|
2
|
Click the Policies tab.
|
|
3
|
In the center pane, navigate to the Content Filter > Settings page.
|
|
•
|
SonicWALL CFS—Enables the CFS SonicWALL filtering package based on the firmware version of the SonicWALL appliance.
|
|
•
|
N2H2—To use N2H2, you must have the N2H2 software package running on a server in your network. For more information, visit www.n2h2.com.
|
|
•
|
Websense—To use Websense, you must have the Websense Enterprise software package running on a server in your network. For more information, visit www.websense.com.
If you select N2H2 or Websense, make sure to configure the appropriate filtering options. For more information, refer to N2H2 and Websense Content Filtering . |
|
7
|
A trusted domain is a domain that is allowed to use Web features such as Java, ActiveX, and cookies. To create a list of trusted domains, select Don't block Java/ActiveX/Cookies to Trusted Domains.
|
|
8
|
Select trusted domains from the Domain list, or add/import trusted domains by clicking the Add New Trusted Domain or Import links.
If adding a trusted domain, enter one or more domains name in the Trusted Domains field and click Add. The scheduler displays. Multiple domains should be separated by a “;” semicolon. Enter the domain name only. For example, “yahoo.com.” Do not include “http://.” Entering “yahoo.com” also allows access to www.yahoo.com, my.yahoo.com, sports.yahoo.com, and so on. Importing a .txt file with one domain name per line is the easiest way to add multiple domains to a Trusted Domains list. Click Import... to add multiple domains from a text file. |
|
10
|
Delete a trusted domain by selecting the check box for the trusted domain and then clicking the Delete Trusted Domain(s) link. You can also delete multiple trusted domains at one time.
|
|
12
|
When you are finished, click Update. The scheduler displays.
|
|
13
|
To enable content filtering, click Enable HTTPS Content Filtering. HTTPS content filtering is IP address and hostname based. While HTTP content filtering can do redirects to enforce authentication or provide a block page, HTTPS filtered pages are silently blocked.
|
|
14
|
To enable CFS server failover, click CFS Server Failover.
|
|
15
|
Specify the number of seconds of server inactivity before traffic is blocked or allowed. This defines what action is taken if the Websense Enterprise server is unavailable. The default value for timeout of the server is five seconds, but you can enter a value between 1 and 10 seconds
Selecting Block traffic to all Web sites blocks traffic to all Web sites except Allowed Domains until the Websense Enterprise server is available. Selecting Allow traffic to all Web sites allows traffic to all Web sites without Websense Enterprise server filtering. However, Forbidden Domains and Keywords, if enabled, are still blocked. |
|
16
|
If the server marks the URL as “blocked” then you can block and/or log access to that URL. Select Block Access to URL and/or Log Access to URL.
|
|
17
|
Enter the desired cache size (in KB) in the Cache Size text-field. If you are not sure of the supported range for your appliance, click the available link for the valid ranges.
|
|
18
|
Click Update.
|
|
19
|
Check Require Consent to require consent. Users can choose if they want filtering or not.
|
|
20
|
Enter the maximum time (in minutes) a user can access the Internet in the Maximum Web Usage field.
|
|
21
|
|
22
|
Enter the URL of the Web page from which users choose to enable filtering in the Consent Page URL (Optional Filtering) field. This page displays when users first attempt to access the Internet and must contain a link for choosing unfiltered access and a link for choosing filtered access. The link for unfiltered access is IPaddress/iAccept.html. The link for filtered access is IPaddress/iAcceptFilter.html. IPaddress is the LAN (WorkPort) IP address of the SonicWALL appliances.
|
|
23
|
Enter the URL of the page that displays when users choose to access the Internet without content filtering in the “Consent Accepted” URL (Filtering Off) field. This page must be accessible on the LAN (WorkPort).
|
|
24
|
Enter the URL of the page that displays when users access the Internet with content filtering enabled in the “Consent Accepted” URL (Filtering On) field. This page must be accessible on the LAN (WorkPort).
|
|
25
|
(optional) If a URL is entered in the Consent Accepted Redirect Page URL (filtering off) field, when a user accepts the terms in the Consent page and chooses to have unfiltered access, they are redirected to this URL. This page must reside on a Web server and be accessible as a URL by users on the network.
|
|
26
|
(optional) If a URL is entered in the Consent Accepted Redirect Page URL (filtering on) field, when a user accepts the terms in the Consent page and chooses to have filtered access, they are redirected to this URL. This page must reside on a Web server and be accessible as a URL by users on the network.
|
|
27
|
When a user opens a Web browser on a computer with mandatory content filtering they will be shown a consent page. Enter the URL for the consent page in the Consent Page URL (Mandatory Filtering) field. You will need to create this Web page. It usually contains an Acceptable Use Policy and a notification that violations are logged or blocked.
This Web page must reside on a Web server that is accessible as a URL by LAN (WorkPort) users. This page must also contain a link that tells the SonicWALL appliance that the user agrees to having filtering enabled. To do this, create the following link: IPaddress/iAcceptFilter.html where IPaddress is the LAN (WorkPort) IP address of the SonicWALL appliance. |
|
28
|
To enforce content filtering for a specific computer on the LAN, enter the IP address in the IP Addresses field of the Mandatory Filtered IP Addresses section and click Add. Up to 128 IP addresses can be entered.
|
|
30
|
When you are finished, click Update. The scheduler displays.
|