How to check Content Filter service when it is not working as expected
Web Content Filtering Process
1. A user enters a URL into their web browser.
2. The user’s computer sends a DNS query for the URL
3. The DNS server returns an IP addresses for the URL.
4. The user’s web browser connects to the IP address.
5. The Web Content Filter detects an HTTP connection, and inspects the website send using Server Name Indication (SNI).
6. If the website contains prohibited material, the HTTP request is redirected to a block page.
1. Check if you have blocked QUIC Protocol (UDP443) and put in the higher priority.
2. Check if the URL can be classified. If not, make sure firewall has the internet access or contact Zyxel Support.
3. Check if the option “Enable HTTPS Domain Filter for HTTPS traffic” is enabled.Select this check box to have the Zyxel Device block HTTPS web pages using the cloud category service. In an HTTPS connection, the Zyxel Device can extract the Server Name Indication (SNI) from a client request, check if it matches a category in the cloud content filter and then take appropriate action. The keyword match is for the domain name only.
4. Make sure you have disabled the Proxy setting on the endpoint such as OS, antivirus software and the browser. Please note that some browsers have their own proxy settings.
5. Capture the packets to check there is SNI which you want to manage.
- 8.5K All Categories
- 1.6K Nebula
- 71 Nebula Ideas
- 57 Nebula Status and Incidents
- 4.5K Security
- 226 Security Ideas
- 982 Switch
- 46 Switch Ideas
- 876 WirelessLAN
- 22 WLAN Ideas
- 5.1K Consumer Product
- 157 Service & License
- 280 News and Release
- 98 Success Stories
- 59 Security Advisories
- 13 Education Center
- 580 FAQ
- 263 Nebula FAQ
- 160 Security FAQ
- 76 Switch FAQ
- 74 WirelessLAN FAQ
- 7 Consumer Product FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 69 About Community
- 46 Security Highlight