Presentation is loading. Please wait.

Presentation is loading. Please wait.

Applying Application Filters Configuration Example Alcatel-Lucent Security Products Configuration Example Series.

Published byElaine Conley Modified over 7 years ago

Similar presentations

Presentation on theme: "Applying Application Filters Configuration Example Alcatel-Lucent Security Products Configuration Example Series."— Presentation transcript:

1 Applying Application Filters Configuration Example Alcatel-Lucent Security Products Configuration Example Series

2 All Rights Reserved © Alcatel-Lucent 2006, ##### Application Filters are an advanced firewall technique used to filter at the application layer (7) in protocols that allow application layer commands. Most firewall work is done at layer 3 & 4 of the OSI Model. Most of your rules will be making decisions based on IP addresses (layer 3) and port numbers (layer 4). Consider the FTP protocol. We know that FTP operates on port 21, but we also know that there are many commands in this protocol like; Put, Get and Ls. If you make a firewall rule allowing port 21 to a certain group of hosts you are allowing all of these commands to be used. In other words, people can “Put” things on those hosts. For finer granularity you may want to use the FTP Application filter to allow things like; Bin, Get, LS, Bye…. But you might want to block things like Md and Put. That’s where an application filter will come in handy. Think of an application filter as an application specific firewall attached to a rule. Configuring Application Filters

3 All Rights Reserved © Alcatel-Lucent 2006, ##### Application filters will also allow you to work within the protocol that you are filtering using the commands of that protocol to further secure your network. The HTTP application filter will allow us to filter on URL’s, URI’s as well as on Keywords. If for instance you wanted to block a series of sites from your users you could create a list of URL’s, URI’s or Keywords to block or “black list”. You could also block everything except a list of sites that you want to allow or “white list” Note: there may still be cases where you will want to use a third party, external URL Filtering appliances as well, you have the option of doing that in combination with the application filter running on your firewall. In fact you can route from the Brick to any third party scanning devices by protocol using the “Rules Based Routing” feature. See the configuration example on “Rules Based Routing” if you would like more detail on that. Configuring Application Filters

4 All Rights Reserved © Alcatel-Lucent 2006, ##### Configuring Application Filters These are the default Application Filters that come with the ALSMS as of release 9.1. This Configuration Example will walk you through configuring and testing the HTTP Application Filter. Other application filters are applied in the same manner. For details on configuring specific application filters see the ALSMS Policy Guide. Applying application filters is a simple 3 step process. Which will be covered in this example.

5 All Rights Reserved © Alcatel-Lucent 2006, ##### Let’s go ahead and configure a simple HTTP application filter and test it. Click on the Application Filters Folder Right click and select New Application Filter. Configuring Application Filters

6 All Rights Reserved © Alcatel-Lucent 2006, ##### Fill in the name HTTP-Application-Filter. Fill in a description Accept the default Type HTTP. Accept the defaults and click on the Keyword Tab. Right click and select New. Configuring Application Filters

7 All Rights Reserved © Alcatel-Lucent 2006, ##### In our example let’s say that we want to block a site who’s URL is www.music.com www.music.com From your PC on the web go to that site now and make sure it works. Fill in the keyword pattern matching editor as follows. You can block as many sites as you want using this application filter. When you are done click OK. Then click File>Save and Close. Configuring Application Filters

8 All Rights Reserved © Alcatel-Lucent 2006, ##### Next we are going to attach the application filter to one of our service groups. You may have already used this service group in a rule, if not you can and will now have the application filter applied to it. This simple test assumes that you have already applied an HTTP rule. Double click on the Service Groups folder. Double click on the HTTP service. Double click on the actual service to open this window. Attach your HTTP-Application-Filter by using the pull down menu at the bottom. Configuring Application Filters

9 All Rights Reserved © Alcatel-Lucent 2006, ##### Click OK Click File>Save and Close See if you can still go to the site www.music.com, You should be able to.www.music.com We have created a simple filter and attached it to a service that is used in our rule set. What we need to do now is open that rule set and do a Save and Apply. Click Clear Cache when you do this save and apply just in case you have a session already open with www.music.com www.music.com Now try the site www.music.com and you should get a 403 Forbidden warning.www.music.com Configuring Application Filters

