Académique Documents
Professionnel Documents
Culture Documents
© 2002 SonicWALL, Inc. SonicWALL is a registered trademark of SonicWALL, Inc. Other product and company names mentioned herein may be
trademarks and/ or registered trademarks of their respective companies. Specifications and descriptions subject to change with out notice.
P/ N 232- 000455- 00
Rev A 11/ 03
Table of Contents
Preface .......................................................................................... 1
Copyright Notice ........................................................................................ 1
Limited Warranty ....................................................................................... 1
SonicWALL Content Filtering Service - Premium ......................... 3
About this Guide ............................................................................ 3
Guide Conventions .................................................................................... 4
Icons Used in this Guide ...................................................................... 4
SonicWALL Technical Support .................................................................. 4
Activating SonicWALL CFS Premium ........................................... 5
mySonicWALL.com ................................................................................... 5
Activating CFS Premium ........................................................................... 5
Activating a CFS Premium FREE TRIAL .................................................. 6
Security Services>Content Filtering .............................................. 7
Content Filter Status .................................................................................. 7
Content Filter Type .................................................................................... 8
Restrict Web Features ............................................................................... 8
Trusted Domains ....................................................................................... 9
Message to Display when Blocking ........................................................... 9
Configuring SonicWALL CFS Premium ...................................... 10
CFS ......................................................................................................... 10
Settings .............................................................................................. 10
URL Cache ........................................................................................ 10
URL Rating Review ............................................................................ 12
Policy ....................................................................................................... 12
Creating a CFS Policy ........................................................................ 13
Custom List ............................................................................................. 15
Consent ................................................................................................... 16
Web Usage Consent .......................................................................... 16
Mandatory IP Filtering ........................................................................ 17
Enabling Default CFS Enforcement by Zones ............................ 18
Applying Custom CFS Policy Enforcement to Groups ................ 19
Limited Warranty
SonicWALL, Inc. warrants that commencing from the delivery date to Customer (but in any
case commencing not more than ninety (90) days after the original shipment by SonicWALL),
and continuing for a period of twelve (12) months, that the product will be free from defects
in materials and workmanship under normal use. This Limited Warranty is not transferable
and applies only to the original end user of the product. SonicWALL and its suppliers' entire
liability and Customer's sole and exclusive remedy under this limited warranty will be
shipment of a replacement product. At SonicWALL's discretion the replacement product may
be of equal or greater functionality and may be of either new or like-new quality. SonicWALL's
obligations under this warranty are contingent upon the return of the defective product
according to the terms of SonicWALL's then-current Support Services policies.
This warranty does not apply if the product has been subjected to abnormal electrical stress,
damaged by accident, abuse, misuse or misapplication, or has been modified without the
written permission of SonicWALL.
Convention Use
Alert! Important information that cautions about features affecting firewall performance, security
features, or causing potential problems with your SonicWALL.
Tip! Useful information about security features and configurations on your SonicWALL.
Note: Important information on a feature that requires callout for special attention.
Web: http://www.sonicwall.com
E-mail: sales@sonicwall.com
mySonicWALL.com
mySonicWALL.com delivers a convenient, one-stop resource for registration, activation, and
management of your SonicWALL products and services. Your mySonicWALL.com account
provides a single profile to do the following:
• Register your SonicWALL Internet Security Appliances
• Purchase/Activate SonicWALL Security Services and Upgrades
• Receive SonicWALL firmware and security service updates and alerts
• Manage (change or delete) your SonicWALL security services
• Access SonicWALL Technical Support
Creating a mySonicWALL.com account is easy and free. Simply complete an online
registration form. Once your account is created, you can register SonicWALL Internet
Security Appliances and activate any SonicWALL Security Services associated with the
SonicWALL.
Your mySonicWALL.com account is accessible from any Internet connection with a Web
browser using the HTTPS (Hypertext Transfer Protocol Secure) protocol to protect your
sensitive information. You can also access mySonicWALL.com license and registration
services directly from the SonicWALL management interface for increased ease of use and
simplified services activation.
If you activated SonicWALL CFS Premium at mySonicWALL.com, the CFS Premium
activation is automatically enabled on your SonicWALL within 24-hours or you can click the
Synchronize button on the Security Services>Summary page to update your SonicWALL.
Alert! You must enable SonicWALL CFS Premium enforcement on each Zone in the
Network>Zones page. See “Enabling Default CFS Enforcement by Zones” on page 18 for
more information.
CFS
Settings
• If Server is unavailable for (seconds) - Sets the amount of time after the content filter
server is unavailable before the SonicWALL takes action to either block access to all Web
sites or allow traffic to continue to all Web sites.
Block traffic to all Web sites - Select this feature if you want the SonicWALL to block
all Web site access until the content filter server is available.
Allow traffic to all Web sites - Select this feature if you want to allow access to all web
sites when the content filter server is unavailable. However, Forbidden Domains and
Keywords, if enabled, are still blocked.
• If URL marked as blocked - If you have enabled blocking by Categories and the URL is
blocked by the server, there are two options available.
