Manualshelf

R3166-R3206-HP High-End Firewalls Attack Protection Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
41424344454647484950
40
If the parameters are transmitted by the method of Get, Post or Put, the device compares the URL
parameters against the configured filtering keywords. If a match is found, the device denies the
request; otherwise, the device forwards the request.
Java blocking
Overview
Java blocking can protect networks from being attacked by malicious Java applets.
After the Java blocking function is enabled, Java applet requests to all web pages will be filtered. If Java
applets on some web pages are expected, you can configure ACL rules to permit for Java applet requests
to these web pages.
Processing procedure
If the Java blocking function is enabled but no ACL is configured for it, the device replaces
suffixes .class and .jar with .block in all HTTP requests and then forwards the requests.
If the Java blocking function is enabled and an ACL is configured for it, the device determines
whether to replace suffixes .class and .jar with .block in HTTP requests according to the ACL rules.
If the destination server of an HTTP request is a server permitted by the ACL, no replacement occurs
and the request is forwarded; otherwise, the suffix in the request is replaced with .block and then
the request is forwarded.
In addition to the default blocking suffixes .class and .jar, you can manually add other Java
blocking suffixes (that is, the filename suffixes to be replaced in HTTP requests).
ActiveX blocking
Overview
ActiveX blocking can protect networks from being attacked by malicious ActiveX plugins.
After the ActiveX blocking function is enabled, requests for ActiveX plugins to all web pages will be
filtered. If the ActiveX plugins on some web pages are expected, you can configure ACL rules to permit
requests for ActiveX plugins to these web pages.
Processing procedure
If the ActiveX blocking function is enabled but no ACL is configured for it, the device replaces
suffix .ocx with .block in all HTTP requests and then forwards the requests.
If the ActiveX blocking function is enabled and an ACL is configured for it, the device determines
whether to replace suffix .ocx with .block in HTTP requests according to the ACL rules. If the
destination server in an HTTP request is a server permitted by the ACL, no replacement occurs and
the request is forwarded; otherwise, the suffix is replaced with .block and then the request is
forwarded.
In addition to the default blocking suffix .ocx, you can manually add other ActiveX blocking suffixes
(that is, the filename suffixes to be replaced in HTTP requests).
Filtering rule file backup and loading
Filtering rule backup
You can back up the filtering keywords by saving them into a specified file. Currently, this feature is
available only to URL address filtering and URL parameter filtering.