It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Configure User Agent Filtering in the Firewall

  • Last updated on

The CloudGen Firewall can filter HTTP and HTTPS traffic based on the user agent string of the browser. For this policy to apply, web traffic must match an access rule with Application Control and an application rule with a User Agent policy.

user_agent_pol.png

Before You Begin

Step 1. Create an Access Rule to Match Web Traffic

Create a PASS access rule to match HTTP and HTTPS traffic and enable Application Control and, optionally, SSL Inspection.

  1. Go to CONFIGURATION > Configuration Tree > Box > Assigned Services > Firewall > Forwarding Rules.
  2. Double-click to edit the access rule matching HTTP/HTTPS traffic.
    User_agents_02.png
  3. Click on the Application Policy link and select:
    • Application Control – required.
    • SSL Inspection – optional.
    User_agents_01.png
  4. If configured, select a policy from the SSL Inspection Policy drop-down list. For more information, see SSL Inspection in the Firewall.
  5. Click OK
  6. Click Send Changes and Activate.

Step 2. Create Application Rule Using User Agent Policies

  1. Go to CONFIGURATION > Configuration Tree > Box > Assigned Services > Firewall > Forwarding Rules.
  2. In the left menu, click Application Rules.
  3. Click Lock.  
  4. Create a PASS application rule. For more information, see How to Create an Application Rule
    • Source – Select the same source used in the matching access rule.
    • Application  Select Any to configure only the filter policies. Otherwise, select an application object from the drop-down list to combine Application Control and User Agent filtering.
    • Destination  Select the same destination used in the matching access rule.
    User_agents_03.png
  5. Click the URL Filter, File Content, User Agent link.
    User_agents_04.png
  6. Click User Agent.
  7. Select a user agent policy from the list. For more information, see How to Create User Agent Policies.
    User_agents_05.png
  8. Click OK.
  9. Click Send Changes and Activate.

When users attempt to access a service with a web browser that is not allowed in the user agent policy, the connection is either reset or redirected to a custom block page. The block page is customizable. For more information, see How to Configure Custom Block Pages and Texts.

User_agents_06.png

Monitoring

To monitor blocked connections, go to FIREWALL > History and check the Info column of blocked connections for Detected Browser Agent not allowed by policy

User_agents_07.png