Content filtering

Dpj
Dpj Posts: 92  Ally Member
First Comment Friend Collector Second Anniversary
in Nebula

today, next step in securing our network. Content Filtering. This morning i was testing it, and it seems to work, but the results is different from time to time.

sometimes i get this:

image.png

the next time i get this:

image.png

or this…

image.png

or even this:

sometimes, just with an refresh of the page i get a different page. Of course i always want to get the first one…

yours dennis

Accepted Solution

  • Zyxel_Melen
    Zyxel_Melen Posts: 3,149  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    Answer ✓

    Hi @Dpj,

    I apologize for the delayed reply. After checking, this behavior difference is because the browser might send a DNS query via HTTPS, in other words, DNS over HTTPS(DOH). The firewall can't monitor DOH traffic and take any actions.

    In addition, both outcomes mean the site is blocked.

    Zyxel Melen


All Replies

  • Zyxel_Melen
    Zyxel_Melen Posts: 3,149  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @Dpj,

    May I know some details about your testing so I can investigate this issue better?

    1. Your model.
    2. Firmware version.
    3. Your security service configurations.
    4. The URL/website you tested.

    Thanks!

    Zyxel Melen


  • Dpj
    Dpj Posts: 92  Ally Member
    First Comment Friend Collector Second Anniversary

    Hello Melen,

    I got an USG Flex 200, configured in Nebula

    Firmware version V5.39(ABUI.1)

    image.png

    Under the categor lyist i selected for example "Online Shopping", "Social networking" and "Streaming Media".

    In the Security Policies i created the following:

    image.png

    (I readed also about the Block Quick Ports), so i added those also.

    When i open ah.nl:

    image.png

    which belongs to Online shopping (just an example), get i this in Edge:

    image.png

    but in an other browser i get:

    image.png

    I would expect, i got the nice looking page, as mentioned before.

    when i open for example X.com, in edge, i got also this page:

    image.png

    (of course then with x.com as site instead of ah.nl)

    Yours dennis

  • Dpj
    Dpj Posts: 92  Ally Member
    First Comment Friend Collector Second Anniversary

    is there anything news about this?

  • Zyxel_Melen
    Zyxel_Melen Posts: 3,149  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @Dpj

    I have reproduced this case and found the difference is on "https://"

    image.png image.png

    I'm checking with our engineer why we have this difference. I will update you once I have further information.

    Zyxel Melen


  • Zyxel_Melen
    Zyxel_Melen Posts: 3,149  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    Answer ✓

    Hi @Dpj,

    I apologize for the delayed reply. After checking, this behavior difference is because the browser might send a DNS query via HTTPS, in other words, DNS over HTTPS(DOH). The firewall can't monitor DOH traffic and take any actions.

    In addition, both outcomes mean the site is blocked.

    Zyxel Melen


  • Dpj
    Dpj Posts: 92  Ally Member
    First Comment Friend Collector Second Anniversary

    Clear! thank you for investigating

Categories

Nebula Tips & Tricks


    Read more

    Nebula Help Center

    EnglishTiếng ViệtРусскийไทย中文(台灣)