ZyWALL Series CLI Reference Guide
366
CHAPTER 43
Content Filtering
This chapter covers how to use the content filtering feature to control web access.
43.1 Content Filtering Overview
Content filtering allows you to block certain web features, such as cookies, and/or block access to
specific web sites. It can also block access to specific categories of web site content. You can create
different content filtering policies for different addresses, schedules, users or groups and content filtering
profiles. For example, you can configure one policy that blocks John Doe’s access to arts and
entertainment web pages during the workday and another policy that lets him access them after work.
43.1.1 Web Content Filter
The Web Content Filter allows the Zyxel Device to block specific web features, such as cookies or
ActiveX, by inspecting the web pages that users are visiting. The Zyxel Device can also block access to
specific websites, by inspecting the URL or Server Name Indication (SNI) that the user’s web browser
sends to the web server.
43.1.1.1 Web Content Filter Process
1 A user enters a URL into their web browser.
2 The user’s computer sends a DNS query for the URL.
3 DNS server returns an IP address for the URL.
4 The user’s web browser connects to the IP address.
5 The Web Content Filter detects an HTTP connection, and inspects the website send using Server Name
Indication (SNI).
6 If the website contains prohibited material, the HTTP request is redirected to a block page.
Note: If the user’s web browser is using encryption, then you must enable SSL Inspection for
Web Content Filter to work.
If the user’s web browser is using Encrypted Server Name Indication (ESNI), DNS Content
Filter will not work.
43.1.2 DNS Content Filter
The DNS Content Filter allows the Zyxel Device to block access to specific websites by inspecting DNS
queries made by users on your network. If the website in the DNS query contains prohibited material,
To Next Page
Loading...
