2 Replies Latest reply on Sep 29, 2010 11:15 AM by martin.dimov

    SmartFilter don't work properly

      Hi all,

      I've the following problem:

      I've create a new SmartFilter policy for prevent access to "Finance/Banking" site categories (for test purpose I've set to "Warn" the action).

      I've create a new HTTP Defense policy that apply this SmartFilter policy.

      I've create a new Defense Group taht use this HTTP Defense policy.

      Then I've create a new Access Control Rule that perform this control:

           1. From "internal"

           2. To "external"

           3. Application HTTP and SSL/TLS

           4. Application Defense: <my_custom_def>

           5. TrustedSource: disabled


      I've try to navigate in some bank site (I've search in www.trustedsource.org and they are correctly categorized in Finance/Banking category) but only one site was reconised correctly (however in accord with www.trustedsource.org).


      The SmartFilter database on my firewall is up to date.

      The access control rule is the first and the only HTTP/SSL rule in action (for test purpose I've disabled all similar rules).

      The SmartFilter is managed by Administration Console.

      The Firewall Enterprise Version is the last available: 8.0.1


      What's happening? Why the Firewall/SmartFilter don't match the correct categories?

      Some example site that I've tested:





      Thank you in advance



        • 1. Re: SmartFilter don't work properly



          there should be a file /var/log/SF.log (if not configure auditing in Policy->ApplicationDefence->SmartFilter->Audit). When You browse You have to see logs in this file that will say what is the category. If category is correct You have to see the firewall audit logs and to see if traffic is matching your rule or something before it. You have to see also if in HTTP-Your-custom-ApplicationDefence the Smartfilter checkbox is checked.



          1 of 1 people found this helpful
          • 2. Re: SmartFilter don't work properly

            In effect the SmartFilter don't work with HTTPS sites.

            If that is needed we must create a SSL rule to decript the HTTPS connection and then use SmartFilter on the decripted stream.

            (see the MFE8 manual).



            Messaggio modificato da EuroFlash.Technology on 01/10/10 2.11.38 CDT