Filter
Top Products
Security Services > Content Filter
698
SonicOS Enhanced 4.0 Administrator Guide
• SonicWALL CFS - Selecting SonicWALL CFS as the Content Filter Type allows you to
use the SonicWALL Content Filtering Service that is available as an upgrade. You can
obtain more information about SonicWALL Content Filtering Service at
http://www.sonicwall.com/products/cfs.html
• N2H2 - N2H2 is a third party content filter software package supported by SonicWALL
security appliance.
• Websense Enterprise - Websense Enterprise is also a third party content filter list
supported by SonicWALL security appliance.
Clicking the Network > Zones link in Note: Enforce the Content Filtering per zone from the
Network > Zone page, displays the Network > Zones page for enabling SonicWALL Content
Filtering Service on network zones.
Restrict Web Features
Restrict Web Features enhances your network security by blocking potentially harmful Web
applications from entering your network.
Restrict Web Features are included with SonicOS. Select any of the following applications to
block:
• ActiveX - ActiveX is a programming language that embeds scripts in Web pages. Malicious
programmers can use ActiveX to delete files or compromise security. Select the ActiveX
check box to block ActiveX controls.
• Java - Java is used to download and run small programs, called applets, on Web sites. It
is safer than ActiveX since it has built-in security mechanisms. Select the Java check box
to block Java applets from the network.
• Cookies - Cookies are used by Web servers to track Web usage and remember user
identity. Cookies can also compromise users' privacy by tracking Web activities. Select the
Cookies check box to disable Cookies.
• Access to HTTP Proxy Servers - When a proxy server is located on the WAN, LAN users
can circumvent content filtering by pointing their computer to the proxy server. Check this
box to prevent LAN users from accessing proxy servers on the WAN.
• Known Fraudulent Certificates - Digital certificates help verify that Web content and files
originated from an authorized party. Enabling this feature protects users on the LAN from
downloading malicious programs warranted by these fraudulent certificates. If digital
certificates are proven fraudulent, then the SonicWALL security appliance blocks the Web
content and the files that use these fraudulent certificates. Known fraudulent certificates
blocked by SonicWALL security appliance include two certificates issued on January 29
and 30, 2001 by VeriSign to an impostor masquerading as a Microsoft employee.