Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Creating Content Security Policies

Before You Begin

  • Read the Content Security Overview topic.

  • Review the Content Security Policy main page for an understanding of your current data set. See UTM Policies Main Page Fields for field descriptions.

  • Decide the filtering profile you want for the Content Security policy: Web Filtering, Antispam, Antivirus, or Content Filtering.

Use the Content Security policy page to configure Content Security policies. Content Security consolidates several security features into one device to protect against multiple threat types. The Content Security policy wizard provides step-by-step procedures to create a Content Security policy. You can configure multiple profiles by launching the respective wizards from the Content Security policy wizard.

To configure Content Security policies:

  1. Select Configure > UTM Policy.
  2. Click the + icon to create a new Content Security policy.
  3. Complete the configuration according to the guidelines provided in Table 1.
  4. Configure a filtering profile for your Content Security policy:
    • Antispam— Examine transmitted e-mail messages to identify e-mail spam over SMTP. For more information, see Creating Antispam Profiles.

    • Antivirus—Inspect files transmitted over several protocols (HTTP, FTP upload and download, IMAP, SMTP, and POP3) to determine if the files exchanged are known malicious files, similar to how desktop antivirus software scans files for the same purpose. For more information, see Creating Antivirus Profiles.

    • Content filtering—Block or permit certain types of traffic over several protocols (HTTP, FTP upload and download, IMAP, SMTP, and POP3) based on the MIME type, file extension, protocol command, and embedded object type. For more information, see Creating Content Filtering Profiles.

    • Web Filtering-Manage Internet usage by preventing access to inappropriate Web content over HTTP. For more information, see Creating Web Filtering Profiles.

    • Device—Configure Content Security global options for a device. The device profile refers to the antispam, antivirus, and Web filtering profiles. For more information, see Creating Device Profiles.

  5. Click Finish. A new Content Security policy is created.
Table 1: Content Security Policy Settings

Setting

Guideline

Name

Enter a unique name for the Content Security policy that is a string of alphanumeric characters, colons, periods, dashes, and underscores. No spaces are allowed and the maximum length is 29 characters.

Description

Enter a description for the Content Security policy; maximum length is 255 characters.

Traffic Options

Specify traffic options for the Content Security policy.

In an attempt to consume all available resources, a malicious user might generate a large amount of traffic all at once. To prevent such activity from succeeding, you can impose traffic options:

  • Connection limit per client—Specify the connection limit per client; default is 2000.

  • Action when connection limit is reached—Specify the action that must be taken once the connection limit is reached. The available actions are None, Log and Permit, and Block.