Manualshelf

HP VPN Firewall Appliances Attack Protection Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
111112113114115116117118119120
113
Figure 96 Network diagram
Configuration procedure
1. Specify the IP addresses for the interfaces and assign the interfaces to appropriate zones. (Details
not shown.)
2. Configure filtering entries:
# Create a keyword filtering entry kwd1 and enter its view.
<Firewall> system-view
[Firewall] content-filtering keyword-entry kwd1
# Add a keyword abc to the entry kwd1.
[Firewall-contflt-keyword-kwd1] keyword fix-string abc
[Firewall-contflt-keyword-kwd1] quit
# Create a keyword filtering entry kwd2 and enter its view.
[Firewall] content-filtering keyword-entry kwd2
# Add a keyword reboot to the entry kwd2.
[Firewall-contflt-keyword-kwd2] keyword fix-string reboot
[Firewall-contflt-keyword-kwd2] quit
# Create a filename filtering entry file1 and enter its view.
[Firewall] content-filtering filename-entry file1
# Add a filename *.exe to the entry file1.
[Firewall-contflt-filename-file1] filename *.exe
[Firewall-contflt-filename-file1] quit
# Create a filename filtering entry file2, and enter its view.
[Firewall] content-filtering filename-entry file2
# Add a filename abc to the entry file2.
[Firewall-contflt-filename-file2] filename abc
[Firewall-contflt-filename-file2] quit
3. Configure content filtering policies:
# Create an HTTP filtering policy http_policy1 and enter its view.
[Firewall] content-filtering http-policy http_policy1
# Specify the keyword filtering entry kwd1 for HTTP body filtering.
[Firewall-contflt-http-policy-http_policy1] body-filtering keyword-entry kwd1
[Firewall-contflt-http-policy-http_policy1] quit
# Create an HTTP filtering entry http_policy2 and enter its view.
[Firewall] content-filtering http-policy http_policy2