Performing Content Filtering using DPI-SSL

To perform SonicWall Content Filtering on HTTPS and SSL-based traffic using DPI-SSL

Make sure that Enable SSL Inspection and Content Filter options are enabled on General tab of POLICY | DPI-SSL > Client SSL. For more information, refer to Configuring General DPI-SSL/TLS Client Settings.

To perform SonicWall Content Filtering on HTTPS and SSL-based traffic using DPI-SSL

1. Create a content filter profile object on OBJECT | Profile Objects > Content Filter.

2. Configure a content filter rule on POLICY | Rules and Policies > Content Filter Rules.

   Make sure to select:

   • Content filter Profile object created on OBJECT | Profile Objects > Content Filter.
   • Default content filter Action object from the drop-down menu as the default action object is configured to Block, Confirm, or Passphrase the page or create a content filter action object for Block, Confirm, or Passphrase page on OBJECT | Action Objects > Content Filter Actions.

3. Navigate to POLICY | Security Services > Content Filter.

   Make sure that SonicWall CFS is selected for the Content Filter Type from the drop-down menu.

4. Scroll to the Global Settings section.

   Make sure that Enable Content Filtering Service is selected. By the default, this setting is selected.

   

5. Click Accept.

6. Navigate to a blocked, confirmed, or passphrased site using the HTTPS protocol to verify that it is properly blocked, confirmed, or passphrased.

   For content filtering over DPI-SSL, the first time HTTPS access is blocked results in a blank page being displayed. If the page is refreshed, the user sees the firewall block page.