Static Content Filtering; Stripping Activex And Java Applets - D-Link NetDefend DFL-210 User Manual

6.5.3. Static Content Filtering

Example 6.16. Stripping ActiveX and Java applets
This example shows how to configure a HTTP Application Layer Gateway to strip ActiveX and Java applets. The
example will use the content_filtering ALG object and presumes you have done one of the previous examples.
CLI
gw-world:/> set ALG ALG_HTTP content_filtering RemoveActiveX=Yes RemoveApplets=Yes
Web Interface
1. Go to Objects > ALG
2. In the grid, click on our HTTP ALG obejct, content_filtering.
3. Check the Strip ActiveX objects (including flash) control
4. Check the Strip Java applets control.
5. Click OK.
6.5.3. Static Content Filtering
NetDefendOS can block or permit certain web pages based on configured lists of URLs which are
called blacklists and whitelists. This type of filtering is also known as Static Content Filtering. The
main benefit with Static Content Filtering is that it is a excellent tool to target specific web sites, and
make the decision as to whether they should be blocked or allowed.
Static and Dynamic Filter Ordering
Additionally, Static Content Filtering takes place before Dynamic Content Filtering (described be-
low), which allows the possibility of manually making exceptions from the automatic dynamic clas-
sification process. In a scenario where goods have to be purchased from a particular on-line store,
Dynamic Content Filtering might be set to prevent access to shopping sites by blocking the "Shop-
ping" category. By entering the on-line store's URL into the HTTP Application Layer Gateway's
whitelist, access to that URL is always allowed, taking precedence over Dynamic Content Filtering.
Wildcarding
Both the URL blacklist and URL whitelist support wildcard matching of URLs in order to be more
flexible. This wildcard matching is also applicable to the path following the URL hostname which
means that filtering can be controlled to a file and directory level.
Below are some good and bad blacklist example URLs used for blocking:
*.example.com/*
www.example.com/*
*/*.gif
www.example.com
*example.com/*
Good. This will block all hosts in the example.com domain and all web
pages served by those hosts.
Good. This will block the www.example.com website and all web pages
served by that site.
Good. This will block all files with .gif as the file name extension.
Bad. This will only block the first request to the web site. Surfing to
www.example.com/index.html, for instance, will not be blocked.
Bad. This will also cause www.myexample.com to be blocked since it
141
Chapter 6. Security Mechanisms