Category Archives: How to filter internet access

How to filter the internet access for business network?

The internet has been turned to an invaluable tool in business. However, the availability of internet currently has given
an important risk factor to the employer liability and at the same time
consumes the employers 90% of hours in productivity.

Therefore internet access shall be filtered and restricted to keep the working productivity of your employees.

There have several ways to filter internet access:

1. Setup an network internet filtering program.
With a filtering program, you will be able to filter internet access of all computers in your network from ONE computer only.
There have a lot such products in the market. For example, WFilter
Enterprise, or Websense Enterprise are very helpful for you to filter internet access of network computers.

Passby internet filtering products usually require you to setup a mirroring port in a manageable switch. Setting up a mirroring port does no change to your network toplogly and it will not influence your network performance.

2. Setup ACL policy in your Router/Firewall/UTM. Firewall devices can
enable you to block websites/ports/ip addresses. So you also can setup
ACL rules in your firewall to block certain traffic. For more
information about UTM solution, please visit http://www.astaro.com

3. Filter websites from the dns server. You may try “opendns” solution.
Opendns solution is simple and easy to setup. However, with this
solution, there can only have one policy for your entire network.

How to block internet access of guest computers in network?

Guest computers might come and leave for a network. However, unmanaged internet access of guest computers could be a nightmare for your network. Guest computers can consume most of your bandwidth with p2p downloading, and download copyrighted materials or virus which might be harmful.

This tutorial will guide you to setup a default internet blocking policy for guest computers with WFilter 3.3 version.

1. Set a different ip address range for guest computers.

If guest computers share a same ip address range with your existing computers, you won’t be able to recognize them. For management purpose, the guest computers shall be in a different ip address range. For example:

1. Allocate all you existing computers with static ip addresses from “192.168.1.0″ to “192.168.1.200″.

2. In your wireless AP, set the DHCP range from “192.168.1.200″ to “192.168.1.250″.

Now every guest computers(mostly laptops) will get an ip address in range “192.168.1.200 – 192.168.1.250″. Then you can set a blocking policy for them in WFilter.

2. Setup default blocking policies for certain ip ranges.

Now you can setup a default blocking policy for ip address in range “192.168.1.200 – 192.168.1.250″. Every new computers in this ip range will be applied with this default policy.

Please notice: If you can not setup a different DHCP range for guest computers, you also can enable this “default monitoring policy” for new found computers. This feature is for WFilter to automatically configure monitoring and blocking policy when it detects a new computer.

More information, please check “WFilter Enterprise”.

Other related links:

How to
block internet downloading?

How
to monitor internet usage on company network?

Internet
monitoring software for business

How to filter
web surfing?

How
to block websites and restrict internet access?

How
to block HTTPS websites on my network?

 

How WFilter works to block internet connections in network?

How WFilter works to monitor and archive internet activities?

WFilter is an enterprise Internet filtering software program. A business or
organization can implement its Internet communication policy into
WFilter and let it perform the work.
WFilter intercepts, records and monitors Internet behaviors of users
on a network, for the purpose of ensuring policy compliance, or
measurement on job performance in an organization.

A mirroring port replicates the data from other ports or VLAN’s. To monitor all internet activity, WFilter needs to be connected to a mirroring port of your switch.  And the mirroring port shall be configured to mirror your internet traffic.

When connected to a mirroring port, WFilter gets packet copies of all internet traffic, then decodes and saves them into log files. This is how WFilter works to monitor internet usage.

For more information about how to setup port mirroring, please check: WFilter Deployment Examples.
To check whether your port mirroring is properly configured, please check: How to check whether port mirroring is properly configured?
If you don’t have a manageable switch, you need to setup a windows gateway or proxy server to do monitoring, please check: How to monitor internet usage without a manageable switch?

How WFilter works to block internet connections?

Many users had asked: “Since WFilter only handles packet copies and the original packets don’t pass through WFilter machine, how WFilter works to block internet connections?”

Actually, there are two filtering technology: pass-through filtering and pass-by filtering.

With a pass-through filtering solution, packets shall pass through the filtering product; if a packet needs to be blocked, the filtering product just drop it.

However, a pass-by filtering product only handles copies of network packets, it can not hold the original packets. Therefore, it sends RST packets to terminate TCP connections. This is how WFilter works to block connections.

Please notice:

1. Since WFilter needs to send RST packets to block a connection, the “blocking adapter” of WFilter shall be able to access your network. The blocking adapter shall be configured in “System Settings”->”Monitoring Settings” of WFilter.

