SRX Services Gateway
Highlighted
SRX Services Gateway

YouTube's web filtering block is not running

4 weeks ago

I have created a web filtering block for YouTube, Facebook, Instagram on Juniper SRX, how to configure it properly and correctly.

at this time I have made the rule youtoube run but must clear cookies first why? I may not clear all users

 

}
web-filtering {
type juniper-enhanced;
juniper-enhanced {
cache {
timeout 1800;
size 1500;
}
server {
host 
profile Westindo {
category {
Enhanced_Adult_Material {
action block;
}
Enhanced_Abused_Drugs {
action block;
}
Enhanced_Abortion {
action block;
}
Enhanced_Alcohol_and_Tobacco {
action block;
}
Enhanced_Bot_Networks {
action block;
}
Enhanced_Drugs {
action block;
}
Enhanced_Gambling {
action block;
}
Enhanced_Racism_and_Hate {
action block;
}
Enhanced_Nudity {
action block;
}
Enhanced_Sex {
action block;
}
Enhanced_Adult_Content {
action block;
}
Enhanced_Proxy_Avoidance {
action block;
}
Enhanced_Sex_Education {
action block;
}
Enhanced_Gay_or_Lesbian_or_Bisexual_Interest {
action block;
}
Enhanced_Mobile_Malware {
action block;
}
Enhanced_Shopping {
action permit;
}
Enhanced_URL_Translation_Sites {
action permit;
}
Enhanced_Freeware_and_Software_Download {
action permit;
}
Enhanced_Website_Translation {
action permit;
}
Enhanced_Travel {
action permit;
}
Enhanced_Games {
action block;
}
Web_access {
action permit;
}
Web_block {
action block;
}
Enhanced_Social_Web_Youtube {
action block;
}
}
site-reputation-action {
very-safe permit;
moderately-safe permit;
fairly-safe log-and-permit;
suspicious log-and-permit;
harmful block;
}
default log-and-permit;
fallback-settings {
default log-and-permit;
server-connectivity log-and-permit;
timeout log-and-permit;
too-many-requests log-and-permit;
}
}
profile SRX-345 {
category {
Enhanced_Social_Web_Youtube {
action block;
}
}
custom-block-message "WEB INI TIDAK BISA DI AKSES !!!!";
fallback-settings {
default log-and-permit;
server-connectivity log-and-permit;
timeout log-and-permit;
too-many-requests log-and-permit;
}
}

4 REPLIES 4
Highlighted
SRX Services Gateway

Re: YouTube's web filtering block is not running

[ Edited ]
4 weeks ago

Hello,

 

There are 2 ways to block the HTTPS sites in SRX using EWF.

 

  • SNI method
  • SSL Forward proxy method

For configuration assistance, please check the following KB article - https://kb.juniper.net/InfoCenter/index?page=content&id=KB31122&cat=M71&actp=LIST

 

It is best to go for SSL Forward Proxy method because it will provide you with the block message for HTTPS website while the SNI method doesn't. Also, in SNI method you need to capture the packet using Wireshark in your PC to determine the server name in the Client Hello message.

 

As mentioned in the above KB article, configure the Web filtering Syslog so that we can check whether the websites which you have denied are working as expected.

 

Also, please check whether the web-filtering is Active using the following command - "show security utm web-filtering status"

 

Let me know if you have any queries.



Thanks,
π00bm@$t€®.
Please, Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
Highlighted
SRX Services Gateway

Re: YouTube's web filtering block is not running

3 weeks ago

Hello,

 

One more thing I would like to add; I'm not sure about clearing the browser cookies but once you configure the changes for youtube block, you need to clear the session for that particular source in the SRX because if the user is already using youtube then the existing session won't be reflected to your new change.

 

Hope it helps.



Thanks,
π00bm@$t€®.
Please, Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
Highlighted
SRX Services Gateway

Re: YouTube's web filtering block is not running

3 weeks ago

how to clear the session for that particular source in the SRX ?

Highlighted
SRX Services Gateway

Re: YouTube's web filtering block is not running

3 weeks ago

user@host> clear security flow session source-prefix <source-ip>



Thanks,
π00bm@$t€®.
Please, Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
Feedback