How to Configure Reputation Filter- URL Threat Filter

Zyxel_Cooldia Posts: 1,450  Zyxel Employee
First Anniversary 10 Comments Friend Collector First Answer
edited November 2023 in Security Service

URL Threat Filter can avoid users to browse some malicious URLs (such as anonymizers, browser exploits, phishing sites, spam URLs, spyware) and allows administrator to manage which URLs can be browsed or not.
This example demonstrates how to configure the URL Threat Filter to redirect web access after the client hits the URL Threat Filter categories.

Note: All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks. This example was tested using USG FLEX 200H (Firmware Version: uOS 1.10).

Set Up the URL Threat Filter
Go to Security Service > Reputation Filter > URL Threat Filter. Turn on this feature. Select Block on Action field. When a client hits URL Threat Filter, the page will be Blocked. Choose Log-alert on Log field.

Test the Result
Verify a URL in the Security Threat Categories. In Test URL Threat Category, enter a malicious URL and query the result.

Using Web Browser to access the malicious site. The gateway will redirect you to a blocked page.

Go to Log & Report > Log/Events and select URL Threat Filter to check the logs.

Go to Security Statistics > Reputation Filter > URL Threat Filter to check summary of all events.