Security Services > Content Filter
706
SonicOS Enhanced 4.0 Administrator Guide
–
Block traffic to all Web sites - Selecting this option blocks traffic to all Web sites
except Allowed Domains until the N2H2 server is available.
–
Allow traffic to all Web sites - Selecting this option allows traffic to all Web sites
without Websense Enterprise server filtering. However, Forbidden Domains and
Keywords, if enabled, are still blocked.
URL Cache
• Cache Size (KB) - Configure the size of the URL Cache in KB.
Tip Tip! A larger URL Cache size can result in noticeable improvements in Internet browsing
response times.
Configuring SonicWALL Blocking Features
Once you configure your settings in the Websense Properties window, you can configure
SonicWALL blocking features including Restrict Web Features, Trusted Domains, and
Message to Display when Blocking from the Security Services>Content Filtering page.
Restrict Web Features
Restrict Web Features enhances your network security by blocking potentially harmful Web
applications from entering your network. Select any of the following applications to block:
• ActiveX - ActiveX is a programming language that embeds scripts in Web pages. Malicious
programmers can use ActiveX to delete files or compromise security. Select the ActiveX
check box to block ActiveX controls.
• Java - Java is used to download and run small programs, called applets, on Web sites. It
is safer than ActiveX since it has built-in security mechanisms. Select the Java check box
to block Java applets from the network.
• Cookies - Cookies are used by Web servers to track Web usage and remember user
identity. Cookies can also compromise users' privacy by tracking Web activities. Select the
Cookies check box to disable Cookies.
• Web Proxy - When a proxy server is located on the WAN, LAN users can circumvent
content filtering by pointing their computer to the proxy server. Check this box to prevent
LAN users from accessing proxy servers on the WAN.
• Known Fraudulent Certificates - Digital certificates help verify that Web content and files
originated from an authorized party. Enabling this feature protects users on the LAN from
downloading malicious programs warranted by these fraudulent certificates. If digital
certificates are proven fraudulent, then the SonicWALL blocks the Web content and the
files that use these fraudulent certificates. Known fraudulent certificates blocked by
SonicWALL include two certificates issued on January 29 and 30, 2001 by VeriSign to an
impostor masquerading as a Microsoft employee.