User Interface
R&S
®
GP-E/GP-S
100User Manual v16.2.1 ─ 01
changes. To edit an existing profile, click "Save" to store the reconfigured profile or
"Reset" to discard your changes. You can click "Close" to shut the editor panel as long
as no changes have been made on it.
Click "
Activate" in the toolbar of the desktop to apply your configuration changes if
the edited IPS/IDS profile is already associated with a firewall rule.
The IPS/IDS profiles defined here are available for use in custom firewall rules as
described under Chapter 3.3, "Firewall Rule Settings", on page 22.
By selecting the "IDS/IPS" checkbox in firewall rules, the rules of all configured
IPS/IDS profiles are applied. It is not possible to select a single profile for a specific
firewall rule in this release version. If profiles including the same IDS or IPS rule but
different action settings are created, the action setting of the lowest profile that con-
tains this IDS or IPS rule is applied to the firewall rule where IPS/IDS has been
enabled. Necessary improvements follow.
The information in the database is updated in regular intervals based on the license
status and update settings described in Chapter 3.4.1.3, "Updates", on page 33. If an
IPS update contains new rules for a selected category, these rules are automatically
applied.
3.4.6.3 Web Filter Profiles
Web filter profiles determine which websites are available to computers on the protec-
ted network.
The web filter function of your gateprotect Firewall checks Internet addresses (URL,
Uniform Resource Locator consisting of server name, path and filenames) received in
the HTTP traffic for allowed and/or not allowed terms according to their classification in
the black- and whitelists.
A »blacklist« approach defines a list of sites to block and grants access to all sites that
have not been explicitly forbidden. For example, if the URL of a website is on a black-
list, access to this site is blocked. Therefore, with the category "Interests" being black-
listed, the URL http://www.amazon.de is blocked.
In blacklist mode, the web filter triggers a »Reject« action if the requested host
matches any from the "Hostname Blacklist" . If a warning page has been configured,
the user will be directed to it. For all the hosts which do not match any from the "Host-
name Blacklist" , the web filter passes the request on to the firewall rule in which the
web filter profile concerned has been activated.
A »whitelist« approach can be used to limit access to a list of sites that have specifi-
cally been approved for usage and block all others. For example, if the subcategory
"Shopping" is on the blocking list but you want to allow access to the URL
http://www.amazon.de, this URL must be entered into a whitelist.
In whitelist mode, the web filter passes the request on to the firewall rule in which the
web filter profile concerned has been activated if the host matches any from the "Host-
name Whitelist" , and the firewall rule is applied. For all the hosts which do not match
Menu Reference
To Next Page
Loading...