Professional Documents
Culture Documents
Page 1
Content Filtering Service Categories .......................................... 21
1. Violence/Hate/Racism ......................................................................... 21
2. Intimate Apparel/Swimsuit ................................................................... 21
3. Nudism ................................................................................................ 21
4. Pornography ........................................................................................ 21
5. Weapons ............................................................................................. 22
6. Adult/Mature Content .......................................................................... 22
7. Cult/Occult ........................................................................................... 22
8. Drugs/Illegal Drugs .............................................................................. 22
9. Illegal Skills/Questionable Skills .......................................................... 22
10. Sex Education ................................................................................... 23
11. Gambling ........................................................................................... 23
12. Alcohol/Tobacco ................................................................................ 23
Limited Warranty
SonicWALL, Inc. warrants that commencing from the delivery date to Customer (but in any
case commencing not more than ninety (90) days after the original shipment by SonicWALL),
and continuing for a period of twelve (12) months, that the product will be free from defects
in materials and workmanship under normal use. This Limited Warranty is not transferable
and applies only to the original end user of the product. SonicWALL and its suppliers' entire
liability and Customer's sole and exclusive remedy under this limited warranty will be
shipment of a replacement product. At SonicWALL's discretion the replacement product may
be of equal or greater functionality and may be of either new or like-new quality. SonicWALL's
obligations under this warranty are contingent upon the return of the defective product
according to the terms of SonicWALL's then-current Support Services policies.
This warranty does not apply if the product has been subjected to abnormal electrical stress,
damaged by accident, abuse, misuse or misapplication, or has been modified without the
written permission of SonicWALL.
Convention Use
Alert! Important information that cautions about features affecting firewall performance, security
features, or causing potential problems with your SonicWALL.
Tip! Useful information about security features and configurations on your SonicWALL.
Note: Important information on a feature that requires callout for special attention.
Web: http://www.sonicwall.com
E-mail: sales@sonicwall.com
mysonicwall.com
mysonicwall.com delivers a convenient, one-stop resource for registration, activation, and
management of your SonicWALL products and services. Your mysonicwall.com account
provides a single profile to do the following:
• Register your SonicWALL Internet Security Appliances
• Purchase/Activate SonicWALL Security Services and Upgrades
• Receive SonicWALL firmware and security service updates and alerts
• Manage (change or delete) your SonicWALL security services
• Access SonicWALL Technical Support
Creating a mysonicwall.com account is easy and free. Simply complete an online registration
form. Once your account is created, you can register SonicWALL Internet Security
Appliances and activate any SonicWALL Security Services associated with the SonicWALL.
Your mysonicwall.com account is accessible from any Internet connection with a Web
browser using the HTTPS (Hypertext Transfer Protocol Secure) protocol to protect your
sensitive information. You can also access mysonicwall.com license and registration services
directly from the SonicWALL management interface for increased ease of use and simplified
services activation.
If you activated SonicWALL CFS Standard at mysonicwall.com, the CFS Standard activation
is automatically enabled on your SonicWALL within 24-hours or you can click the
Synchronize button on the Security Services>Summary page to update your SonicWALL.
2. Enter your mysonicwall.com account username and password in the User Name and
Password fields, then click Submit. The System>Licenses page is displayed. If your
SonicWALL is already connected to your mysonicwall.com account, the
System>Licenses page appears after you click the SonicWALL Content Filtering
Subscription link.
3. Click Activate or Renew in the Manage Service column in the Manage Services Online
table. Type in the Activation Key in the New License Key field and click Submit. Your
SonicWALL CFS Standard subscription is activated on your SonicWALL.
Alert! If you are using SonicWALL CFS Standard on a SonicWALL running SonicOS Enhanced,
you must enable SonicWALL CFS Standard on each Zone in the Network>Zones page.
See “Enabling CFS Standard Enforcement by Zones” on page 22 for more information.
Note:If the server is unavailable, the firewall can allow access Web sites in the cache memory. This
means that by checking the "block access to all sites" checkbox, the firewall will only block
Web sites that are not in the cache memory.
Block traffic to all Web sites - Select this feature if you want the SonicWALL security
appliance to block access to all Web sites until the content filter server is available.
