Chapter 9. Content Security

In the last chapter, I talked about restricting access based on the user; in this chapter, I talk about restricting access to certain kinds of content. Such restrictions include not allowing people to access certain kinds of sites (e.g., pornography, news), preventing people from accessing specific types of content (e.g., RealAudio, MP3), and scanning content for viruses. I also discuss the various Security Servers for HTTP, FTP, SMTP, and TCP in some detail.

By the end of this chapter, you should be able to:

  • Know what CVP and UFP are used for

  • Restrict content for HTTP, FTP, SMTP, and generic TCP services

  • Understand the performance issues inherent in Content Security

  • Understand how to tune your FireWall-1 installation to perform well

  • Troubleshoot problems with Content Security