Block Access to URL - Selecting this option prevents the browser from displaying the
requested URL to the user.
Log Access to URL - Selecting this option records the requested URL in the log file.
URL Cache
Configures the URL Cache size on the SonicWALL.
Policy
SonicWALL CFS Premium with the blocking of all 56 categories is activated by default for all
users on the network. The Policy tab allows you to customize CFS Premium policies, which
you can then apply to specific user groups in the Users>Local Groups page. A custom CFS
Premium policy allows you to modify the default CFS Premium configuration to tailor your
content filtering policies for particular user groups on your network.
Note: Custom CFS policies are applied to user groups in the User>Local Groups page. See
“Applying Custom CFS Policy Enforcement to Groups” on page 19 for more information.
• To create new policy, click Add to display the Add CFS Policy window.
• To edit an existing policy, click the NotePad icon in the Policies table for the entry.
• To delete a policy, click the Trashcan icon in the Policies table for the entry.
• To delete all policies in the Policies table, click the Delete All button.
Creating a CFS Policy
1. Click Add to display the Add CFS Policy window.
2. In the Policy tab, enter a name for the policy in the Name field.
4. Uncheck any category you want to pass through SonicWALL Content Filtering Service in
the Select Forbidden Categories list. Move your mouse point over the Down or Up
button to automatically scroll through the list of CFS categories. Select the Select all
categories check box if you want to block all of these categories.
5. Click the Settings tab.
Custom List
On the Custom List tab, you can customize your URL list to include Allowed Domains and
Forbidden Domains that are applied globally to all policies. By customizing your URL list,
you can include specific domains to be allowed (accessed), forbidden (blocked), and include
specific keywords to be used to block sites.
To allow access to a Web site that is blocked by the Content Filtering Service, click Add, and
enter the host name, such as “www.ok-site.com”, into the Allowed Domains fields. 256 entries
can be added to the Allowed Domains list.
To block a Web site that is not blocked by the Content Filtering Service, click Add, and enter
the host name, such as “www.bad-site.com” into the Forbidden Domains field. 256 entries
can be added to the Forbidden Domains list.
Alert! Do not include the prefix “http://” in either the Allowed Domains or Forbidden Domains
fields. All subdomains are affected. For example, entering “yahoo.com” applies to
“mail.yahoo.com” and “my.yahoo.com”.
To remove a trusted or forbidden domain, select it from the appropriate list, and click Delete
Domain. Once the domain has been deleted, the Status bar displays Ready.
To enable blocking using keywords, click Add to display the Add Keyword Entry window.
Enter the keyword to block in the Keyword field, and click OK. To remove a keyword, select
it from the list and click Delete. Once the keyword has been removed, the Status bar displays
Ready.
Note: Only the default CFS Premium policy can be enabled or disabled for Zones.
To enabled CFS Premium for a particular Zone, follow these steps:
1. Select the Network>Zone page.
2. Click the Notepad icon in the Configure column for the Zone you want in the Zone
Settings table. The Edit Zone window is displayed.
3. To enable CFS Premium enforcement for the Zone, check Enforce Content Filtering
Service.
4. Click OK. A checkmark appears under Content Filtering for the Zone in the Zone
Settings table.
To disable CFS Premium enforcement for a Zone, uncheck the Enforce Content Filtering
Service setting in the Edit Zone window.
4. Select the custom CFS policy from the Policy menu. The policies in the Policy menu
include the Default policy and any other custom policies you created in the SonicWALL
Filter Properties window.
5. Click OK. The Caption icon appears in the CFS Policy column of the Local Groups
table. Moving your pointer of the icon displays the CFS policy applied to the group.
1. Violence/Hate/Racism
Sites that depict extreme physical harm to people or property, or that advocate or provide
instructions on to cause such harm. Also includes sites that advocate, depict hostility or
aggression toward, or denigrate an individual or group on the basis of race, religion, gender,
nationality, ethnic origin, or other involuntary characteristics.
Category Examples:
www.rotten.com
www.whitepower.com
www.bumfights.com
www.deathnet.com
2. Intimate Apparel/Swimsuit
Sites that contain images or offer the sale of swimsuits or intimate apparel or other types of
suggestive clothing. Does not include sites selling undergarments as a subsection of other
products offered.
Category Examples:
www.victoriassecret.com
www.fredericks.com
3. Nudism
Sites containing nude or semi-nude depictions of the human body. These depictions are not
necessary sexual in intent or effect, but may include sites containing nude paintings or photo
galleries of artistic nature. This category also includes nudist or naturist sites that contain
pictures of nude individuals.
Category Examples:
www.danheller.com
www.bodyscapes.com
www.nudistnews.com
4. Pornography
Sites that contain sexually explicit material for the purpose of arousing a sexual or prurient
interest.
Category Examples:
www.playboy.com
www.whitehouse.com
6. Adult/Mature Content
Sites that contain material of adult nature that does not necessarily contain excessive
violence, sexual content, or nudity. These sites include profane or vulgar content and sites
that are not appropriate for children.
