advertisement
Chapter 12
Content filtering
This chapter provides a brief overview of content filtering using the embedded
WebGUI.
187
Introduction to content filtering
With Internet content filtering, you can create and enforce Internet access policies tailored to their needs. Content filtering is the ability to block certain web features or specific URL keywords and is not to be confused with packet filtering through
SMT menu 21.1. To access these functions, from the Main Menu, click Content
Filter to expand the Content Filter menus.
Restrict web features
The BCM50a Integrated Router can block web features such as ActiveX controls,
Java applets, and cookies and disable web proxies.
Days and Times
With the BCM50a Integrated Router, you can also define time periods and days during which the BCM50a Integrated Router performs content filtering.
BCM50a Integrated Router Configuration — Basics
188 Chapter 12 Content filtering
Configure Content Filtering
Click Content Filter on the navigation panel, to open the screen show in
Figure 61 Content filter
N0115790
Chapter 12 Content filtering 189
describes the fields in Figure 61
.
Table 42 Content filter
Label
Restrict Web
Features
ActiveX
Java
Cookies
Web Proxy
Enable URL
Keyword
Blocking
Keyword
Keyword List
Add
Delete
Clear All
Day to Block
Description
Select the boxes to restrict a feature. When you download a page containing a restricted feature, that part of the web page appears blank or grayed out.
A tool for building dynamic and active Web pages and distributed object applications. When you visit an ActiveX Web site, ActiveX controls are downloaded to your browser, where they remain in case you visit the site again.
A programming language and development environment for building downloadable Web components or Internet and intranet business applications of all kinds.
Used by Web servers to track usage and provide service based on ID.
A server that acts as an intermediary between a user and the Internet to provide security, administrative control, and caching service. When a proxy server is located on the WAN, it is possible for LAN users to circumvent content filtering by pointing to this proxy server.
The BCM50a Integrated Router can block Web sites with URLs that contain certain keywords in the domain name or IP address. For example, if the keyword bad was enabled, all sites containing this keyword in the domain name or IP address will be blocked, for example, URL http://www.website.com/bad.html is blocked. Select this check box to enable this feature.
Type a keyword in this field. You can use any character (up to 64 characters). Wildcards are not allowed. You can also enter a numerical
IP address.
This list displays the keywords already added.
Click Add after you have typed a keyword.
Repeat this procedure to add other keywords. Up to 64 keywords are allowed.
When you try to access a web page containing a keyword, you will receive a message telling you that the content filter is blocking this request.
Highlight a keyword in the lower box and click Delete to remove it. The keyword disappears from the text box after you click Apply.
Click this button to remove all of the listed keywords.
Select check boxes for the days that you want the BCM50a Integrated
Router to perform content filtering. Select the Everyday check box to have content filtering turned on all days of the week.
BCM50a Integrated Router Configuration — Basics
190 Chapter 12 Content filtering
Table 42 Content filter
Label
Time of Day to
Block
Apply
Reset
Description
Time of Day to Block allows the administrator to define during which time periods content filtering is enabled. Time of Day to Block restrictions only apply to the keywords (see above). Restrict web server data, such as ActiveX, Java, Cookies and Web Proxy are not affected.
Enter the time period, in 24-hour format, during which content filtering will be enforced. Select the All Day check box to have content filtering always active on the days selected in Day to Block with time of day limitations not enforced.
Click Apply to save your changes.
Click Reset to begin configuring this screen afresh
N0115790
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement
Table of contents
- 3 Contents
- 17 Figures
- 23 Tables
- 27 Preface
- 27 Before you begin
- 27 Text conventions
- 28 Related publications
- 28 Hard copy technical manuals
- 28 How to get Help
- 29 Getting Help from the Nortel Web site
- 29 Getting Help over the phone from a Nortel Solutions Center
- 29 Getting Help from a specialist by using an Express Routing Code
- 30 Getting Help through a Nortel distributor or reseller
- 31 Getting to know your BCM50a Integrated Router
- 31 Introducing the BCM50a Integrated Router
- 31 Features
- 32 Physical features
- 34 Nonphysical features
