Legacy URL Filtering

To manage URL Filtering on Security Gateway versions earlier than R75.20, use the Legacy URL Filtering Policy.

To enable Legacy URL Filtering on Security Gateway versions earlier than R75.20:

1. On the Firewall tab, double-click the required Security Gateway network object.
2. Select Other > More Settings > Enable Legacy URL Filtering.
3. Click OK.

Related Topics Terminology Architecture Configuring Legacy URL Filtering

Terminology

The following terms are used in URL Filtering applications:

• Allow List: A list of allowed URL addresses, for example, a URL in the Allow List is allowed even if it is associated with a category that is blocked.
• Block List: A list of blocked URL addresses, for example, a URL in the Block List is blocked even if it is associated with a category that is not blocked.
• Blocking Notifications: Contains the message that appears when a URL address is blocked and the URL to which a blocked URL address is redirected.
• Category: Contains a group of topics sharing a common attribute (for example, crime, education and games.
• Network Exceptions: Contains a list of connections for which URL Filtering should not be enforced.
• Web Filter: Enables you to allow or block URLs based on network connections and/or an external categorized database and local exception lists.

Architecture

When a URL request arrives at a local machine, the machine checks the Network Exceptions List to determine whether to enforce the URL Filtering policy. The URL Filtering policy is activated if the connection is accepted by the Security Policy. If the URL Filtering policy is enforced, the URL header is stripped and the address is sent to the Web Filter engine.

The URL is allowed or blocked based on URL request information in the predefined database and/or the Web Filter Allow/Block Lists. For example, if the URL address matches two or more categories, and one of them is blocked, the URL address is denied, however, if the same address appears in the Allow List it is accepted.

The Web Filter engine is installed on the Security Gateway and the categories are updated by selecting: SmartDashboard > Anti-Virus & URL Filtering > URL Filtering > URL Filtering Policy.

Important - During installation of the Web Filter engine, no default database is installed; therefore, the Web Filtering policy is not enforced until a signature update is performed. The first update may take a long time, depending on your environment. Subsequent updates should take significantly less time, as only incremental information is downloaded.

Configuring Legacy URL Filtering

To configure Legacy URL Filtering:

1. Enable legacy URL Filtering.
2. In the Application and URL Filtering tab of SmartDashboard, select Legacy URL Filtering > URL Filtering Policy.
3. On the URL Filtering Policy page, configure the following:
   1. Select one of the following URL Filtering Policy Modes:
      • On: URL Filtering is active and URLs associated with blocked categories are blocked. To activate URL Filtering, you must configure automatic updates of the URL Filtering database. To configure automatic updates, click the Automatic updates link. URL Filtering will not work if automatic updates have not been configured.
      • Monitor: URLs associated with blocked categories are logged and not blocked.
      • Off: URL Filtering is off and does not inspect URL addresses.
   2. In the Enforcing Gateways window, select the Security Gateways for which you want to activate URL Filtering. This window contains all of the Security Gateways for which URL Filtering can and has been enforced.
   3. In the Categories list, select the URL categories to block.
      • A green icon indicates that URLs associated with this category are allowed.
      • A red icon indicates that URLs associated with this category are blocked.
   4. In the Tracking section, select how to track a detected URL address. All options other than None generate a log record in SmartView Tracker.
4. Select Advanced > Allow URLs/IPs to add a URL or IP address to be allowed even if it is associated with a blocked category.
5. Select Advanced > Block URLs/IPs to add a URL or IP address to be blocked even if it is associated with an allowed category.
6. Select Advanced > Network Exceptions to create a list of the networks connections through which traffic should not be inspected or in order to enforce URL Filtering on all Web traffic. Network Exceptions works according to a source and destination Rule Base and does not use the URL Filtering engine.
7. Select Advanced > Blocking Notifications to notify the user when the URL request is blocked. Choose one of the options:
   • Enter the message to be displayed when a URL address is blocked according to the URL Filtering Policy.
   • Enter the URL to which the user is to be redirected.