Follow

URL Filtering For The HTTPS Proxy

Version 5.0.5

Applies to platform: UTM 5.0.5 and later
Last Update: 16 April 2018

This article illustrate the necessary steps to configure the URL filtering for HTTPS proxy server. 

Note

If you have an Endian Appliance with version 5.0.4 or lower, you can not use URL Filtering. You can use the HTTPS proxy in what is now called Decript and scan mode, and set it up according to this how to.

Requirements

  • An Endian UTM Appliances equipped with at least Version 5.0.5.
  • The HTTP Proxy must be enabled and configured. You can follow the Enable HTTP Proxy section of this article.
  • The Endian must be the DNS Server of the clients. If not, the DNS Proxy must be enabled.

Introduction

In version 5.0.5 the new URL Filtering functionality has been introduced in the HTTPS Proxy as an alternative to the only modality available. The characteristics of this approach are:

  • No certificate is needed by the clients.
  • No antivirus check will be carried out.
  • When a page is blocked by the proxy, the browser will receive a Connection refused error message.
  • HTTPS URL filtering will use WhitelistsBlacklists, and Categories defined in the Access Policy and Web filter tabs of the HTTP Proxy.

Configuration

To enable the HTTPS proxy in URL Filternig mode, go to Proxy > HTTP > HTTPS Proxy.

https-05.png

From the HTTPS Proxy operating mode drop-down menu choose URL Filtering and click on Save. You will be prompted by a green callout that reminds you that the Endian UTM Appliance must either

  1. Act as the DNS server for the clients, or
  2. the DNS Proxy must be enabled on the Endian UTM Appliance.

https-04.png

If case 1. is true, all you need to do is to click on Save and wait a few seconds to be activate the HTTPS Proxy.

Otherwise, in case the Endian is not the DNS Server, go to Proxy > DNS, tick the checkboxes of the zones where the HTTPS Proxy is enabled, then click on Save and finally on Apply to enable the DNS Server.

dns-proxy.png

At this point the set up of the URL Filtering is complete. 

Verify the connection

To verify that the HTTPS Proxy is working, from one client try to access a site which is in the blacklist or that falls in the blocked categories of the Web Filter. You will see an error message similar to the one in the following image.

 

Have more questions? Submit a request

Comments