2. Some switches do not allow outgoing traffic on the mirroring port, if so, you need to setup a separate NIC as the blocking adapter. Even outgoing traffic is allowed on the mirroring port, we recommend you to use a secondary NIC for blocking when you’re managing over 100 computers.  Otherwise, the monitoring adapter will be overloaded.

3. If you have multiple VLANs, the blocking adapter shall belong to a VLAN which can communicate with other VLANs.

4. Sometimes you might need to set “Automatic Metric” of the blocking adapter for windows to recognize this adapter as the primary adapter. Please check this blog topic: Blocking adapter doesn’t work when using two network cards with WFilter.

For more information about difference of the two filtering solutions, please check: What’s the difference between Pass-by filtering and Pass-through filtering?
More details about WFilter filtering technology, please check: WFilter Technologies and Security

How can I block tor or other similiar application?

1. What is tor ?

Tor is a system intended to enable online anonymity, composed of client software and a network of servers which can mask information about users’ locations and other factors which might identify them. Use of this system makes it more difficult to trace internet traffic to the user, including visits to Web sites, online posts, instant messages, and other communication forms. It is intended to protect users’ personal freedom, privacy, and ability to conduct confidential business, by keeping their internet activities from being monitored. The software is open-source and the network is free of charge to use.

Since client workstations can use tor to bypass internet filtering, so you may want to block tor traffic in your network.

In this tutorial, we will guide you to block tor traffic with “WFilter
Enterprise 3.3″.

2. How to block tor with Wfilter?

Because tor uses HTTP/TLS to encrypt its traffic, we need to use “HTTPS black/white list” feature of WFilter to filter HTTPS websites to block tor.

First, create a new “HTTPS White List” and add the allowed HTTPS domains in it. As in below figure:


Enable “HTTPS black/white list” in certain blocking level settings.

Finally, apply this blocking policy to certain computers.

3. Now tor will be completely blocked.


Blocking events in WFilter:

More information, please check “WFilter Enterprise”.

Other related links:

How to block
internet downloading?

How
to monitor internet usage on company network?

Internet
monitoring software for business

How to filter web
surfing?

How to block websites and restrict internet access?
How to block HTTPS websites on my network?

How to block HTTPS websites on my network?

Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol with the SSL/TLS protocol to provide encryption and secure (website security testing) identification of the server. It uses port 443. HTTPS connections are often used for payment transactions on the World Wide Web and for sensitive transactions in corporate information systems.
As more and more websites provide both HTTP and HTTPS access. For example, facebook.com can be access both from “http://www.facebook.com” and “https://www.facebook.com”. So you can not block facebook completely until both http and https are blocked. However, HTTPS are widely used in payment transactions, web email authentication …, so block all HTTPS traffic will not be a good choice.

“WFilter Enterprise” provides you a “HTTPS black/white List” for you to filter HTTPS websites by its domain name.

First, enable “HTTPS Black/white List”.


Second, add HTTPS domains in the black list.

More information, please check “WFilter Enterprise”.
Other
related links:
How to block
internet downloading?

How
to monitor internet usage on company network?

Internet
monitoring software for business

How to filter web
surfing?

How to block websites and restrict internet access?
How to Block Bittorrent and bitcomet?
How to block msn file transfer?
How to block certain websites to save your productivity?
How to block AIM using WFilter?

How to block BBC online video with WFilter?

One customer reported that BBC online video can not be blocked by WFilter, even “Block Online HTTP Video and Downloading of Video Files” is checked in certain blocking levels.
So we did some research and found, other than HTTP protocol, the BBC websites also use the RTMP (Real Time Messaging Protocol) to play online video.
Because blocking of RTMP is not supported by default in WFilter(will be added soon), this tutorial will guide you to block BBC online video by the “Customize Protocols” feature of WFilter.

First, Add a new protocol named “RTMP”.


1. Protocol Settings:
Protocol Name: RTMP
Protocol Desc: Real Time Messaging
Protocol Type: Streaming

2. Pattern1
Name: RTMP_HTTP
Desc: RTMP_HTTP
Type: HTTP SEND
Offset: 0
Format: User-Agent
Content: Shockwave\sFlash

3. Pattern2
Name: RTMP
Desc: RTMP
Type: TCP_SEND
Offset: 0
Begin Byte: 03
Format: 0
Content: \x03[\x00-\xff]{4}\x80\x00

Second, Enable blocking of RTMP in certain blocking levels.

Now, BBC videos will be successfully blocked.

Related Topic: How to block bbc iplayer?

How to restrict employees internet access on your network?

Internet can be a benefit to business when used properly, but internet
is often abused by employees and poses significant liability and
security risks. Used
improperly, the Internet can subject every organization to harassment claims,
countless hours of lost productivity and innumerable security leaks and
vulnerabilities.

