Ruijie Community

Title: Typical Configuration Example of Firewall URL Filtering [Print this page]
Author: zhangqiao@ruiji    Time: 2024-10-31 13:51
Title: Typical Configuration Example of Firewall URL Filtering
1. DeviceModel and Firmware

  Device Type
  		  Device Model
  		  Version
  
  NGFW
  		  RG-WALL  1600-Z-S series firewall
  		  NGFW_NTOS1.0
  
2. Service Requirements

Configurebehavior management on the firewall to block traffic from specified URLs orapplications.
3. Topology

4. Configuration Roadmap
Create a security policy to block traffic from a specified application or URL.
5. Configuration Procedure

(1) Choose Policy > SecurityPolicy, and click Create to create a security policy.
(3) The following uses blocking of YouTube traffic as an example.
Basic information:
  Item
  		  Description
  		  Remarks
  
  Name
  		  Name  of the security policy.
  		  Special  characters (e.g.: `~!#%^&*+\/0::”/<>?) and spaces are not allowed.  [Example] Trust_to_untrust
  
  Enabled  State
  		  Enable  this security policy as required.
  		  [Example]  Enable
  
  Policy  Group
  		  The  policy group to which the new security policy belongs.
  		  1.  Select a group from the drop-down list; or
  2.  Click Add Group to add a custom policy group. [Example] Default policy  group.
  
  Priority
  		  Place  the new security policy either before or after the specified policy. Policies  closer to the top have a higher priority in matching.
  		  N/A
  
  Description
  		  Description  of the security policy.
  		  Special  characters (e.g.: `~!#%^&*+\/0::”/<>?) and spaces are not allowed.  [Example] Perform virus detection for the HTTP traffic from security zone 1  to security zone 2.
  
(4) Set Action Option to Deny,and click AppUserEffectiveTime to select the specified application.
(5) Click App. In thedialog box that is displayed, search for and select YouTube. Click Confirm.
(6) You can also configure thetarget user, service, source, and effective time. In this example, the policytakes effect for all users and all IP addresses in any time range. Therefore,select Any for all the parameters.
(7) Click Save.
(8) For a custom application,choose Object > App > Custom App, and click Create.
(9)In the dialog box that is displayed, enter avalue in the Name and Category Name fields for the object, andclick Create to create an app rule.
(10) Configure the ProtocolType field and other parameters as needed, and click Confirm.
(11) Click Confirm.
(12) Follow the preceding procedures to block traffic from the custom application.
6. Verification
In the policy list, the policy takes effect, and all downlink users of the firewall cannot access YouTube and the custom application. You can also check the Hit Count field in the command output for verification.




Welcome to Ruijie Community (https://community.ruijienetworks.com/) Powered by Discuz! X3.2