10 All Rights Reserved © Alcatel-Lucent 2006, ##### The “music.com” example was a very simplistic example of blocking one URL. You can block as many as you would like. Let’s go add a keyword block to our application filter to see how that works. Double click on the Application Filters folder. Double click on your HTTP-Application-Filter. Click on the URI Tab. Right click and select New. Fill out the window as seen on the following slide. Configuring Application Filters

11 All Rights Reserved © Alcatel-Lucent 2006, ##### Note: The asterisks (**) are acting as wild cards for the characters before and after the word *truck* Click OK, File>Save and Close. Remember to go back and reapply your Firewall rule set. Configuring Application Filters

12 All Rights Reserved © Alcatel-Lucent 2006, ##### From the PC that you are surfing the web on, surf to your favorite car manufacturer. Click on their trucks and see if you can look at anything that has the word “truck” in the URI string. You should be blocked from seeing the trucks, but should be able to see their cars. Try www.ford.comwww.ford.com In real life you may want to block on keywords such as; *MP3*, *Gambling*, *Games* and others. This is a great way to block categories. If you are using a third party appliance for URL filtering as a secondary appliance, you will be filtering out a lot of traffic and making the job of that appliance easier by using this application filter. Try filtering on other things or try some of the other application filters. Configuring Application Filters

13 Lucent Technologies – Proprietary Use pursuant to company instruction Configuring Application Filters For more detailed information on configuring this feature click Help>On Line Product Manuals>Policy Guide See the section on Application Filters. The Product Manuals can also be found on your ALSMS CD.

Download ppt "Applying Application Filters Configuration Example Alcatel-Lucent Security Products Configuration Example Series."

Similar presentations

CCENT Study Guide Chapter 12 Security.

CCENT Study Guide Chapter 12 Security.
DSL-2730B, DSL-2740B, DSL-2750B.

DSL-2730B, DSL-2740B, DSL-2750B.
Filtering and Security By Mohammad Shanehsaz June 2004.

Filtering and Security By Mohammad Shanehsaz June 2004.
DSL-2870B How to Change ADSL Username and Password in your modem router How to Change Wireless Channel in your modem router How to Open Ports in your modem.

DSL-2870B How to Change ADSL Username and Password in your modem router How to Change Wireless Channel in your modem router How to Open Ports in your modem.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
14 July 2004 1 CONFIGURING A PROXY SERVER IN LINUX BY ROHIT KAUL CS, BITS-PILANI.

14 July CONFIGURING A PROXY SERVER IN LINUX BY ROHIT KAUL CS, BITS-PILANI.
Copyright 2010-2013 Kenneth M. Chipps Ph.D. www.chipps.com How to Use SNMP to Collect Network Data Last Update 2013.04.18 1.1.0 1.

Copyright Kenneth M. Chipps Ph.D. How to Use SNMP to Collect Network Data Last Update
Configuring NOE VOIP Alcatel-Lucent Security Products Configuration Example Series January 2010 Software Version 9.4.

Configuring NOE VOIP Alcatel-Lucent Security Products Configuration Example Series January 2010 Software Version 9.4.
File sharing. Connect the two win 7 systems with LAN card Open the network.

File sharing. Connect the two win 7 systems with LAN card Open the network.
Technical Training: DIR-615

Technical Training: DIR-615
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.

Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.
Advanced Networking for DVRs

Advanced Networking for DVRs
A Brief Taxonomy of Firewalls

A Brief Taxonomy of Firewalls
1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.

1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.
Installing and Configuring Tomcat A quick guide to getting things set up on Windows.

Installing and Configuring Tomcat A quick guide to getting things set up on Windows.
Eucalyptus Virtual Machines Running Maven, Tomcat, and Mysql.

Eucalyptus Virtual Machines Running Maven, Tomcat, and Mysql.
ADMINISTRATION HANDS-ON. Page 2 About the Hands-On This hands-on section is structured in a way, that it allows you to work independently, but still giving.

ADMINISTRATION HANDS-ON. Page 2 About the Hands-On This hands-on section is structured in a way, that it allows you to work independently, but still giving.
1 Web Server Administration Chapter 3 Installing the Server.

1 Web Server Administration Chapter 3 Installing the Server.
Copyright ©: 1995-2011 SAMSUNG & Samsung Hope for Youth. All rights reserved Tutorials Software: Building apps Suitable for: Advanced.

Copyright ©: SAMSUNG & Samsung Hope for Youth. All rights reserved Tutorials Software: Building apps Suitable for: Advanced.

Similar presentations

Ads by Google