Amer Networks E5Web GUI User Manual

Then, create a service object using the new HTTP ALG:

Device:/> add ServiceTCPUDP http_content_filtering Type=TCP

DestinationPorts=80
ALG=content_filtering

Finally, modify the NAT rule to use the new service. Assume rule is called NATHttp:

Device:/> set IPRule NATHttp Service=http_content_filtering

InControl

Follow the same steps used for the Web Interface below.

Web Interface

First, create an HTTP Application Layer Gateway (ALG) Object:

1.

Go to: Objects > ALG > Add > HTTP ALG

2.

Specify a suitable name for the ALG, for example content_filtering

3.

Click the Web Content Filtering tab

4.

Select Enabled in the Mode list

5.

In the Blocked Categories list, select Search Sites and click the >> button.

6.

Click OK

Then, create a service object using the new HTTP ALG:

1.

Go to: Local Objects > Services > Add > TCP/UDP service

2.

Specify a suitable name for the Service, for example http_content_filtering

3.

Select TCP in the Type list

4.

Enter 80 in the Destination Port textbox

5.

Select the HTTP ALG just created in the ALG list

6.

Click OK

Finally, modify the NAT rule to use the new service:

1.

Go to: Policies

2.

Select the NAT rule handling the HTTP traffic

3.

Go to: Service

4.

Select the new service, http_content_filtering, in the predefined Service list

5.

Click OK

Dynamic content filtering is now activated for all web traffic from lan_net to all-nets.

We can validate the functionality with the following steps:

Chapter 6: Security Mechanisms

451