
http://ebay.com ==> 54 (Online Auctions)
http://www.amazon.com ==> 55 (Online Shopping)
awplus#web-control categorize https://reddit.com/r/nfl
https://reddit.com ==> [Social Bookmarks(31)] [Forums(63)]
To Next Page
Loading...
Need help?
General
