SNAPGEAR URL FILTERING:
1. What filtering application does SnapGear use?
SnapGear offers a version of Secure Computing’s leading Webwasher® URL filtering solution. SnapGear Webwasher filtering uses the same URL database/filtering engine found in the Webwasher enterprise SCM solution. The SnapGear filtering module provides basic filtering functionality that is targeted for smaller businesses. Not all of the Webwasher advanced/enterprise filtering features are included.
2. How does the SnapGear URL filtering module work?
SnapGear administrators create a filtering policy for their organization that resides locally on each SnapGear appliance. SnapGear administrators determine the types of URLs they want to allow or block and create their policy from a set of predetermined categories. The URL filtering engine runs as an Internet service on Webwasher Rating Servers around the world. The SnapGear appliance intercepts HTTP URL requests submitted by internal users and relays them to the Webwasher Rating Server. The Server quickly returns URL category data to the SnapGear appliance which then either blocks or allows user access to the requested Web site according to the local policy.
3. What filtering categories are available with SnapGear?
There are currently more than 60 categories available.
5. Auctions/Classified Ads
6. Governmental Organizations
7. Non-Governmental Organizations
13. Illegal Activities
14. Computer Crime
16. Warez (Illegal Software)
19. Computer Games
21. Entertainment/Motion Picture
24. Music/Web Radio
28. Web Mail
29. Chat/Instant Messaging
31. SMS/Ring Tones/Logos
32. Digital Postcards
33. Search Engines/Web Catalogs/Portals
35. Web Hosting/IT Services
36. Information Security
37. Translation Proxies
38. Anonymous Proxies
39. Illegal Drugs
48. Real Estate/Architecture/Residence
50. Private Homepages
51. Human Resources
64. Malicious Web Sites
4. Can I get reports on my Internet traffic, including reports by user?
All of the SnapGear appliances can be purchased with either URL Filtering only or URL Filtering with Reporting. With the reporting option, a pre-defined set of reports provide organizations a better understanding of their Internet traffic. Filtering reports are not run locally. Reports are emailed on a monthly basis to all organizations that subscribe to the reporting service. Your activation certificate will enable access to the reporting option.
Reports include information such as Top 20 sites visited and Top 20 sites blocked. Some reports can be viewed by user IP address or by user name. To report by user name, user authentication is required. This feature is enabled on the firewall Access Control Main Tab. On this tab, Require User Authentication determines if users are asked for a username and password when attempting to access the Internet.
Additionally, SnapGear administrators must select the Identify user by account option in the Content Filtering area of the Webwasher tab.
Note: Internet Explorer users must configure the SnapGear unit as their default Web proxy for password based access to operate correctly.
Additional configuration requirements and options
5. How do I enable Web filtering?
The Web filtering functionality is an add-on module to SnapGear that must be purchased separately. Once purchased, a few simple steps need to be followed to enable filtering. First, navigate to the Webwasher tab of the firewall Access Control configuration area. The Enable Content Filtering checkbox specifies whether Webwasher content filtering will be used or not.
For more detailed information on enabling content filtering, please refer to our Knowledgebase article found at: www.cyberguard.info/snapgear/faqomatic/public_html/fom-serve/cache/468.html
Note: The Content section of the Access Control configuration area refers to a legacy filtering option that cannot be used by new SnapGear customers.
6. How many filtering policies can I create on a single SnapGear appliance?
Only one global Webwasher filtering policy can be assigned per SnapGear appliance. There are many options for customizing this policy to best meet an organizations’ unique need. Additional details are included on this topic in the next section of the FAQ. Business models that require multiple policies and HTTPS or FTP filtering should upgrade to a local Webwasher Server with a complete set of robust Secure Content Management engines including URL Filtering, Anti-Spam, Anti-Virus, SSL Scanning and more.
7. Can I override the Webwasher block/allow policy?
Custom URL and IP Whitelist (allow) and Blacklist (block) entries can be implemented on the SnapGear appliances that override the Webwasher block/allow policy. A number of options are listed below:
· The ACL and Web Lists tabs of the firewall Access Control configuration area allow the SnapGear appliance administrator to override the Webwasher block/allow policy on a site-by-site basis. The ACL section can also be used to exempt specific workstation IPs from the Webwasher Block/Allow policy or to block specific workstation IPs regardless of the Webwasher block/allow policy.
o The Web Lists tab uses URLs or URL fragments to allow (Whitelist) or block (Blacklist) Web sites regardless of the Webwasher block/allow policy. A performance impact is associated with this strategy.
o The ACL tab can use lists of specific IP addresses to allow or block Web sites regardless of the Webwasher block/allow policy. The performance impact associated with this strategy is much lower than when Web Lists are used. This approach requires that each Web site use a stable IP address. Since DNS is not used, when a Websites changes its IP address, it is no longer effectively controlled by the ACL entry. The most common use of this control would be a Whitelist of business partner Extranet sites.
o The ACL tab can also be used to exempt or block specific user workstation IPs from the Webwasher block/allow policy.
§ A user workstation IP address that is exempted from the Webwasher block/allow policy is still restricted by block entries in the Web Lists. A user workstation IP address that is blocked from the Webwasher block/allow policy is still permitted to browse any allow entries in the Web Lists.
o Web List block and allow entries are absolute by default. If a requested URL contains any of the URL fragments defined, a block or allow action will be triggered. Defining overly short URL fragments can result in many sites matching and being allowed or denied erroneously. Secure Computing recommends that URLs be restricted to the shortest length that achieves the desired result.
· Every SnapGear appliance can accommodate several hundred override/exempt entries in a combined total for the ACL and Web Lists. The performance impact and the number of entries vary significantly with the length of the Web List URLs and the general load upon the appliance. The ACL IP format supports longer lists but Secure Computing recommends that the number of entries should not exceed 200 if slow Web page delivery is to be avoided. If override/exempt requirements are in excess of 200 entries, the customer should consider implementing a stand-alone Webwasher URL filter application.
8. If a site is not rated by Webwasher, can it still be blocked?
SnapGear administrators can determine if they want all sites not yet rated by Webwasher to be allowed or blocked.
9. What if access to the Webwasher Rating Server is unavailable – will the appliance continue to filter Web access?
The Cache option in the SnapGear appliance enables the caching of content rating results. It allows continued Web filtering operation with the cached rating results in the event that access to the Webwasher Rating Servers is unavailable. The Cache option on the SnapGear appliance will also improve performance and will require approximately 2 megabytes of memory.