Filter
Top Products
Firewall Protection
182
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Several types of blocking are available:
• Web component blocking. You can block the following web component types: proxy,
Java, ActiveX, and cookies. Even sites that are listed in the Trusted Domains table are
subject to web component blocking when the blocking of a particular web component is
enabled.
- Proxy.
A proxy server (or simply, proxy) allows computers to route connections to
other computers through the proxy, thus circumventing certain firewall rules. For
example, if connections to a specific IP address are blocked by a firewall rule, the
requests can be routed through a proxy that is not blocked by the rule, rendering the
restriction ineffective. Enabling this feature blocks proxy servers.
- Java. Blocks
Java applets from being downloaded from pages that contain them.
Java applets are small programs embedded in web pages that enable dynamic
functionality of the page. A malicious applet can be used to compromise or infect
computers. Enabling this setting blocks Java applets from being downloaded.
- ActiveX. Similar to Java
applets, ActiveX controls are installed on a Windows
computer running Internet Explorer. A malicious ActiveX control can be used to
compromise or infect computers. Enabling this setting blocks ActiveX applets from
being downloaded.
- Cookies. Co
okies are used to store session information by websites that usually
require login. However, several websites use cookies to store tracking information
and browsing habits. Enabling this option blocks cookies from being created by a
website.
Note: Many websites require that cookies be accepted for the site to be
accessed correctly. Blocking cookies might interfere with useful
functions provided by these websites.
• Keyword blocking (domain name blocking). You can specify up to 32 words to block. If
any of these words appear in the website name (URL) or in a newsgroup name, the
website or newsgroup is blocked by the VPN firewall.
You can apply the keywords to one or more LAN groups. Requests from the computers in
the g
roups are blocked where keyword blocking has been enabled. Blocking does not
occur for the computers in the groups where keyword blocking has been disabled.
You can bypass keyword blocking for trusted domains by adding the exact matching
domain t
o the Trusted Domains table. Access to the domains or keywords on this list by
computers in the groups for which keyword blocking has been enabled is allowed without
any blocking.
Keyword application examples:
• If the
keyword “xxx” is specified, the URL http://www.companycom/xxx.html is
blocked, as is the newsgroup alt.pictures.xxx.