SonicOS 7.1 Objects
- SonicOS 7.1 Action Objects
- About SonicOS
- Match Objects
- Zones
- How Zones Work
- Default Zones
- Security Types
- Allow Interface Trust
- Effect of Wireless Controller Modes
- Zones Overview
- The Zones Page
- Adding a New Zone
- Adding a New Zone in Policy Mode
- Adding a New Zone in Classic Mode
- Configuring a Zone for Guest Access
- Configuring a Zone for Open Authentication and Social Login
- Configuring the WLAN Zone
- Configuring the RADIUS Server
- Configuring DPI-SSL Granular Control per Zone
- Enabling Automatic Redirection to the User-Policy Page
- Cloning a Zone
- Editing a Zone
- Deleting Custom Zones
- Addresses
- Addresses Page
- About UUIDs for Address Objects and Groups
- Working with Dynamic Address Objects
- Services
- URI Lists
- Schedules
- Dynamic Group
- Email Addresses
- Match Objects
- Countries
- Applications
- Web Categories
- Websites
- Match Patterns
- Custom Match
- Profile Objects
- Endpoint Security
- Bandwidth
- QoS Marking
- Content Filter
- DHCP Option
- DNS Filtering
- Block Page
- Anti-Spyware
- Gateway Anti-Virus
- Log and Alerts
- Intrusion Prevention
- AWS
- Action Profiles
- Security Action Profile
- DoS Action Profile
- Action Objects
- App Rule Actions
- Content Filter Actions
- Object viewer
- SonicWall Support
Advanced Screen
Advanced profile object helps to enable the options listed below:
- HTTPS content filtering solution to inspect the contents of secure websites in addition to regular websites.
-
Safe Search to filter explicit content from search results.
You can lock Safe Search if you want to keep Safe Search turned on and prevent users from turning it off.
- Wipe cookies.
To configure Advanced profile of the Content Filter
- Navigate to OBJECT | Profile Objects > Content Filter.
-
Do one of the following:
-
Add a new CFS Profile Object.
- Click the Add icon.
- Enter a friendly profile object Name.
-
Edit an existing CFS Profile Object.
Hover over an existing Profile Object and click the Edit icon.
-
-
Click the Advanced tab.
-
Set the Advanced profile object options.
Enable HTTPS Content Filtering To enable content filtering for HTTPS sites.
This policy-based HTTPS content filtering option is available in SonicOS 6.5.3 or higher. It replaces the global HTTPS content filtering option in previous versions on the POLICY | Security Services > Content Filter page.
When DPI-SSL client inspection is enabled and Content Filter is selected for inspection, then that inspection takes precedence and the policy-based HTTPS content filtering setting is ignored. Specifically, when the Enable SSL Client Inspection and Content Filter options are enabled on the POLICY | DPI-SSL page, then the Enable HTTPS Content Filtering option in the CFS policy is ignored. In this case, DPI-SSL will decrypt the connection and send it as plain text to CFS later for filtering.
HTTPS content filtering is IP based and does not inspect the URL, but uses other methods to obtain the URL rating. When this option is enabled, CFS performs URL rating lookup in this order:
- Searches the client hello for the Server Name, which CFS uses to obtain the URL rating.
- If the Server Name is not available, searches the SSL certificate for the Common Name, which CFS uses to obtain the URL rating.
- If neither Server Name nor Common Name is available, CFS uses the IP address to obtain the URL rating.
While HTTP content filtering can perform redirects to enforce authentication or provide a block page, HTTPS filtered pages are silently blocked.
Enable Smart Filtering for Embedded URI To detect the embedded URL inside Google Translate (https://translate.google.com) and filter the embedded URI.
This feature requires enabling Client DPI-SSL with content filter.
This feature takes effect only on Google Translate, which works on currently rated embedded web sites.
Enable Safe Search Enforcement To enforce Safe Search when searching on any of the following websites:
- www.yahoo.com
- www.ask.com
- www.dogpile.com
- www.lycos.com
This enforcement cannot be configured at the policy level as the function employs DNS redirection to HTTPS sites. For HTTPS sites, client DPI-SSL with content filter must be enabled.
Enable Threat API Enforcement This option is not available for selection in SonicOS version 7.1.
Enable Google Force Safe Search To override the Safe Search option for Google inside each CFS Policy and its corresponding CFS Action.
Typically, Safe Search happens automatically and is powered by Google, but when this option is enabled, SonicOS rewrites the Google domain in the DNS response to the Google Safe Search virtual IP address.
This feature takes effect only after the DNS cache of the client host is refreshed.
Enable YouTube Restrict Mode To access YouTube in Restrict (Safe Search) mode.
YouTube provides a new feature to screen videos that may contain inappropriate content flagged by users and other signals. When this feature is enabled, SonicOS rewrites the DNS response for the YouTube domain to its Safe Search virtual IP address.
This feature takes effect only after the DNS cache of the client host is refreshed.
Enable Bing Force Safe Search To override the Safe Search option for Bing inside each CFS Policy and its corresponding CFS Action.
When this feature is enabled, SonicOS rewrites the DNS response for the Bing domain to its Safe Search virtual IP address.
This feature takes effect only after the DNS cache of the client host is refreshed.
- Click Save.
Was This Article Helpful?
Help us to improve our support portal