According to the documentation, the Netscreen 5GT can filter ActiveX, .exe files, Javascript, etc., out of incoming HTTP connections. It doesn't mention if this setting is global or if it can be set for certain IP addresses or ranges. I'd like to enable this on my network, but only for a single problematic user who always seems to be plagued by viruses and malware. Can I enable this kind of filtering for a single internal IP address only?
Second question... The 5GT only supports a single VIP. I have a VIP set up to redirect several ports to machines on my DMZ zone (in the
172.16.0.0 subnet). I'd like to temporarily change the redirection for one port to a machine on my Trust zone (in the 192.168.0.0 subnet) for testing purposes. Can a single VIP redirect some ports to one zone and another port to a different zone?