Content filtering configuration example, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual
Page 85
77
Figure 79 Statistic information
Content filtering configuration example
Network requirements
As shown in
, hosts in LAN segment 192.168.1.0/24 access the Internet through SecPath.
Security zones Trust and Untrust are configured on SecPath for the LAN and the Internet respectively.
Perform the following configurations on SecPath:
•
Enable HTTP body filtering to block HTTP responses that carry keyword abc.
•
Enable HTTP Java applet blocking to block Java applet requests to all websites except the one with
IP address 5.5.5.5.
•
Enable SMTP attachment name filtering to block all emails that carry .exe attachments.
•
Enable FTP upload filename filtering to prevent users from uploading files that carry abc in the
filenames.
•
Enable Telnet command word filtering to prevent users from executing commands that carry the
command keyword reboot.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS