Content Filtering and Optimizing Scans
211
ProSecure Unified Threat Management (UTM) Appliance
Scanning all protocols enhances network security but might affect the performance of the
UTM. For an optimum balance between security and performance, enable scanning of only
the most commonly used protocols on your network. For example, you can scan FTP and
HTTP, but not HTTPS (if this last protocol is not used often). For more information about
performance, see Performance Management on page 428.
To configure the web protocols and ports to scan:
1. Select Application Security > Services. The Services submenu tabs display with the
Services screen in view.
Note: For information about email protocols and ports, see Customize
Email Protocol Scan Settings on page 194.
Figure 114.
2. In the Web section of the screen, select the protocols to scan by selecting the Enable check
boxes, and enter the port numbers if different from the default port numbers:
• HTTP. Select the HTTP check box to enable Hypertext Transfer Protocol (HTTP)
scanning. This service is enabled by default and uses default port 80.
• HTTPS. Select the HTTPS check box to enable Hypertext Transfer Protocol over
Secure Socket Layer (HTTPS). This service is disabled by default. The default port
is 443.
Note: You can keep HTTPS scanning disabled and still block selected
HTTPS websites by configuring the HTTPS Smart Block feature. For
more information, see Configure HTTPS Smart Block on page 212.
• FTP. Select the FTP check box to enable File Transfer Protocol (FTP). This service is
enabled by default and uses default port 21. You cannot change the default port in the
corresponding Ports to Scan field.
3. If a protocol uses a port other than the standard service port (for example, port 80 for
HTTP), enter this nonstandard port in the Ports to Scan field. For example, if the HTTP