You are here: Webhelp > Object > Data Security > Configuring Objects

Configuring Objects

Objects mean the items referenced during Content Filter rules. When using the data security function, you need to configure the following objects:

Object Description
Predefined URL DB The predefined URL database includes dozens of categories and tens of millions of URLs and you can use it to specify the URL category and URL range for the URL category/Web posting functions.
User-defined URL DB The user-defined URL database is defined by yourself and you can use it to specify the URL category and URL range for the URL category/Web posting functions.
URL Lookup Use the URL lookup function to inquire URL information from the URL database.
Keyword Category Use the keyword category function to customize the keyword categories. You can use it to specify the keyword for the URL category/Web posting/email filter functions.
Warning Page Enable or disable the warning page.
  • Block warning: When your network access is blocked, a warning page will prompt in the Web browser.
  • Audit warning: When your network access is audited, a warning page will prompt in the Web browser.
Bypass Domain Domains that are not controlled by the internet behavior control rules.
Exempt User Users that are not controlled by the internet behavior control rules.

Predefined URL DB

The system contains a predefined URL database.

The predefined URL database is controlled by a license controlled. Only after a URL license is installed, the predefined URL database can be used.

The predefined URL database provides URL categories for the configurations of Web content/Web posting. It includes dozens of categories and tens of millions of URLs .

When identifying the URL category of a URL, the user-defined URL database has a higher priority than the predefined URL database.

Configuring Predefined URL Database Update Parameters

By default, the system updates predefined URL database everyday. You can change the update parameters according to your own requirements. Currently, two default update servers are provides: https://update1.hillstonenet.com and https://update2.hillstonenet.com. Besides, you can update the predefined URL database from your local disk.

To change the update parameters:

  1. Select System > Upgrade Management > Signature Database Update.
  2. In the URL category database update section, you can view the current version of the database, perform the remote update, configure the remote update, and perform the local update.
  3. Click Enable button of Auto Updateto enable the automatic update function. And then continue to specify the frequency and time. Click OK to save your settings.
  4. Double click an entry of Update Server to configure the update server URL. Specify the URL or IP address of the update server, and select the virtual router that can connect to the server. To restore the URL settings to the default ones, click Restore Default.
  5. Double click an entry of Proxy Server, then enter the IP addresses and ports of the main proxy server and the backup proxy server. When the device accesses the Internet through a HTTP proxy server, you need to specify the IP address and the port number of the HTTP proxy server. With the HTTP proxy server specified, various signature database can update normally.
  6. Click OK to save the settings.

Upgrading Predefined URL Database Online

To upgrade the URL database online:

  1. Select System > Upgrade Management > Signature Database Update.
  1. In the URL category database update section, click Update to update the predefined URL database.

Upgrading Predefined URL Database from Local

To upgrade the predefined URL database from local:

  1. System > Upgrade Management > Signature Database Update
  2. In the URL category database update section, click Browse to select the URL database file from your local disk.
  3. Click Upload to update the predefined URL database.

User-defined URL DB

Besides categories in predefined URL database, you can also create user-defined URL categories, which provides URL categories for the configurations of Web content/Web posting. When identifying the URL category, the user-defined URL database has a higher priority than the predefined URL database.

System provides three predefined URL categories: custom1, custom2, custom3. You can import your own URL lists into one of the predefined URL category.

Configuring User-defined URL DB

To configure a user-defined URL category:

  1. Select Object > URL Filtering> Profile.
  2. At the top-right corner, select Configuration > User-defined URL DB. The User-defined URL DB dialog appears.
  3. Click New. The URL Category dialog appears.
  4. Type the category name in the Category box. URL category name cannot only be a hyphen (-). And you can create at most 16 user-defined categories.
  5. Type a URL into the URL http(s):// box.
  6. Click Add to add the URL and its category to the table.
  7. To edit an existing one, select it and then click Edit. After editing it, click Add to save the changes.
  1. Click OK to save the settings.

Importing User-defined URL

System supports to batch import user-defined URL lists into the predefined URL category named custom1/2/3. To import user-defined URL:

  1. Select Object > URL Filter.
  2. At the top-right corner, select Configuration > User-defined URL DB. The User-defined URL DB dialog appears.
  3. Select one of the predefined URL category(custom1/2/3), and then click Import.
  4. In the Batch Import URL dialog, click Browse button to select your local URL file. The file should be less than 1 M, and has at most 1000 URLs. Wildcard is supported to use once in the URL file, which should be located at the start of the address.
  5. Click OK to finish importing.

Clearing User-defined URL

In the predefined URL category named custom1/2/3, clear user-defined URL:

  1. Select Object > URL Filter.
  2. At the top-right corner, select Configuration > User-defined URL DB. The User-defined URL DB dialog appears.
  3. Select one of the predefined URL category(custom1/2/3), and then click Clear, the URL in the custom 1/2/3 will be cleared from the system.

URL Lookup

You can inquire a URL to view the details by URL lookup, including the URL category and the category type.

Inquiring URL Information

To inquiry URL information:

  1. Select Object > URL Filtering> Profile.
  2. At the top-right corner, click Configuration > URL Lookup. The URL Lookup dialog appears.
  3. Type the URL into the Please enter the URL to inquire box.
  4. Click Inquire, and the results will be displayed at the bottom of the dialog.

Configuring URL Lookup Servers

URL lookup server can classify an uncategorized URL (URL is neither in predefined URL database nor in user-defined URL database) you have accessed, and then add it to the URL database during database updating. Two default URL lookup servers are provided: url1.hillstonenet.com and url2.hillstonenet.com. By default, the URL lookup servers are enabled.

