HP VPN Firewall Appliances Attack Protection Configuration Guide
142
Hardware Content monitorin
g
com
p
atibilit
y
U200-A/U200-M/U200-CA Yes
U200-S/U200-CS/U200-CM Yes
Overview
In conventional network security solutions, network attack defense focuses on attacks from external
networks. However, with the popularity of networks in every walk of life, attacks from LANs are
increasing, which requires network devices to accommodate internal network security features. The
content monitoring feature is developed to meet this requirement.
The content monitoring feature monitors, filters, and logs user network access behaviors, including:
• Instant messaging (IM) applications, such as QQ and MSN.
• Remote access applications, such as FTP.
• Database applications, such as Oracle, Sybase, SQL Server, and MySQL.
Recommended configuration procedure
Ste
p
Remarks
1. Configuring the content monitoring log output
parameter
Optional.
Specify whether to send logs to remote log hosts
By default, logs are not sent to remote log hosts.
2. Creating a content monitoring policy
Required.
No content monitoring policy exists by default.
3. Applying a content monitoring policy
Required.
No content filtering policy is applied.
Configuring the content monitoring log output parameter
1. Select Advanced Security Prevention > Content Monitoring from the navigation tree.
The Content Monitoring Policies tab is displayed, as shown in Figure 121.