Category Archives: How to filter internet access

How to block sending emails with attachment on company network?

WFilter can be used to block sending/receiving emails, block sending attachments and filter email accounts. And you only need to install WFilter in one computer to monitor all computers in your network.

This tutorial will guide you to block outgoing emails with attachments.

1. Block outgoing emails with attachment(s)

This feature can block sending of emails with attachments via SMTP protocol.

1.1 Add a new blocking level, as in the below figure:

1.2 Set a proper “Level Name” and “Level Desc”, check “Block sending emails with attachment(s)”, as in Figure 2:

1.3 Apply this new blocking level to certain users in “User-computer Table”, as in the below figure:

1.4 Emails with attachment(s) will be blocked, as in Figure 4:

Blocking adapter doesn’t work when using two network cards with WFilter.

Some switches does not allow outgoing traffic on a mirroring port. In this case, WFilter needs a separate blocking adapter to send blocking packets. And if you’re monitoring and filtering more than 100 computers, we recommend you to use a different blocking adapter as the monitoring adapter.

When the two network cards are installed, we will want the Windows system to use the blocking adapter to access your network. However, sometime the Windows system might pick up the monitoring adapter and fails to connect to your network. This problem can be resolved by the “Automatic Metric” setting in Windows.

A metric is a value that is assigned to an IP route for a particular
network interface that identifies the cost that is associated with
using that route. The Automatic Metric feature is configured independently for each network interface in the network. This feature is useful in situations where you have more than one
network interface of the same speed, for example, when each network
interface has been assigned a default gateway. In this situation, you
may want to manually configure the metric on one network interface, and
enable the Automatic Metric feature to configure the metric of the
other network interface. This setup can enable you to control the
network interface that is used first in the routing of IP traffic.

In our case, the “Automatic Metric” of the blocking adapter shall be smaller than the monitoring adapter. So by setting “Automatic Metric” of the blocking adapter to “1″, and the monitoring adapter to “2″, Windows system will use the blocking adapter to access your network.

How to control internet bandwidth usage on network?

Traffic Shaping and Prioritization is becoming more and more common in the corporate market. Most companies with remote offices are now connected via a WAN (Wide Area Network). Applications tend to become centrally hosted at the head office and remote offices are expected to pull data from central databases and server farms. As applications become more hungry in terms of bandwidth and prices of dedicated circuits being relatively high in most areas of the world, instead of increasing the size of their WAN circuits, companies feel the need to properly manage their circuits to make sure business-oriented traffic gets priority over best-effort traffic. Traffic shaping is thus a good means for companies to avoid purchasing additional bandwidth while properly managing these resources.

With a linux gateway, you have a very rich set of tools for managing and manipulating the transmission of packets. More details can be found at: http://linux-ip.net/articles/Traffic-Control-HOWTO/index.html, However, sometimes it might be difficult for you to deploy a linux gateway server.

This tutorial will guide to implement a passby bandwidth management solution, which enables you to manage internet bandwidth through a mirroring port on your switch. Port mirroring allows you to setup a port in the switch to receive packets of other ports. Setting up a mirror port does no change to your network topology, and it will not affect your network speed.

Let’s take WFilter as an example:

First, setup a mirroring port.

When the port mirroring is properly setup, WFilter will be able to monitor all computers internet activities.

Bandwidth Management Settings

Using WFilter’s bandwidth management feature, you can set a maximum accumulating bandwidth of each computer for a period time. In this example, each user can have 200M internet bandwidth every day. Only messengers and emails are allowed when the bandwidth limit is reached.

You also can setup a policy to block certain users when available
internet bandwidth of the entire network is not enough. For example,
When entire network traffic exceeds 80% of available internet
bandwidth, p2p traffic will be blocked.


Bandwidth Alert Settings

And the bandwidth alert feature will send you an alert email when the accumulating bandwidth of a computer is too large.

More information, please check “WFilter Enterprise”.
Other related links:
How to block websites at work during working hours?
How to block video streaming on company network?
How to block internet downloading?
How to monitor internet bandwidth?
How to monitor internet usage on company network?
How to block instant messaging on company network?
How to filter websites and restrict website access?

How to setup ip-mac binding in WFilter?

You may assign static ip addresses to computers manually or in your DHCP server. However, it is difficult to prevent users from changing their ip addresses or mac addresses. Though it is more reasonable to setup ip-mac binding in routers or switches, software solution is also a good option, as it is easier to setup and manage.

This tutorial will guide you to bind ip addresses to mac addresses in WFilter, an internet filtering and monitoring software product.

First, you need to setup a mirror port in your switch to do monitoring.
For how to deploy internet monitoring and filtering, check this guide: How to monitor internet usage?

Second, in “Control Settings”->”IP Management” of WFilter, you can setup ip-mac binding just by a few clicks.

i
When ip-mac binding is setup, internet access will be blocked when the user tries to change ip address or mac address.

Please notice: “ip-mac binding” feature of WFilter only works for single segment networks. It is because the real MAC addresses of computers can not be retrieved  in a multiple-segments network.


 

How to filter websites and restrict website access?