Allow traffic to all Web sites - Select this feature if you want to allow access to all web
sites when the content filter server is unavailable. However, Forbidden Domains and
Keywords, if enabled, are still blocked.
• If URL marked as blocked - If you have enabled blocking by Categories and the URL is
blocked by the server, there are two options available.
Block Access to URL - Selecting this option prevents the browser from displaying the
requested URL to the user.
Log Access to URL - Selecting this option records the requested URL in the log URL Cache
Configures the URL Cache size on the SonicWALL. The default Cache Size (KBs) varies
depending on your SonicWALL model.
URL Cache
Configures the URL Cache size on the SonicWALL security appliance.
Tip! A larger URL cache size can provide noticeable improvements in Internet browsing
response times.
Note: See “To remove a computer from the list of computers to be filtered, highlight the IP
address in the Mandatory Filtered IP Addresses list and click Delete.” on page 21 for a
detailed description of the criteria used to define the Content Filtering Service categories.
Forbidden Domains
To block a Web site that is not blocked by the Content Filtering Service, click Add, and enter
the host name general root domain, such as “bad-site.com” into the Forbidden Domains
field. 1024 entries can be added to the Forbidden Domains list if you are using SonicOS
Enhanced, and 256 entries can be added if you are using SonicOS Standard.
Alert! Do not include the prefix “http:// or https://” in either the Allowed Domains or Forbidden
Domains the fields. All subdomains are affected. For example, entering “yahoo.com”
applies to “mail.yahoo.com” and “my.yahoo.com”.
To remove a trusted or forbidden domain, select it from the appropriate list, and click Delete.
Once the domain has been deleted, the Status bar displays Ready.
Alert! Selct keywords carefully. The longer and more specific the keyword, the more accurate the
results will be. For example, blocking the keyword “Sex” because of its correlation with porn
sites may also block trusted sites such as msexchange.somedomain.com.
HTTPS Domains
HTTPS traffic, such as Web proxys, are blocked using an IP address, this is because the
traffic is enrypted, so there is no way to extract domain names from the packet stream. To
find the site’s IP address(s), use the DOS command nslookup and add the proxy site of your
choice: nslookup kproxy.com. Then navigate back to the Custom List tab and enter the
Web proxy site’s IP address(s) in the Forbidden Domains field.
Tip! Time of Day restrictions only apply to the Content Filtering Service. Customized blocking
and Keyword blocking. Consent and Restrict Web Features are not affected.
• Always
When selected, Content Filtering is enforced at all times.
• From
When selected, Content Filtering is enforced during the time and days specified. Enter
the time period, in 24-hour format, and select the starting and ending day of the week that
Content Filtering is enforced.
To enable the Consent properties, select Require Consent. The following options are
available under Consent Page URL:
• Maximum Web Usage (minutes)
In an environment where there are more users than computers, such as a classroom or
library, time limits are often imposed. The SonicWALL can be used to remind users when
their time has expired by displaying the page defined in the Consent page URL field.
Enter the time limit, in minutes, in the Maximum Web usage field. When the default value
of zero (0) is entered, this feature is disabled.
• User Idle Timeout (minutes)
After a period of Web browser inactivity, the SonicWALL requires the user to agree to the
terms outlined in the Consent page before accessing the Internet again. To configure the
value, follow the link to the Users window and enter the desired value in the User Idle
Timeout section.
• Consent Page URL (optional filtering)
When a user opens a Web browser on a computer requiring consent, they are shown a
consent page and given the option to access the Internet with or without content filtering.
This page must reside on a Web server and be accessible as a URL by users on the
network. It can contain the text from, or links to an Acceptable Use Policy (AUP).
Mandatory IP Filtering
This feature can be used to display warnings and terms of use information. The Consent
Page is enforced based on IP Addressing. This allows the administrator to enforce the
consent notice to anyone using all computers or specified groups of computers. This feature
does not require the administrator to configure user logins. It can be easily implemented for
Wireless Guest Services, Libraries and Hotels. It will block access to the Internet until the
user acknowledges the notice and provides consent. The administrator can also configure
several options including bypassing the content filter.
How to set up Mandatory IP Filtering
1. Create a Web page with the company’s terms of use, name it man.html and publish it on
the Web server so that the page is accessible as a URL on the network. Fig 1.1 shows a
sample Mandatory IP Filter page.
