1. Manuals
  2. Brands
  3. Allied Telesis Manuals
  4. Firewall
  5. AR Router Series
  6. Technical manual

Configuring Web Control With Firewall Enabled - Allied Telesis AR Series Technical Manual

Feature overview and configuration guide advanced network protection
Hide thumbs Also See for AR Series:
Table of Contents

Advertisement

Configuring Web Control
awplus#web-control categorize http://www.ebay.com http://www.amazon.com
http://ebay.com ==> 54 (Online Auctions)
http://www.amazon.com ==> 55 (Online Shopping)
You can inquire about HTTPS URLs:
awplus#web-control categorize https://reddit.com/r/nfl
awplus#web-control categorize
https://reddit.com ==>
Step 2:
Enable web control.
awplus(config)#web-control
awplus(config-web-control)#
awplus(config-web-control)#
awplus(config-web-control)#
Create rules to deny access to selected categories corresponding to the inquiries.
awplus(config-web-control)#
awplus(config-web-control)#
Note:
If neither 'http://' nor 'https://' is specified in the URL, the default 'http://' is automatically added.
Enquiries about HTTPS URLs will return only the high level category or categories associated with
the domain, not those associated with the resources within the domain.
For inquires about HTTPS URLs, only the domain part of the URL is sent to the web control
provider for categorization, as in the 'reddit.com' example shown above. This is the expected
behaviour with HTTPS traffic, where only the domain name specified in TLS SNI is available for
access.
If the server cannot categorize the URL, the response for it will be 'unknown category'.

Configuring Web Control with Firewall Enabled

The UTM firewall Web Control features integrate with the categorization provider Digital Arts' Active
Rating System (ARS), which is regularly updated with about 100 predefined categories of web sites.
If the URL that a client wishes to visit is not cached, the AR-Series firewall will query the Digital Arts'
ARS. The categorization provider then returns the category of the website. To allow this happen, a
firewall rule to permit HTTP traffic originating from the AR-Series firewall to the Digital Arts server
should be configured.
C613-22104-00 REV B
[Social Bookmarks(31)] [Forums(63)]
Enable web control and control access to categories
https://reddit.com/r/nfl
provider digitalarts
protect
action permit
rule 10 deny "Online Auctions" from any
rule 10 deny "Online Shopping" from any
Configuring Web Control with Firewall Enabled
Advanced Network Protection
|
Page 43

Advertisement

Table of Contents
loading

Related Manuals for Allied Telesis AR Series

Related Content for Allied Telesis AR Series

This manual is also suitable for:

Ar3050sAr4050s

Table of Contents