To configure a URL lookup server:

  1. Select Object > URL Filtering> Profile.
  2. At the top-right corner, Select Configuration > Predefined URL DB. The Predefined URL DB dialog appears.
  3. Click Inquiry Server Configuration. The Predefined URL DB Inquiry Server Configuration dialog appears.
  4. In the Inquiry server section, double-click the cell in the IP/Port/Virtual Router column of Server1/2 and type a new value.
  5. Select the check box in the Enable column to enable this URL lookup server.
  6. Click OK to save the settings.

Keyword Category

You can customize the keyword category and use it in the internet behavior control function.

After configuring a internet behavior control rule, the system will scan traffic according to the configured keywords and calculate the trust value for the hit keywords. The calculating method is: adding up the results of times * trust value of each keyword that belongs to the category. Then the system compares the sum with the threshold 100 and performs the following actions according to the comparison result:

  • If the sum is larger than or equal to category threshold (100), the configured category action will be triggered;
  • If more than one category action can be triggered and there is block action configured, the final action will be Block;
  • If more than one category action can be triggered and all the configured actions are Permit, the final action will be Permit.

For example, a web content rule contains two keyword categories C1 with action block and C2 with action permit. Both of C1 and C2 contain the same keywords K1 and K2. Trust values of K1 and K2 in C1 are 20 and 40. Trust values of K1 and K2 in C2 are 30 and 80.

If the system detects 1 occurrence of K1 and K2 each on a web page, then C1 trust value is 20*1+40*1=60<100, and C2 trust value is 30*1+80*1=110>100. As a result, the C2 action is triggered and the web page access is permitted.

If the system detects 3 occurrences of K1 and 1 occurrence of K2 on a web page, then C1 trust value is 20*3+40*1=100, and C2 trust value C2 is 30*3+80*1=170>100. Conditions for both C1 and C2 are satisfied, but the block action for C1 is triggered, so the web page access is denied.

Configuring a Keyword Category

To configure a keyword category:

  1. Select Object > URL Filtering> Profile.
  2. At the top-right corner, Select Configuration > Keyword Category. The Keyword Category dialog appears.
  3. Click New. The Keyword Category Configuration dialog appears.
  4. Type the category name.
  5. Click New. In the slide area, specify the keyword, character matching method (simple/regular expression), and trust value (100 by default).
  6. Click Add to add the keyword to the list below.
  7. Repeat the above steps to add more keywords.
  8. To delete a keyword, select the keyword you want to delete from the list and click Delete.
  9. Click OK to save your settings.

Warning Page

The warning page shows the user block information and user audit information. You can enable or disable the warning page as needed.

The warning page include predefined warning page and user-defined warning page.

  • Predefined warning page: Displays the predefined warning information content, including prompt information and warning reasons.
  • User-defined warning page: You can customize the warning page by custom warning information and pictures. For details, please refer to Warning Page Management..

Enabling/ Disabling the Block Warning

The block warning is disabled by default. If the internet behavior is blocked by the internet behavior control function, the Internet access will be denied. The information of Access Denied will be shown in your browser, and some web surfing rules will be shown to you on the warning page at the same time. The predefined warning page below:

After enabling the block warning function, block warning information will be shown in the browser when one of the following actions is blocked:

  • Visiting the web page that contains a certain type of keyword category
  • Posting information to a certain type of website or posting a certain type of keywords
  • HTTP actions of Connect, Get, Put, Head, Options, Post, and Trace.

To enable or disable the block warning:

  1. Click Object > URL Filtering> Profile.
  2. At the top-right corner, Select Configuration > Warning Page. The Warning Page dialog appears.
  3. In the Block Warning section, select Enable.To disable this function, unselect the Enable check box.
    • If the user-defined warning page is not configured, the predefined warning page will be used.
    • If the user-defined warning page is configured and enabled, the user-defined warning page will be used.
    For details, please refer to Warning Page Management..
  4. Click OK to save the settings.

Enabling/ Disabling the Audit Warning

The audit warning function is disabled by default. After enabling the audit warning function, when your internet behavior matches the configured internet behavior rules, your HTTP request will be redirected to a warning page, on which the audit and privacy protection information is displayed. See the picture below:

To enable or disable the audit warning function:

  1. Select Object > Data Security>Content Filter> Web Content/Web Posting/Email Filter/HTTP/FTP Control.
  2. At the top-right corner, Select Configuration > Warning Page. The Warning Page dialog appears.
  3. In the Audit Warning section, select Enable.To disable this function, unselect the Enable check box.
    • If the user-defined warning page is not configured, the predefined warning page will be used.
    • If the user-defined warning page is configured and enabled, the user-defined warning page will be used.
    For details, please refer to Warning Page Management..
  4. Click OK to save the settings.

Bypass Domain

Regardless of internet behavior control rules, requests to the specified bypass domains will be allowed unconditionally.

To configure a bypass domain:

  1. Select Object > Data Security>Content Filter> Web Content/Web Posting/Email Filter/HTTP/FTP Control.
  2. At the top-right corner, Select Configuration > Bypass Domain. The Bypass Domain dialog appears.
  3. Click New.In the text box, type the domain name. The domain name will be added to the system and displayed in the bypass domain list.
  4. Click OK to save the settings.

Exempt User

The Exempt User function is used to specify the users who will not be controlled by the internet behavior control rules. The system supports the following types of exempt user: IP, IP range, role, user, user group, and address entry.

To configure the user exception:

  1. Select Object > Data Security>Content Filter> Web Content/Web Posting/Email Filter/HTTP/FTP Control.
  1. At the top-right corner, Select Configuration > Exempt User. The Exempt User dialog appears.
  2. Select the type of the user from the Type drop-down list.
  3. Configure the corresponding options.
  4. Click Add. The user will be added to the system and displayed in the exempt user list.
  5. Click OK to save the settings.