We are going to add a policy by applying a content filter, we are going to define the parameters for this policy and consider the filter to URLs that are understood as “Unproductive” categories.

To define this list of categories, it is interesting to consult them first in Diagnostics - Category Lookup, or even browse the profiles in Services - Web Filter in Web Categories, click on [] in order to identify the categories that fall under this type of classification.


Services - Web Filter – Web Categories


List of categories identified as unproductive.

  • Entertainment;
  • MP3;
  • Gambling and betting;
  • Games;
  • Bandwidth management;
  • Internet radio and TV;
  • Streaming media;
  • Society and lifestyles;
  • Personal ads and dating;
  • Personal Web Sites;
  • Sports;
  • Tourism.


Below is a summary of what will be configured in the rule:


  • [Properties]: Productivity Loss, Enable traffic logging; Policy Group=Web Filter; TAG = Block;
  • [Conditions]: IP network zone = "LAN"; Services (HTTP; HTTPS); Authenticated;
  • [Inspection]: SSL Inspection and Web Filter;
  • [Routing]: No controls.


To add a security policy follow the steps:

To add a security policy, in the action menu [], click on the “Create Policy” option;


IPv4 - Actions Menu - Create Policy


Configure each tab according to the settings shown below.

 

Properties


In the [Properties] tab, in Name, name it as: “Productivity Loss”;

In Description type “Productivity Loss”;

In Action leave the option "Allow", you will make the block through the profile of Web Filter;

In Policy Group select “Web Filter”;

In Tags type “Block”;

Select the Traffic Logging checkbox Traffic Logging [].

You will have arrived at the result illustrated by the image below:


Create Policy – Ex. 2 – Properties


Select the next tab, [Conditions].


Conditions


In the [Conditions] tab, in Network Zone select: “LAN”;

In Service select HTTP and HTTPS services;

Select the Authenticated [] checkbox.

You will have arrived at the result illustrated by the image below:


When selecting HTTP and HTTPS services, speed up simply by typing "HTTP" in the search field, by default only HTTP and HTTPS services will appear, then just select both.


Create Policy – Ex. 2 – Conditions


Select the next tab, [Inspection].


Inspection


On the [Inspection] tab, check the SSL Inspection [] checkbox and add a profile that inspects HTTPS (For for more information, check this page);

Select the Web Filter [] checkbox and select the profile related to the unproductive categories (For more information, check this page);

You will have arrived at the result illustrated by the image below:


Create Policy – Ex. 2 – Inspection


Select the next tab, [Routing].


Routing


In the [Routing] tab, no control will be activated, as exemplified by the following image:


Create Policy – Ex. 2 – Routing


After configuring each tab according to the definition of the applied policy, click on [].


Policy Saved Successfully


The screen illustrated in the following image will be displayed:


Create PolicyProductivity Loss


After saving, for the policy to take effect it will be necessary to access the command queue [] and apply the changes made. For more information on the command queue access the page: UTM - Command queue.


After performing these procedures, the policy will have been successfully configured.


In example 2, we define and add a blocking policy for some categories of unproductive content sites.

  • No labels