URL Filter Configuration Example

This section describes a URL filter configuration example.

The security appliance works as the gateway of an enterprise. Ethernet0/0 connects to Internet and belongs to untrust zone; ethernet0/1 connects to the Intranet of R&D department and belongs to trust zone; ethernet0/3 connects to the Intranet of Marketing department and belongs to the trust1 zone.

It is required to forbid the members in the R&D department (the network segment is 10.100.0.0/16) to access the websites about news (except for the website of www.abc.com) and an entertainment website www.bcd.com in the work time (09:00 to 18:00, from Monday to Friday), and log the access attempts.

See the topology below:

This section shows the URL filter configurations in details, and for the configurations about interface, zone, and log, see the related chapters.

Preparations

Before configuring the URL filter function, finish the following preparations first:

1. Install the URL service license and reboot the device.
2. Update the predefined URL database.

Configurations

Take the following steps:

Step 1: Create the URL filter rule named urlcontrol.

1. On the Navigation pane, click Configure > Content > URL Filter to visit the URL Filter page.
2. Click New.
3. In the URL Filter Rule Configuration dialog, type urlcontrol into the Name box.
4. Under Match Conditions, finish the options as below to specify the conditions for the rule.
   • Dst zone: untrust
   • User: Click Choose, and in the User Configuration dialog, add the IP type user 10.100.0.0/16. Click OK to close the dialog.
   • Schedule: Click Choose to create a new schedule named workday. Specify the periodic schedule for the schedule as Monday to Friday, 09:00 to 16:00.
5. Under Action, click New on the URL category tab. In the URL Category dialog, create a URL category named bcd which contains the entertainment website www.bac.com. Configure the options as below:
   • Category: bcd
   • URL http://: Type www.bcd.com into the box and then click Add.
6. Click OK to save the settings and return to the URL Filter Rule Configuration dialog.
7. In the URL category list, select the Block and Log check boxes of News and bcd.
8. Switch to the URL keyword category tab page, and click New.
9. In the Keyword Category Configuration dialog, specify the name of the keyword category as url-keyword, and click New to add keywords to the category. Configure the options as below:
   • Keyword: Type ef into the box, and select Simple from the drop-down list.
   • Trust value: 100
   Click Add to add the keyword ef into the system.
10. Click OK to save the settings and return to the URL Filter Configuration dialog.
11. In the URL keyword category list, select the Block and Log check boxes of url-keyword.
    
12. Click OK to save the settings and return to the URL Filter page.

Step 2: Configure the bypass domain to make the website www.abc.com out of control.

1. On the Task tab of the right pane, click Bypass Domain.
2. In the Bypass Domain dialog, type www.abc.com into the box, and click Add.
3. Click OK to save the settings.

After finishing the above configurations, during the work time, the member in the R&D department cannot access the news type websites (except for www.abc.com) and www.bcd.com, and also, they cannot search the keyword ef. The system will record the access attempts if anyone wants to visit.