- 39 Applications for the BCM50a Integrated Router
- 39 Secure broadband internet access and VPN
- 41 Introducing the WebGUI
- 41 WebGUI overview
- 41 Accessing the BCM50a Integrated Router WebGUI
- 44 Restoring the factory-default configuration settings
- 44 Navigating the BCM50a Integrated Router WebGUI
- 47 Wizard setup
- 47 Wizard overview
- 47 Encapsulation
- 47 ENET ENCAP
- 48 PPP over Ethernet
- 48 PPPoA
- 48 RFC 1483
- 48 Multiplexing
- 49 VC-based multiplexing
- 49 LLC-based multiplexing
- 49 VPI and VCI
- 49 Wizard setup configuration: first screen
- 51 IP address and subnet mask
- 51 IP address assignment
- 52 IP assignment with PPPoA or PPPoE encapsulation
- 52 IP assignment with RFC 1483 encapsulation
- 52 IP assignment with ENET ENCAP encapsulation
- 52 Private IP addresses
- 53 Nailed-up connection (only with PPP)
- 53 NAT
- 53 Wizard setup configuration: second screen
- 59 DHCP setup
- 59 IP pool setup
- 59 Wizard setup configuration: third screen
- 63 Wizard setup configuration: connection tests
- 63 Test your Internet connection
- 65 User Notes
- 65 General Notes
- 68 Advanced Router Configuration
- 75 System screens
- 75 System overview
- 75 DNS overview
- 75 Private DNS server
- 76 Configuring General Setup
- 79 Dynamic DNS
- 79 DYNDNS wildcard
- 79 Configuring Dynamic DNS
- 81 Configuring Password
- 83 Predefined NTP time server list
- 84 Configuring Time and Date
- 88 ALG
- 88 Configuring ALG
- 89 LAN screens
- 89 LAN overview
- 89 DHCP setup
- 89 IP pool setup
- 90 DNS servers
- 90 LAN TCP/IP
- 90 Factory LAN defaults
- 90 RIP setup
- 91 Multicast
- 92 Configuring IP
- 95 Configuring Static DHCP
- 97 Configuring IP Alias
- 99 WAN screens
- 99 WAN overview
- 99 TCP/IP Priority (metric)
- 100 Configuring General
- 102 PPPoE encapsulation
- 103 Configuring WAN ISP
- 105 Configuring WAN IP
- 109 Traffic redirect
- 111 Configuring Traffic Redirect
- 112 Configuring Dial Backup
- 117 Advanced Modem Setup
- 117 AT Command Strings
- 117 DTR Signal
- 117 Response Strings
- 118 Configuring Advanced Modem Setup
- 121 Network Address Translation (NAT) Screens
- 121 NAT overview
- 121 NAT definitions
- 122 What NAT does
- 123 How NAT works
- 124 NAT application
- 125 NAT mapping types
- 126 Using NAT
- 126 SUA (Single User Account) versus NAT
- 127 SUA Server
- 127 Default server IP address
- 128 Port forwarding: Services and Port Numbers
- 128 Configuring servers behind SUA (example)
- 129 Configuring SUA Server
- 131 Configuring Address Mapping
- 135 Trigger Port Forwarding
- 135 Trigger Port Forwarding example
- 136 Two points to remember about Trigger Ports
- 137 Configuring Trigger Port Forwarding
- 139 Static Route screens
- 139 Static Route overview
- 140 Configuring IP Static Route
- 142 Configuring Route entry
- 145 Firewalls
- 145 Firewall overview
- 145 Types of firewalls
- 146 Packet filtering firewalls
- 146 Application level firewalls
- 146 Stateful Inspection firewalls
- 147 Introduction to the BCM50a Integrated Router firewall
- 148 Denial of Service
- 148 Basics
- 149 Types of DoS attacks
- 153 Stateful inspection
- 154 Stateful inspection process
- 155 Stateful inspection and the BCM50a Integrated Router
- 156 TCP security
- 157 UDP/ICMP security
- 157 Upper layer protocols
- 158 Guidelines for enhancing security with your firewall
- 158 Packet filtering vs. firewall
- 159 Packet filtering:
- 159 Firewall
- 161 Firewall screens
- 161 Access methods
- 161 Firewall policies overview
- 163 Rule logic overview
- 163 Rule checklist
- 163 Security ramifications
- 164 Key fields for configuring rules
- 164 Connection direction examples
- 165 LAN to WAN rules
- 166 WAN to LAN rules
- 166 Configuring firewall
- 170 Configuring firewall rules
- 173 Configuring source and destination addresses
- 174 Configuring custom ports
- 175 Example firewall rule
- 178 Predefined services
- 181 Alerts
- 182 Configuring attack alert
- 182 Threshold values
- 182 Half-open sessions
- 187 Content filtering
- 187 Introduction to content filtering
- 187 Restrict web features
- 187 Days and Times
- 188 Configure Content Filtering
- 191 VPN
- 191 VPN
- 191 IPSec
- 191 BCM50a Integrated Router VPN functions
- 192 VPN screens overview
- 193 Other terminology
- 193 VPN applications
- 194 IPSec architecture
- 195 IPSec algorithms
- 196 AH (Authentication Header) protocol
- 196 ESP (Encapsulating Security Payload) protocol
- 197 Key management
- 198 Encapsulation
- 198 Transport mode
- 199 Tunnel mode
- 199 IPSec and NAT
- 200 Secure Gateway Address
- 201 Dynamic Secure Gateway Address
- 201 Summary screen
- 204 Keep Alive
- 204 Nailed up
- 205 NAT Traversal
- 206 NAT Traversal configuration
- 206 Preshared key
- 206 Configuring Contivity Client VPN Rule Setup
- 208 Configuring Advanced Setup
