Example 6.17. Reclassifying a blocked site
This example shows how a user may propose a reclassification of a web site if he believes it is wrongly classified.
This mechanism is enabled on a per-HTTP ALG level basis.
CLI
First, create an HTTP Application Layer Gateway (ALG) Object:
gw-world:/> add ALG ALG_HTTP content_filtering WebContentFilteringMode=Enable
FilteringCategories=SEARCH_SITES AllowReclassification=Yes
Then, continue setting up the service object and modifying the NAT rule as we have done in the previous
examples.
Web Interface
First, create an HTTP Application Layer Gateway (ALG) Object:
1.
Go to Objects > ALG > Add > HTTP ALG
2.
Specify a suitable name for the ALG, for example content_filtering
3.
Click the Web Content Filtering tab
4.
Select Enabled in the Mode list
5.
In the Blocked Categories list, select Search Sites and click the >> button
6.
Check the Allow Reclassification control
7.
Click OK
Then, continue setting up the service object and modifying the NAT rule as we have done in the previous
examples.
Dynamic content filtering is now activated for all web traffic from lannet to all-nets and the user is able to propose
reclassification of blocked sites. Validate the functionality by following these steps:
1.
On a workstation on the lannet network, launch a standard web browser.
2.
Try to browse to a search site, for example www.google.com.
3.
If everything is configured correctly, your web browser will present a block page where a dropdown list
containing all available categories is included.
4.
The user is now able to select a more proper category and propose a reclassification.
6.3.4.3. Content Filtering Categories
This section lists all the categories used with Dynamic Content Filtering and describes the purpose
of each category.
Category 1: Adult Content
A web site may be classified under the Adult Content category if its content includes the description
or depiction of erotic or sexual acts or sexually oriented material such as pornography. Exceptions to
this are web sites that contain information relating to sexuality and sexual health, which may be
classified under the Health Sites Category (21). Examples might be:
•
www.naughtychix.com
•
www.fullonxxx.com
6.3.4. Dynamic Web Content Filtering
Chapter 6. Security Mechanisms
250
Содержание 800 - DFL 800 - Security Appliance
Страница 24: ...1 3 NetDefendOS State Engine Packet Flow Chapter 1 NetDefendOS Overview 24 ...
Страница 69: ...2 6 4 Restore to Factory Defaults Chapter 2 Management and Maintenance 69 ...
Страница 121: ...3 9 DNS Chapter 3 Fundamentals 121 ...
Страница 166: ...interfaces without an overriding IGMP Setting Default 1 000 4 6 4 Advanced IGMP Settings Chapter 4 Routing 166 ...
Страница 181: ...4 7 5 Advanced Settings for Transparent Mode Chapter 4 Routing 181 ...
Страница 192: ...5 5 IP Pools Chapter 5 DHCP Services 192 ...
Страница 282: ...6 7 Blacklisting Hosts and Networks Chapter 6 Security Mechanisms 282 ...
Страница 300: ...mechanism 7 3 7 SAT and FwdFast Rules Chapter 7 Address Translation 300 ...
Страница 301: ...7 3 7 SAT and FwdFast Rules Chapter 7 Address Translation 301 ...
Страница 303: ... Changed on a regular basis such as every three months 8 1 Overview Chapter 8 User Authentication 303 ...
Страница 318: ...8 3 Customizing HTML Pages Chapter 8 User Authentication 318 ...
Страница 322: ...ALG 9 1 5 The TLS Alternative for VPN Chapter 9 VPN 322 ...
Страница 377: ...Management Interface Failure with VPN Chapter 9 VPN 377 ...
Страница 408: ...10 4 6 SLB_SAT Rules Chapter 10 Traffic Management 408 ...
Страница 419: ...11 5 HA Advanced Settings Chapter 11 High Availability 419 ...
Страница 426: ...12 3 5 Limitations Chapter 12 ZoneDefense 426 ...
Страница 449: ...13 9 Miscellaneous Settings Chapter 13 Advanced Settings 449 ...