SonicWALL CFS Implementation with App Rules

The CFS feature allows you to use the power of SonicWALL’s App Rules feature to increase create a more powerful and flexible solution.

	NOTE: While the App Rules method of CFS management offers more control and flexibility, you can still choose the previous user/zone management method to perform content filtering.

•

App Rules - is included as part of the CFS rule creation process.to implement more granular, flexible and powerful content filter policy control, creating CFS policy allow lists policies utilizing App Rules framework. An App Rules policy can be enforced according to a schedule. See App Rules Policy Creation for more information.

•

Application Objects - Users/groups, address objects, and zones can be assigned for individual CFS policies.

•

Bandwidth Management - CFS specifications can be included in bandwidth management policies based on CFS website categories. This also allows use of Bandwidth Aggregation by adding a per-action bandwidth aggregation method.

•

SSL Certificate Common Name - HTTPS Content Filtering has the ability to use an SSL certificate common name in addition to server IP addresses.

•

New CFS Categories - Multimedia, Social Networking, Malware, and Internet Watch Foundation CAIC are included in the CFS list.

Content Filtering Service (CFS) enforces protection and productivity policies for businesses, schools and libraries to reduce legal and privacy risks while minimizing administration overhead. CFS utilizes a dynamic database of millions of URLs, IP addresses and domains to block objectionable, inappropriate or unproductive Web content. At the core of CFS is an innovative rating architecture that cross references all Web sites against the database at worldwide co-location facilities. A rating is returned to the firewall and then compared to the content filtering policy established by you. Almost instantaneously, the Web site request is either allowed through or a Web page is generated by the firewall informing the user that the site has been blocked according to policy.

With CFS, you have a flexible tool to provide comprehensive filtering based on keywords, time of day, trusted and forbidden domain designations, and file types such as Cookies, Java™ and ActiveX® for privacy. CFS automatically updates the filters, making maintenance substantially simpler and less time consuming.

CFS can also be customized to add or remove specific URLs from the blocked list and to block specific keywords. When a user attempts to access a site that is blocked by the firewall, a customized message is displayed on the user’s screen. Firewalls can also be configured to log attempts to access sites on the Content Filtering Service database, on a custom URL list, and on a keyword list to monitor Internet usage before putting new usage restrictions in place.

CFS Premium blocks 56 categories of objectionable, inappropriate or unproductive Web content. CFS Premium provides you with greater control by automatically and transparently enforces acceptable use policies. It gives you the flexibility to enforce custom content filtering policies for groups of users on the network. For example, a school can create one policy for teachers and another for students.