- 210 ID Type and content
- 211 ID type and content examples
- 212 My IP Address
- 213 Configuring Branch Office VPN Rule Setup
- 222 Configuring an IP Policy
- 228 Port forwarding server
- 228 Configuring a port forwarding server
- 230 IKE phases
- 232 Negotiation Mode
- 232 Preshared key
- 233 Diffie-Hellman (DH) Key Groups
- 233 Perfect Forward Secrecy (PFS)
- 233 Configuring advanced Branch office setup
- 237 SA Monitor
- 239 Global settings
- 240 VPN Client Termination
- 244 VPN Client Termination IP pool summary
- 246 VPN Client Termination IP pool edit
- 247 VPN Client Termination advanced
- 253 Certificates
- 253 Certificates overview
- 254 Advantages of certificates
- 254 Self-signed certificates
- 255 Configuration summary
- 255 My Certificates
- 258 Certificate file formats
- 259 Importing a certificate
- 261 Creating a certificate
- 265 My Certificate details
- 269 Trusted CAs
- 272 Importing a Trusted CA certificate
- 273 Trusted CA Certificate details
- 277 Trusted remote hosts
- 279 Verifying a certificate of a trusted remote host
- 279 Trusted remote host certificate fingerprints
- 281 Importing a certificate of a trusted remote host
- 282 Trusted remote host certificate details
- 286 Directory servers
- 287 Add or edit a directory server
- 291 Bandwidth management
- 291 Bandwidth management overview
- 292 Bandwidth classes and filters
- 292 Proportional bandwidth allocation
- 292 Application based bandwidth management
- 292 Subnet based bandwidth management
- 293 Application and subnet based bandwidth management
- 293 Reserving bandwidth for nonbandwidth class traffic
- 294 Configuring summary
- 295 Configuring class setup
- 297 Bandwidth Manager Class Configuration
- 300 Bandwidth management statistics
- 302 Monitor
- 303 Authentication server
- 303 Introduction to Local User database
- 303 Local User database
- 305 Edit Local User Database
- 308 Current split networks
- 309 Current split networks edit
- 311 Configuring RADIUS
- 315 Remote management screens
- 315 Remote management overview
- 315 Remote management limitations
- 316 Remote management and NAT
- 316 System timeout
- 317 Introduction to HTTPS
- 318 Configuring WWW
- 320 HTTPS example
- 321 Internet Explorer warning messages
- 321 Netscape Navigator warning messages
- 323 Avoiding the browser warning messages
- 324 Logon screen
- 329 SSH overview
- 330 How SSH works
- 331 SSH implementation on the BCM50a Integrated Router
- 331 Requirements for using SSH
- 331 Configuring SSH
- 333 Secure Telnet using SSH examples
- 333 Example 1: Microsoft Windows
- 334 Example 2: Linux
- 335 Secure FTP using SSH example
- 336 Telnet
- 337 Configuring TELNET
- 338 Configuring FTP
- 339 Configuring SNMP
- 341 Supported MIBs
- 341 SNMP Traps
- 342 REMOTE MANAGEMENT: SNMP
- 343 Configuring DNS
- 344 Configuring Security
- 347 UPnP
- 347 Universal Plug and Play overview
- 347 How do I know if I am using UPnP?
- 347 NAT Traversal
- 348 Cautions with UPnP
- 348 UPnP implementation
- 348 Configuring UPnP
- 350 Displaying UPnP port mapping
- 351 Installing UPnP in Windows example
- 352 Installing UPnP in Windows Me
- 353 Installing UPnP in Windows XP
- 354 Using UPnP in Windows XP example
- 355 Autodiscover Your UPnP-enabled Network Device
- 357 WebGUI easy access
- 359 Logs Screens
- 359 Configuring View Log
- 361 Configuring Log settings
- 364 Configuring Reports
- 367 Viewing Web site hits
- 369 Viewing Protocol/Port
- 370 Viewing LAN IP address
- 372 Reports specifications
- 373 Call scheduling screens
- 373 Call scheduling introduction
- 373 Call schedule summary
- 375 Call scheduling edit
- 377 Applying Schedule Sets to a remote node
- 379 Maintenance
- 379 Maintenance overview
- 379 Status screen
- 381 System statistics
- 383 DHCP Table screen
- 384 Diagnostic Screen
- 386 F/W Upload screen
- 389 Configuration screen
- 389 Back to Factory Defaults
- 390 Backup configuration
- 390 Restore configuration
- 392 Restart screen
- 393 Troubleshooting
- 393 Problems Starting Up the BCM50a Integrated Router
- 394 Problems with the LAN LED
- 394 Problems with the LAN interface
- 395 Problems with the WAN interface
- 395 Problems with Internet access
- 396 Problems accessing an Internet Web site
- 396 Problems with the password
- 396 Problems with the WebGUI
- 396 Problems with Remote Management
- 397 Allowing Pop-up Windows, JavaScript and Java Permissions
- 397 Internet Explorer Pop-up Blockers
- 401 Internet Explorer JavaScript
- 403 Internet Explorer Java Permissions
- 405 Netscape Pop-up Blockers
- 409 Netscape Java Permissions and JavaScript
- 413 Log Descriptions
- 422 VPN/IPSec Logs
- 423 VPN Responder IPSec Log
- 431 Log Commands
- 431 Configuring what you want the BCM50a Integrated Router to log
- 432 Displaying Logs
- 433 Log Command Example
- 435 Index