Category Examples:
www.humanbomb.org
www.steakandcheese.com
www.punchbaby.com
7. Cult/Occult
Sites that promote or offer methods, means of instruction, or other resources to affect or
influence real events through the use of spells, curses, magic powers, satanic or supernatural
beings.
Category Examples:
www.satannet.com
www.churchofsatan.com
8. Drugs/Illegal Drugs
Sites that promote, offer, sell, supply, encourage or otherwise advocate the illegal use,
cultivation, manufacture, or distribution of drugs, pharmaceuticals, intoxicating plants or
chemicals and their related paraphernalia.
Category Examples:
www.marijuana.org
www.hightimes.com
11. Gambling
Sites where a user can place a bet or participate in a betting pool (including lotteries) online.
Also includes sites that provide information, assistance, recommendations, or training on
placing bets or participating in games of chance. Does not include sites that sell gambling
related products or machines. Also does not include sites for off-line casinos and hotels as
long as those sites do not meet one of the previous requirements.
Category Examples:
www.gambling.com
www.casino.com
www.sportsbook.com
12. Alcohol/Tobacco
Sites that promote or offer alcohol/tobacco products for sale, or provide the means to create
them. Also includes sites that glorify, tout, or otherwise encourage the consumption of
alcohol/tobacco. Does not include sites that sell alcohol or tobacco as a subset of other
products.
Category Examples:
www.budweiser.com
www.cigar.com
www.coors.com
17. Education
Sites that offer educational information, distance learning and trade school information or
programs. Also includes sites that are sponsored by schools, educational facilities, faculty, or
alumni groups.
Category Examples:
www.education-world.com
www.ed.gov
www.nyu.edu
22. Games
Sites that provide information and support game playing or downloading, video games,
computer games, electronic games, tips, and advice on games or how to obtain cheat codes.
Also includes sites dedicated to selling board games as well as journals and magazines
dedicated to game playing. Includes sites that support or host online sweepstakes and
giveaways.
Category Examples:
www.nintendo.com
www.gamespot.com
www.gamesdomain.com
23. Government
Sites sponsored by or which provide information on government, government agencies and
government services such as taxation and emergency services. Also includes sites that
discuss or explain laws of various governmental entities.
Category Examples:
www.whitehouse.gov
www.federalreserve.gov
24. Military
Sites that promote or provide information on military branches or armed services.
Category Examples:
www.army.mil
www.navy.mil
www.af.mil
26. Health
Sites that provide advice and information on general health such as fitness and well-being,
personal health or medical services, drugs, alternative and complimentary therapies, medical
information about ailments, dentistry, optometry, general psychiatry, self-help, and support
organizations dedicated to a disease or condition.
Category Examples:
www.cvs.com
www.webmd.com
30. E-Mail
Sites offering Web-based e-mail services, such as online e-mail reading, e-cards, and mailing
list services.
Category Examples:
www.email.com
www.hotmail.com
36. Reference
Sites containing personal, professional, or educational reference, including online
dictionaries, maps, census, almanacs, library catalogues, genealogy-related sites and
scientific information.
Category Examples:
www.dictionary.com
www.encarta.com
www.familysearch.org
37. Religion
Sites that promote and provide information on conventional or unconventional religious or
quasi-religious subjects, as well as churches, synagogues, or other houses of worship. Does
not include sites containing alternative religions such as Wicca or witchcraft (Cult/Occult) or
atheist beliefs (Political/Advocacy Groups).
Category Examples:
www.catholic.net
www.gospel.com
www.lds.org
38. Shopping
Sites that provide or advertise the means to obtain goods or services. Does not include sites
that can be classified in other categories such as vehicles or weapons.
Category Examples:
www.amazon.com
www.tigerdirect.com
45. Travel
Sites that promote or provide opportunity for travel planning, including finding and making
travel reservations, vehicle rentals, descriptions of travel destinations, or promotions for
hotels or casinos.
Category Examples:
www.travelocity.com
www.luxor.com
www.orbitz.com
www.hertz.com
46. Vehicles
Sites that provide information on or promote vehicles, boats, or aircraft, including sites that
support online purchase of vehicles or parts.
Category Examples:
www.autotrader.com
www.boattrader.com
47. Humor/Jokes
Sites that primarily focus on comedy, jokes, fun, etc. May include sites containing jokes of
adult or mature nature. Sites containing humorous adult content also have an Adult/Mature
Content rating.
Category Examples:
www.ahajokes.com
www.comedycentral.com
www.the-jokes.com
48. MP3/Streaming
Sites that sell, deliver, or stream music or video content in any format, including sites that
provide downloads for such viewers.
Category Examples:
www.mp3.com
www.windowsmedia.com
www.musiccity.com
54. Advertisement
Sites that provide online advertisements or banners. These sites will always be allowed. Does
not include advertising servers that serve adult-oriented advertisements.
Category Examples:
rd.companion.yahoo.com
adserver.inetzone.com
56. Other
Sites not fitting into any of the other categories.