Network and System Management
246
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
on the Services screen (see Services-Based Rules on page 84 and Add Customized
Services on page 113).
• LAN users. You can specify which computers on your network are affected by an
outbound rule. There are several options:
- Any. The rule applies to all computers and devices on your LAN.
- Single address. The rule applies to the address of a particular computer.
- Address range. The rule applies to a range of addresses.
- Groups. The rule is applied to a group of computers. (You can configure groups for
LAN WAN outbound rules but not for DMZ WAN outbound rules.) The Known PCs
and Devices table is an automatically maintained list of all known computers and
network devices and is generally referred to as the network database, which is
described in Manage the Network Database on page 68. Computers and network
devices are entered into the network database by various methods that are described
in Manage Groups and Hosts (LAN Groups) on page 67.
• WAN users. You can specify which Internet locations are covered by an outbound rule,
based on their IP address:
- Any. The rule applies to all Internet IP addresses.
- Single address. The rule applies to a single Internet IP address.
- Address range. The rule applies to a range of Internet IP addresses.
• Schedule. You can configure three different schedules to specify when a rule is applied.
Once a schedule is configured, it affects all rules that use this schedule. You specify the
days of the week and time of day for each schedule. For more information, see Set a
Schedule to Block or Allow Specific Traffic on page 122.
• QoS profile. You can define QoS profiles and then apply them to outbound rules to
regulate the priority of traffic. For information about how to define QoS profiles, see
Create Quality of Service (QoS) Profiles on page 117.
• Bandwidth profile. You can define bandwidth profiles and then apply them to outbound
rules to limit traffic. For information about how to define bandwidth profiles, see Create
Bandwidth Profiles on page 119.
Content Filtering
If you want to reduce traffic by preventing access to certain sites on the Internet, you can use
the VPN firewall’s content filtering feature. By default, this feature is disabled; all requested
traffic from any website is allowed.
• Web object blocking. You can block the following web component types: embedded
objects (ActiveX, Java, Flash), proxies, and cookies.
• Keyword and file extension blocking. You can specify words that, should they appear
in the website name (URL), file extension, or newsgroup name, cause that site, file, or
newsgroup to be blocked by the VPN firewall.
• URL blocking. You can specify URLs that are blocked by the VPN firewall.
For more information, see Content Filtering on page 124.
To Next Page
Loading...