2. Try accessing the Mandatory filter page from the network by hitting
Http://(web server IP)/man.html.
3. The Click Here hyperlink must be Http://(SonicWALL LAN IP)/iAcceptFilter.html.
Note: Enforce the Content Filtering Service per zone from the Network > Zones page on SonicOS
Enhanced, or per interface from the Network > Settings page on SonicOS Standard.
Note: Up to 128 IP addresses can be entered. To remove a computer from the list of computers
to be filtered.
13.highlight the IP address in the Mandatory Filtered IP Addresses list and click Delete.
14.Test the settings by accessing the Internet from a workstation that is listed under Filtered
IP Address in the Mandatory IP Filtering section. The SonicWALL appliance should
redirect the user to the mandatory page to agree to the terms of use before accessing the
Internet.
Adding a New Address
The SonicWALL can be configured to enforce content filtering for certain computers on
the LAN. Click Add to display the Add Filtered IP Address Entry window. Enter the IP
addresses of these computers in the Add New Address field and click Submit button.
Up to 128 IP addresses can be entered.
To remove a computer from the list of computers to be filtered, highlight the IP address
in the Mandatory Filtered IP Addresses list and click Delete.
1. Violence/Hate/Racism
Sites that depict extreme physical harm to people or property, or that advocate or provide
instructions on to cause such harm. Also includes sites that advocate, depict hostility or
agression toward, or denigrate an individual or group on the basis of race, religion, gender,
nationality, ethnic origin, or other involuntary characteristics.
Category Examples:
www.rotten.com
www.whitepower.com
www.bumfights.com
www.deathnet.com
2. Intimate Apparel/Swimsuit
Sites that contain images or offer the sale of swimsuits or intimate apparel or other types of
suggestive clothing. Does not include sites selling undergarments as a subsection of other
products offered.
Category Examples:
www.victoriassecret.com
www.fredericks.com
3. Nudism
Sites containing nude or seminude depictions of the human body. These depictions are not
necessary sexual in intent or effect, but may include sites containing nude paintings or photo
galleries of artistic nature. This category also includes nudist or naturist sites that contain
pictures of nude individuals.
Category Examples:
www.danheller.com
www.bodyscapes.com
www.nudistnews.com
4. Pornography
Sites that contain sexually explicit material for the purpose of arousing a sexual or prurient
interest.
Category Examples:
www.playboy.com
www.whitehouse.com
6. Adult/Mature Content
Sites that contain material of adult nature that does not necessarily contain excessive
violence, sexual content, or nudity. These sites include profane or vulgar content and sites
that are not appropriate for children.
Category Examples:
www.humanbomb.org
www.steakandcheese.com
www.punchbaby.com
7. Cult/Occult
Sites that promote or offer methods, means of instruction, or other resources to affect or
influence real events through the use of spells, curses, magic powers, satanic or supernatural
beings.
Category Examples:
www.satannet.com
www.churchofsatan.com
8. Drugs/Illegal Drugs
Sites that promote, offer, sell, supply, encourage or otherwise advocate the illegal use,
cultivation, manufacture, or distribution of drugs, pharmaceuticals, intoxicating plants or
chemicals and their related paraphernalia.
Category Examples:
www.marijuana.org
www.hightimes.com
11. Gambling
Sites where a user can place a bet or participate in a betting pool (including lotteries) online.
Also includes sites that provide information, assistance, recommendations, or training on
placing bets or participating in games of chance. Does not include sites that sell gambling
related products or machines. Also does not include sites for off-line casinos and hotels as
long as those sites do not meet one of the previous requirements.
Category Examples:
www.gambling.com
www.casino.com
www.sportsbook.com
12. Alcohol/Tobacco
Sites that promote or offer alcohol/tobacco products for sale, or provide the means to create
them. Also includes sites that glorify, tout, or otherwise encourage the consumption of
alcohol/tobacco. Does not include sites that sell alcohol or tobacco as a subset of other
products.
Category Examples:
www.budweiser.com
www.cigar.com
www.coors.com
©2008 SonicWALL, Inc. is a registered trademark of SonicWALL, Inc. Other product names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
Specifications and descriptions subject to change without notice.