Applies to Platform: UTM 2.4, UTM 2.5
Last Update: 28 April 2011
This lesson will illustrate the necessary steps to configure a very simple transparent web proxy on a typical Endian appliance. A transparent web proxy is one that requires no client-side changes to operate effectively (all traffic is tranparently redirected). The primary purpose of the web proxy is to (1) allow for a simple method to filter web traffic to appropriate levels for business and (2) provide accountability for user web traffic.
Note
Enable the Web Proxy
The first step is to enable the web proxy by clicking the gray button (which will turn green when enabled). Once this is done, we can configure the networks we want to be filtered transparently (using Green only in this example).
Configure the Log Settings
Since we want to have all web access (allowed and blocked) logged for review purposes, we're going to enable the appropriate logging options.
Click Save and then Apply the changes to proceed.
Configure the Content Filter Profile (Default)
In this example, we're only going to configure web filtering by URL Blacklist (only) for ease and administration purposes. The first thing we'll do is ensure our HTTP antivirus is enabled by checking the appropriate box. You can select the whole category to block by clicking the green arrow or, alternatively, you can drop down the subcategories and select those individually in order to block some and not others. You can also attach custom white- or blacklists to this profile as well.
Click Update Profile and then Apply the changes to proceed.
Note
Configure the Access Policy
The last step is to create an access policy which will map the content filtering profile based on a specific network configuration. In the example above, we're creating a simple policy for the Green zone (entire network) that is using the content filtering profile (default) that we just configured in the previous step.
Click Create Profile and then Apply the changes to finalize the configuration.
Test the Web Proxy
You can test your configuration now by browsing the Internet from the Green network and you should see a block page on sites that match the categories selected.
Verify Logging
You should also be able to view all the web traffic in real-time by going to Logs > Live Log Viewer and select the "Web Proxy" log to view.
Still valid for 2.5
Warning - Google has changed some thing is their search engine, especially in the google images search - which is now seemingly capable of bypassing the contentfilter used in Endian (dansguardian). There are numerous posts about this issue on various forums
How block everybody in "block the following sites" except some sites in "allow the following sites"?
Proxy: How block everybody in "block the following sites" except some sites in "allow the following sites"?