ZyXEL Communications 100 Series, 200 Series 31.1.3Before You Begin

Chapter 31 Content Filtering

The ZyWALL can disable web proxies and block web features such as ActiveX controls, Java applets and cookies.

•Customize Web Site Access

You can specify URLs to which the ZyWALL blocks access. You can alternatively block access to all URLs except ones that you specify. You can also have the ZyWALL block access to URLs that contain particular keywords.

Content Filtering Configuration Guidelines

When the ZyWALL receives an HTTP request, the content filter searches for a policy that matches the source address and time (schedule). The content filter checks the policies in order (based on the policy numbers). When a matching policy is found, the content filter allows or blocks the request depending on the settings of the filtering profile specified by the policy. Some requests may not match any policy. The ZyWALL allows the request if the default policy is not set to block. The ZyWALL blocks the request if the default policy is set to block.

External Web Filtering Service

When you register for and enable the external web filtering service, your ZyWALL accesses an external database that has millions of web sites categorized based on content. You can have the ZyWALL block, block and/or log access to web sites based on these categories.

Keyword Blocking URL Checking

The ZyWALL checks the URL’s domain name (or IP address) and file path separately when performing keyword blocking.

The URL’s domain name or IP address is the characters that come before the first slash in the URL. For example, with the URL www.zyxel.com.tw/news/pressroom.php, the domain name is www.zyxel.com.tw.

The file path is the characters that come after the first slash in the URL. For example, with the URL www.zyxel.com.tw/news/pressroom.php, the file path is news/pressroom.php.

Since the ZyWALL checks the URL’s domain name (or IP address) and file path separately, it will not find items that go across the two. For example, with the URL www.zyxel.com.tw/ news/pressroom.php, the ZyWALL would find “tw” in the domain name (www.zyxel.com.tw). It would also find “news” in the file path (news/pressroom.php) but it would not find “tw/news”.

Finding Out More

•See Section 5.4.17 on page 119 for related information on these screens.

•See Section 31.8 on page 548 for content filtering background/technical information.

•You must configure an address object, a schedule object and a filtering profile before you can set up a content filter policy.

•You must register the content filtering standard (in the Licensing > Registration > Service) or trial (Licensing > Registration > Registration) service before you can use external database content filtering (in the Anti-X > Content Filter > Filter Profiles > Categories).