Showing posts with label Web Filtering. Show all posts
Showing posts with label Web Filtering. Show all posts

SRX UTM: Enhanced Web Filtering - Redirect

Hi Folks,

I was recently asked in regards to Enhanced Web Filtering...

Is there any way to remove the "CATEGORY: Enhanced_Social_Networking_and_Personal_Sites REASON:BY_PRE_DEFINED" message?

And by the way to the person who posted that, your email shows up to me as noreply-comment@blogger.com. So doesn't show on the blog as a comment and I cant reply. Google "noreply-comment@blogger.com". You will find out how to fix. 
 
Anyway the answer is yes! There is a way to solve the issue.
We will test 3 scenarios while trying to access Playboy.
Read more »
Posted by at 2 comments:
Labels: , ,

SRX UTM: Web Filtering (Enhanced Web Filtering)

This summary is not available. Please click here to view the post.
Read more »
Posted by at 1 comment:
Labels: , , ,

SRX UTM: Web Filtering (Local)

Time to test the UTM Web Filtering feature.

The first thing to know is that there are 4 different ways to do this on the SRX.

1) Surfcontrol - This is know as Integrated Web Filtering and uses a cloud based Surfcontrol server to categorise URLs. This option requires a license and of course you can test with the 30 day trial license. The cloud based Surfcontrol server doesn't permit or deny anything. When queried by the SRX it provides a category that is permitted or denied by the policy you create on the SRX. The URL-to-category site results from the Surfcontrol server are cached locally which means subsequent requests for the same site don't require a lookup on the Surfcontrol server. This is a sensible approach as it means you dont have to download the whole database from Surfcontrol every time you start the SRX - it just requests the info from Surfcontrol on as as needed realtime basis.

Note: Surfcontrol is now owned by Websense though Juniper still name this option as Surfcontrol.

2) Enhanced Web Filtering - This is another type of Integrated solution which uses the Websense ThreatSeeker Cloud (TSC). Similar to Surfcontrol option above it provides a cattergory for the site to be checked but in addition also provides a reputation for the site.
A license is required for this option.

Juniper consider this option "next-generation URL filtering solution, building upon the existing SurfControl solution".

3) Websense - This is known Redirect Web Filtering and uses your local Websense server. This option does not require a licence. The main difference here to the Surfcontrol option is the the Websense server itself, through its own polices is doing the denying or permitting.

4) Local lists. This option uses local black and white lists to permit or deny access to URLs. No license required.

In this post I will configure and test the Local lists 

Read more »
Posted by at 1 comment:
Labels: , , ,
Subscribe to: Posts (Atom)