Unmanaged websites surfing is killing your productivity. And your computer and network is open to attack when visiting harmful sites.
So it is important to block unwanted websites in your network. Blocking of websites can be done in many ways. These include using free software and windows settings. There are even many add-ons for browsers like Firefox which let you check and restrict websites.

This tutorial will guide you to filter and block websites access in 4 ways.

1. manually editing the “host” file.

In “Local Disk (C:) > WINDOWS > system32> drivers > etc”, you will find a file named “host”. The Hosts file contains the mappings of IP addresses to host names. This file is loaded into memory (cache) at startup, then Windows checks the Hosts file before it queries any DNS servers, which enables it to override addresses in the DNS. This prevents access to the listed sites by redirecting any connection attempts back to the local (your) machine.
You may use “notepad.exe” to edit this Hosts file.
Example – the following entry 127.0.0.1 ad.doubleclick.net blocks all files supplied by that DoubleClick Server to the web page you are viewing.

2. Opendns

OpenDNS offers DNS resolution for consumers and businesses as an alternative to using their Internet service provider’s DNS servers. By collecting a list of malicious sites, OpenDNS blocks access to these sites when a user tries to access them through their service.
OpenDNS enables you to block websites by 50+ categories. OpenDNS also provides whitelist and blacklist features to enable you to create exception cases (“always allow” and “always block”) to complement category-based filtering.

To use OpenDNS service, you need to change your DNS server settings manually.

More information, please visit http://www.opendns.com

3. Router, Firewall or UTM

If you have a powerful router or UTM device, you also can setup web filtering on it.
For more information about UTM solution, please visit http://www.astaro.com

4. Internet filtering products

You also can use internet filtering products to do web filtering. An internet filtering product can be deployed in your network, and it enables you to monitor, filter and block internet activities of all computers from a mirroring port.
More than web filtering, internet filtering product can also block file downloading, block p2p traffic and block messenger.

For internet filtering software, you can try “WFilter Enterprise”, http://www.wfiltericf.com

How to block websites at work during working hours?

Unmanaged websites surfing is killing your productivity. Employees may spend hours to read news, watch online video and play online web games.
So, to save productivity, it is necessary for organizations to block certain websites and restrict internet access.
You need to implement an internet policy as:
1. Only work-related websites are allowed during work time.
2. Destructive websites like violence, adult, shall be blocked always.
3. Downloading websites shall be blocked to save bandwidth if you are suffering from slow internet speed.

However, in today’s internet, a website can not be blocked only by blocking its ip address or domain. It is still accessable by:
1. Open proxy servers.
2. Third party tunneling proxy service.
3. Tunnel VPN service.

To make your blocking effecient, you also need to block certain proxy/tunneling protocols.

WFilter makes it simple to block websites and proxy service.

1. Filter certain websites

You can filter certain websites by “website black/white list” and “website category”:

2. Block Proxy Service and VPN protocols.

WFilter supports proxy protocol transparently. No addtional setting is required to block open proxy server.
You may setup a “HTTPS black/white list” to block unwanted VPN.

More information, please check “WFilter Enterprise”.
Other related links:
How to block video streaming on company network?
How to block internet downloading?
How to monitor internet bandwidth?
How to monitor internet usage on company network?
Internet monitoring software for business
How to filter web surfing?

How to block internet downloading?

  Unmanaged internet downloading can consume most of your bandwidth, In practice, many, often most, of the files shared on peer-to-peer
networks are copies of copyrighted popular music and movies. 

  So, it is important for corporations to manage, control and block p2p traffic and block unwanted file downloading.

  Files can be downloaded via various ways as described below:

  1. Downloading from HTTP/FTP websites.

  2. Downloading from p2p networks.

  3. Downloading from instant messenger buddies.

  For security purpose, downloading from p2p networks shall be completely forbidden in company networks. And only HTTP/FTP downloading from trusted websites can be allowed.

  Instant messenger file transfer makes it convenient to share files with our friends. It is fast and secure. However, because IM is so popular, virus writers can use it to spread malicious programs. These viruses are spread, in most cases, when a person clicks a link or opens an infected file that was sent in an instant message that appeared to come from a friend. Therefore, messenger file transfer also put your network in danger.

  “WFilter Enterprise”  makes it simple to manage file transfers between local network and the internet. Using WFilter, you may:

  1. Limit file downloading size.

  2. Block web downloading by file type.

  3. Block web downloading by content type. (Mime type)

  4. Block p2p traffic.

  5. Block file transfer via messengers.

  Figures:

 

Other related links:
How to monitor internet bandwidth?
Internet blocking
How to filter web surfing?
How to monitor internet usage on company network?
Internet monitoring software for business
Internet monitoring software

Internet monitoring software for business

  Unmanaged internet access is harmful to your business.
  Without proper internet monitoring and filtering, you may suffer from:
  1. Lower productivity. Your employees might take hours for web surfing, chatting and watching videos.
  2. Slow internet speed. P2P programs or IPTV programs can easily consume most of your bandwidth. So normal business will not have enough available bandwidth.
  3. Unmanaged downloading will bring virus, worms and spyware, which is harmful to your network.
  4. Leaking of business documents and materials.

