Hello,
just though to share with some update
The server status is UP now
root@node1-srx650> show security utm web-filtering status
node0:
--------------------------------------------------------------------------
UTM web-filtering status:
Server status: Juniper Enhanced using Websense server DOWN
node1:
--------------------------------------------------------------------------
UTM web-filtering status:
Server status: Juniper Enhanced using Websense server UP
but now NO hints in th statistics and sites are not blocked based on given categories
node1:
--------------------------------------------------------------------------
UTM web-filtering statistics:
Total requests: 5
white list hit: 0
Black list hit: 0
Queries to server: 3
Server reply permit: 0
Server reply block: 0
Custom category permit: 0
Custom category block: 0
Site reputation permit: 0
Site reputation block: 0
Cache hit permit: 0
Cache hit block: 0
Safe-search redirect: 0
Web-filtering sessions in total: 64000
Web-filtering sessions in use: 0
Fallback: log-and-permit block
Default 1 0
Timeout 44685 0
Connectivity 0 0
Too-many-requests 0 0
Policy still the same :
root@node1-srx650> show security policies policy-name webfiltering detail
node1:
--------------------------------------------------------------------------
Policy: webfiltering, action-type: permit, State: enabled, Index: 4, Scope Policy: 0
Policy Type: Configured
Sequence number: 2
From zone: trust, To zone: untrust
Source addresses:
any-ipv4: 0.0.0.0/0
any-ipv6: ::/0
Destination addresses:
any-ipv4: 0.0.0.0/0
any-ipv6: ::/0
Application: any
IP protocol: 0, ALG: 0, Inactivity timeout: 0
Source port range: [0-0]
Destination port range: [0-0]
Per policy TCP Options: SYN check: No, SEQ check: No
Intrusion Detection and Prevention: disabled
Unified Access Control: disabled
Unified Threat Management: 0x06000003
Session log: at-create, at-close
policy webfiltering {
match {
source-address any;
destination-address any;
application any;
}
then {
permit {
application-services {
utm-policy utm-protect;
}
utm-policy utm-protect {
web-filtering {
http-profile junos-wf-enhanced-default;
Here are the key summary points:
- License in place and server UP
- web filtering type set to juniper-enhanced
- ntp synchronized with ATOM time server
- http profile junos-wf-enhanced-default added to web-filtering, customized with predefined categories and action set to "block"
- site-reputation-action configured
- fallback-settings configured
- top http policy "webfiltering" assigned from Trust to Untrust
- Junos ver 11.4R9.4 means taht EWF is supported
Any ideas are very welcome!