XSR Firewall Feature Set Functionality

On Board URL Filtering

This features lets you block access to a list of Uniform Resource Locators (URLs) or limit access to certain approved sites. The XSR extracts the absolute URL from the Get and Host headers of the http Request packet sent by web browser, and matches that to a list of approved (white list), or banned (black list) URLs.

Importing URL Lists from an ASCII File

The XSR supports the import of URL lists from a user-specified ASCII text file using the ip firewall url-load-xxx name_of_url_xxx_list command where xxx stands for black-listor white-list. URL lists can be stored in either Flash or CFlash directories. Any of the following commands are acceptable:

XSR(config)#ip firewall url-load-black-list blacklists.txt XSR(config)#ip firewall url-load-black-list flash:blacklists.txt XSR(config)#ip firewall url-load-white-list cflash:whitelists.txt

Writing URL List Entries

When the ip firewall url-load-xxxcommand is run, the XSR immediately reloads the URL list database from the file. When you write URL entries for the file, observe the following:

Entries are compared in a case-insensitive manner

Up to 30 URL entries, each of which can be up to 63 characters long after leading and trailing white spaces (SPACEs, TABs) are removed from the input line. If a URL string has more than 63 characters, the XSR truncates it to 63 characters.

If the URL file contains more than 30 entries, only the first 30 entries are loaded.

A URL list generally contains keywords of the URL you want to match. It can be as specific as a particular web page in a directory of an organization such as www.w3.org/pub/WWW/ theProject.htm, or as general as a domain name such as playboy.com, or simply a file name such as readme.eml. The following are sample URLs:

arcadegamesonline.com

games.yahoo.com

siterankings.com/cgi-bin/casinos

mail.bigmailbox.com/users/casinoranking.com

top-lasvegas.com/en

java.omnisportsbookmembers.com/javacasino

216.91.118.35/ibet

members.aol.com/winatcraps

playboy.com

readme.eml

Enabling URL Filtering in Firewall Policy

The XSR firewall policy command lets you specify URL checking using the keywords URL-Wor URL-B. URL-Binstructs the XSR to compare the requested URL with a URL black list, so if a user tries to access a URL matching any black list entry, access will be blocked and the user presented with a blocked page similar to Figure 16-11below. If the URL black list is not loaded, access is allowed.

16-14 Configuring Security on the XSR

Page 399 Page 401
Page 400
Image 400
Enterasys Networks X-PeditionTM On Board URL Filtering, Importing URL Lists from an Ascii File, Writing URL List Entries
Page 399 Page 401
Top Page Image Contents