Several important risks caused by improper internet usage:
1. Virus Infection
2. Lost Productivity
3. Legal liability
4. Bandwidth consumer

So it is necessary for you to restrict employees internet access on your network.

To achieve this goal,  first you need an internet access policy, which should be able to:

1. Clarify what constitutes acceptable use of Internet services.
2. Ensure employees understand who to contact with questions regarding acceptable use.
3. Ensure employees understand the penalties that arise from Internet misuse.
4. Help lessen an organization’s spyware and virus infestation rates.
5. Provide human resources with signed documentation from each employee stating a pledge not to improperly use Internet services.
6. Help mitigate productivity losses.
7. Decrease dependence upon technology solutions used to enforce employee behavior.
8. Reduce the organization’s liability resulting from harassment claims, copyright violations originating onsite and other illegal acts.

You also need an internet filtering product to assure your internet policy. Let’s take “WFilter Enterprise” as an example, it enables you to monitor and filter internet access for all computers from a mirroring port of your switch. You only need to install WFilter in one computer to monitor the whole network.

Key Features:

  • Keep a detailed record of each web surfing and web posting.
  • Record all incoming and outgoing email content and attachment.
  • Monitor and archive instance messengers chat contents and activities.
  • Monitor and archive files transferred by web, ftp and IM tools.
  • Implement a policy to filter internet access during working hours.
  • Websites, messengers and p2p file downloading can be blocked to save bandwidth and raise productivity.
  • You only need to install WFilter in ONE computer to manage your whole network.

http://www.wfiltericf.com

How to block file uploading to internet in business networks?

For security purpose, you might want to block employees file uploading to internet on your network. However, since there are so many tools can be used for uploading, it is extremely difficult to block them all.

Files can be uploaded in various ways:
1. Upload to certain websites, eg: webmail, file sharing websites…
2. Using msn/yahoo/icq messengers to send files.
3. Email attachments.
4. FTP
5. Other third party tools.

WFilter provide a simply solution to block file uploading on company networks. Using WFilter, you can block file uploading and file transfers of all computers from ONE computer.

This tutorial will guide you to block file uploading using WFilter.

First, block file uploading to websites.


Please notice “block uploading files via web pages” only works on HTTP websites. To control HTTPs websites, you can use “HTTPS black/white list” in “Others” of WFilter.

Second, block email attachments.

Third, block FTP and file transfer via messengers.

Last, block unknown protocols.

Blocking unknown protocols blocks file uploading using other unknown third party programs.


More information, please check “WFilter Internet Content Filter”.

How to block facebook game using WFilter?

Sometimes you may want to block facebook games during working hours. This tutorial will guide you to block facebook games using “WFilter Enterprise”.

First, add a website black list.


Second, choose this website black list in certain blocking policy.


Third, apply this blocking policy to certain computers.


Now, facebook game is blocked.

How to block bbc iplayer on company network?

BBC iPlayer (formerly known as Integrated Media Player (iMP), Interactive Media Player, and MyBBCPlayer) is an internet television service, P2P, cable television, and several mobile devices developed by the BBC to extend its existing RealPlayer-based “Radio Player” and other streamed video clip content.

As online iPlayer may consume much internet bandwidth, this tutorial will guide you to block BBC iPlayer using WFilter. We suppose WFilter is already properly installed and is capable of monitoring/blocking other computers, if not, please read How to monitor internet usage on company network first.

WFilter’s “website black list” is based on website domains, so we can not use “website black list” to block iPlayer, since iPlayer is a subfolder of www.bbc.co.uk without a individual domain. However, we still can use “URL Keywords Filtering” feature to block url with certain keywords.

The below example demonstrates blocking of url with keyword “iplayer”.

1. Create a blocking policy, and enable “URL Keywords Filtering”.


2. Choose “Streaming Media” category and click the edit icon to edit its keywords list.


Please notice: WFilter already has some default keywords(the default
keywords are hidden). For example, “video” is already included in the
“Streaming Media” category. If you only want to block “iplayer”, you can add a new category in “Category Settings”->”Customize Categories” of WFilter.

In this example, we need to add “iplayer” to the keywords list:

3. Apply this blocking policy to certain computers.

4. By now, urls with keywords “iplayer” will be blocked.

More information, please check “WFilter Enterprise”.
Other related links:
How to block internet downloading?
How to monitor internet usage on company network?
Internet monitoring software for business
How to filter web surfing?
How to block websites and restrict internet access?
How to Block Bittorrent and bitcomet?
How to block msn file transfer?
How to block certain websites to save your productivity?
How to block AIM using WFilter?