  Therefore, it is important for you to monitor and manage employees internet activity. This guide will introduce you several aspects of deployment and usage of internet monitoring and filtering software. Please be aware that I am only going to talk about internet access monitoring, which does not include screen monitoring, USB forbiding and keystroke recording. The latter requires you to install a client agent in every computer. And internet monitoring only needs to be installed near the internet entrance.

How to deploy internet monitoring software?

  Though internet monitoring only needs to be installed near internet entrance, it is quite different for different network topologies.
  For “Router<->Switch<->Computers” networks, you need to setup a mirroring port in the switch to enable monitoring. If you are using ISA or wingate proxy server, you can do monitoring right in the proxy server.

How to monitor internet bandwidth?

  Upon properly deployed, you can easily monitor internet bandwidth and activities using internet monitoring software.
  Below let me take “WFilter Enterprise” as an example:
 
  Use WFilter’s “Active Connections” feature, you can have a clear view of all connections in your network.

Connections of a particular computer, you can kill established connections if you want.

For more details about “monitor internet bandwidth”, please refer to: How to monitor internet bandwidth?

How to monitor internet usage?

In “Online computers” of WFilter, click the numbers under each title to view detailed records.

How to block downloading?

To save bandwidth, inproper downloading shall be blocked. The below figure shows blocking of large size files and blocking by video files.

Blocking of video files.

For more details, please refer to “How to block downloading?”.

How to filter web surfing?


Introduction

WFilter supports various ways to filter web surfing activity:

  1. Block Web Surfing Completely
  2. Enable Website Black/White List
  3. Enable URL Keywords Filtering
  4. Enable Website Category Access Policy
  5. Websites Exception List
  6. Enable HTTPS Black/White List

1. Block Web Surfing Completely

When enabled, all HTTP web surfing will be blocked, except for domains in the “Websites Exception List”.

1.1 Add a new blocking level, as in the below figure:

Figure 1

1.2 Set a proper “Level Name” and “Level Desc”, check the “Block Web Surfing”. If you want to display a blocking page when blocked, you need to enable “Display a Deny Page When Blocking”, as in Figure 2:

Figure 2

1.3 Apply this new blocking level to certain users in “User-computer Table”, as in the below figure:

Figure 3

1.4 Websites will be blocked, as in Figure 4:

Figure 4

Figure 5

2. Enable Website Black/White List

Website black/white list can set black list or white list for websites based on domain name.
When black list is enabled, websites in the black list will be blocked. When white list is enabled, only websites in the white list can be visited.

2.1 Add a new blocking level, as in the below figure:

Figure 6

2.2 Set a proper “Level Name” and “Level Desc”, check the “Enable Website black/white list”, as in Figure 7:

Figure 7

2.3 Add certain websites into a black list, as in Figure 8:

Figure 8

2.4 Apply this new blocking level to certain users in “User-computer Table”, as in the below figure:

Figure 9

2.5 Websites in the black list will be blocked, as in Figure 10:

Figure 10

Figure 11

3.1 Enable URL Keywords Filtering

URL keywords filtering can filter webpages by url address. Using this feature, you can block searching for certain keywords in search engines.

3.1 Add a new blocking level, as in the below figure:

Figure 12

3.2 Set a proper “Level Name” and “Level Desc”, check the “Enable URL Keywords Filtering”, as in Figure 13:

Figure 13

3.3 Check the keywords category to be blocked, as in Figure 14:

Figure 14

3.4 Apply this new blocking level to certain users in “User-computer Table”, as in the below figure:

Figure 15

3.5 In this example, searching for “game” will be blocked, as in Figure 16 and Figure 17:

Figure 16

Figure 17

4. Enable Website Category Access Policy

Website category access rules can filter websites based on websites categories. Four filtering modes are supported: “Allow”, “Deny”, “Warn” and “Time Quota”.

4.1 Add a new blocking level, as in the below figure:

Figure 18

4.2 Set a proper “Level Name” and “Level Desc”, check the “Enable web category rule”, as in Figure 19:

Figure 19

4.3 Set certain filtering mode for certain categories, as in Figure 20:

Figure 20

4.4 Apply this new blocking level to certain users in “User-computer Table”, as in the below figure:

Figure 21

4.6 In this example, time quota is enabled for “Game” websites, as in Figure 22:

Figure 22

5. Websites Exception List

Websites in the exception list will not be blocked by other rules.

Figure 23

6. Enable HTTPS Black/White List

Above functions can only filter HTTP websites, to block HTTPS websites, you need to enable the “HTTPS Black/White List”.

6.1 Add a new blocking level, as in the below figure:

Figure 24

6.2 Set a proper “Level Name” and “Level Desc”, check the “Enable HTTPS Black/White List”, as in Figure 25:

Figure 25

6.3 Add certain websites into a HTTPS Black list, as in Figure 26:

Figure 26

6.4 Apply this new blocking level to certain users in “User-computer Table”, as in the below figure:

Figure 27

6.5 As in Figure 28 and 29, certain HTTPS websites will be blocked.

Figure 28

Figure 29