Web Content Filter is a license-required service using URL categorization service from CYREN for filtering the websites. The service allows the router to learn which kind of website the client is trying to access, and enables Network Administrator to control the access to all the URLs of corresponding category, without specifying each of their URL. This article demonstrates how to use the Web Content Filter of Content Security Management to block all the social networking websites.
1. Add a new WCF profile: Go to CSM >> Web Content Filter Profile,
2. Configure the WCF profile as follows:
3. To filter the HTTPS websites as well, adding a DNS Filter is required. DNS Filter is an extension of URL Content Filter and Web Content Filter to make sure the HTTPS (encrypted) websites will also be filtered. DNS Filter allows Network Administrator to block or pass the DNS queries that contain specific keywords, thus to control the access to HTTPS websites. Go to CSM >> DNS Filter, and click on a profile index.
4. Edit the DNS profile as follows,
5. To apply the Web Content Filter and DNS Filter, go to Firewall >> Filter Setup >> Set 2, and click on a Filter Rule number
6. After finishing the above settings, all the social networking websites will be blocked by Web Content Filter and DNS Filter with Vigor Router, even if the website uses HTTPS.
If there's a website you would like to allow access but it belongs to the social networking category, you may add its URL into the White List of Web Content Filter profile. Below we take "www.linkedin.com" for example.
1. Go to Objects Setting >> Keyword Object, create an object and enter the keyword of that website's URL in Contents.
2. Edit the Web Content Filter profile as follows,
3. Now, the LAN clients will be able to visit www.linkedin.com even if it's categorized as a Social Networking website.
If Web Content Filter does not work as expected, please check the following items:
1. Make sure your Content Filter License is activated. Go to Objects Setting >> Web Category Object >> Content Filter License, and check if the status of license is enabled.
2. Go to Object Setting >> Web Category Object >> Web Category Object. After activating the Web Content Filter service via “Content Filter License”, click Add in the “Web Category Object” to start.
3. Enter a profile name, and choose the categories you want to filter. Here we choose Social Networking. Then, click Apply to save the profile. (Note: We can check out which category a website belongs to by visiting http://www.cyren.com/url-category-check.html)
4. Go to Firewall >> Filter Setup >> URL/Web Category Filter, and click Add.
5. Type a Profile name, check Enable, and select "Enable" for Filter https. Check the profile created in the previous step in policy > Web Category Block. Then, click Apply to save the settings.
6. (Optional) To apply this firewall only at a specific time (e.g., working hours), at Time Schedule, create a Time Object specifying the time you'd like to apply this rule and select the object.
7. (Optional) To apply this firewall only to specific IP range (e.g., the employee's IP), at Source IP, create a Source IP Object specifying the IP range need to follow this rule and enable it.
8. Now, LAN clients should see the message below when they try to access a networking website, such as Facebook.
Published On: 2018-01-25
Was this helpful?