Ruijie Community

Title: Typical Configuration Example of Firewall URL Filtering [Print this page]

Author: zhangqiao@ruiji    Time: 2024-10-31 14:02
Title: Typical Configuration Example of Firewall URL Filtering
1. Device Model and Firmware

  Device Type
  
  Device Model
  
  Version
  
  NGFW
  
  RG-WALL  1600-Z-S series firewall
  
  NGFW_NTOS1.0
  
2. Service Requirements

Configure behavior management on the firewall to block traffic from specified URLs or applications.
3. Topology

4. Configuration Roadmap
Create a security policy to block traffic from a specified application or URL.
5. Configuration Procedure

Choose Policy > SecurityPolicy, and click Create to create a security policy.
On the pop-up window that isdisplayed, click Create to continue.
The following uses blocking of YouTube traffic as an example.
Basic information:
  Item
  
  Description
  
  Remarks
  
  Name
  
  Name of the security policy.
  
  Special  characters (e.g.: `~!#%^&*+\/0::”/<>?) and spaces are not allowed.  [Example] Trust_to_untrust
  
  Enabled  State
  
  Enable this security policy as required.
  
  [Example]  Enable
  
  Policy  Group
  
The policy group to which the new security policy belongs.
  
  1.  Select a group from the drop-down list; or
  2.  Click Add Group to add a custom policy group. [Example] Default policy  group.
  
  Priority
  
Place the new security policy either before or after the specified policy. Policies  closer to the top have a higher priority in matching.
  
  N/A
  
  Description
  
  Description  of the security policy.
  
  Special  characters (e.g.: `~!#%^&*+\/0::”/<>?) and spaces are not allowed.  [Example] Perform virus detection for the HTTP traffic from security zone 1  to security zone 2.
  
Set Action Option to Deny,and click App, User, EffectiveTime to select the specified application.
Click App. In the dialog box that is displayed, search for and select YouTube. Click Confirm.
You can also configure the target user, service, source, and effective time. In this example, the policy takes effect for all users and all IP addresses in any time range. Therefore, select Any for all the parameters.
Click Save.
For a custom application, choose Object >App>Custom App, and click Create.
In the dialog box that is displayed, enter avalue in the Name and Category Name fields for the object, and click Create to create an app rule.
Configure the Protocol Type field and other parameters as needed, and click Confirm.
Click Confirm.
Follow the preceding procedures to block traffic from the custom application.
Verification

In the policy list, the policy takes effect, and all downlink users of the firewall cannot access YouTube and the custom application. You can also check the Hit Count field in the command output for verification.





Welcome to Ruijie Community (https://community.ruijienetworks.com/) Powered by Discuz! X3.2