We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

Attention

Barracuda CloudGen Firewall version 8.0 is a cloud-only version. It is currently not available for on-premises deployments and can only be deployed in Microsoft Azure, Amazon Web Services, or Google Cloud Platform public clouds.

How to Configure User Agent Filtering in the Firewall

  • Last updated on

The CloudGen Firewall can filter HTTP and HTTPS traffic based on the user agent string of the browser. For this policy to apply, web traffic must match an access rule with Application Control and an application rule with a User Agent policy.

user_agent_policy.png

Before You Begin

Step 1. Create an Access Rule to Match Web Traffic

Create a PASS access rule to match HTTP and HTTPS traffic and enable Application Control and, optionally, SSL Inspection.

  1. Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Rules.
  2. Double-click to edit the access rule matching HTTP/HTTPS traffic.
    User_agents_02.png
  3. Click on the Application Policy link and select:
    • Application Control – required.
    • SSL Inspection – optional.
    User_agents_01.png
  4. If configured, select a policy from the SSL Inspection Policy drop-down list. For more information, see SSL Inspection in the Firewall.
  5. Click OK
  6. Click Send Changes and Activate.

Step 2. Create Application Rule using User Agent Policies

  1. Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Rules.
  2. In the left menu, click Application Rules.
  3. Click Lock.  
  4. Create a PASS application rule. For more information, see How to Create an Application Rule
    • Source – Select the same source used in the matching access rule.
    • Application  Select Any to configure only the filter policies. Otherwise, select an application object from the drop-down list to combine Application Control and User Agent filtering.
    • Destination  Select the same destination used in the matching access rule.
    User_agents_03.png
  5. Click the URL Filter, File Content, User Agent link.
    User_agents_04.png
  6. Click User Agent.
  7. Select a user agent policy from the list. For more information, see How to Create User Agent Policies.
    User_agents_05.png
  8. Click OK.
  9. Click Send Changes and Activate.

When users attempt to access a service with a web browser that is not allowed in the user agent policy, the connection is either reset or redirected to a custom block page. The block page is customizable. For more information, see How to Configure Custom Block Pages and Texts.

User_agents_06.png

Monitoring

To monitor blocked connections, go to FIREWALL > History and check the Info column of blocked connections for Detected Browser Agent not allowed by policy

User_agents_07.png

Last updated on