Filter
Top Products
268
SONICWALL SONICOS STANDARD 3.0 ADMINISTRATOR’S GUIDE
C
HAPTER
44:
Configuring SonicWALL Content Filtering Service
Content Filter Type
There are three types of content filtering available on the SonicWALL security appliance.
• SonicWALL CFS - Selecting SonicWALL CFS as the Content Filter Type allows you to use the
SonicWALL Content Filtering Service that is available as an upgrade. You can obtain more infor-
mation about SonicWALL Content Filtering Service at
<http://www.sonicwall.com/products/cfs.html>
• N2H2 - N2H2 is a third party content filter software package supported by SonicWALL security
appliance.
• Websense Enterprise - Websense Enterprise is also a third party content filter list supported by
SonicWALL security appliance.
Apply filter and Restrict Web Features on - Allows you to specify the LAN interface for applying
content filtering or Restrict Web Features protection.
Restrict Web Features
Restrict Web Features enhances your network security by blocking potentially harmful Web
applications from entering your network.
Restrict Web Features are included with SonicOS. Select any of the following applications to block:
• ActiveX - ActiveX is a programming language that embeds scripts in Web pages. Malicious pro-
grammers can use ActiveX to delete files or compromise security. Select the ActiveX check box to
block ActiveX controls.
• Java - Java is used to download and run small programs, called applets, on Web sites. It is safer
than ActiveX since it has built-in security mechanisms. Select the Java check box to block Java
applets from the network.
• Cookies - Cookies are used by Web servers to track Web usage and remember user identity.
Cookies can also compromise users' privacy by tracking Web activities. Select the Cookies check
box to disable Cookies.
• Access to HTTP Proxy Servers - When a proxy server is located on the WAN, LAN users can cir-
cumvent content filtering by pointing their computer to the proxy server. Check this box to prevent
LAN users from accessing proxy servers on the WAN.
• Known Fraudulent Certificates - Digital certificates help verify that Web content and files origi-
nated from an authorized party. Enabling this feature protects users on the LAN from downloading
malicious programs warranted by these fraudulent certificates. If digital certificates are proven
fraudulent, then the SonicWALL security appliance blocks the Web content and the files that use
these fraudulent certificates. Known fraudulent certificates blocked by SonicWALL security appli-
ance include two certificates issued on January 29 and 30, 2001 by VeriSign to an impostor mas-
querading as a Microsoft employee.
You can choose LAN for applying your Restrict Web Features protection from the Apply filter and
Restrict Web Features on setting in Content Filter Type.