Monthly Archives: February 2012

Modify ESET personal firewall settings to make WFilter work.

All internet packets are required for WFilter to parse network activities. However, the ESET personal firewall blocks non-local computer network packets by default. Therefore, when the ESET personal firewall is enabled, WFilter can not monitor itself computer because other computer’s network packets are all blocked by ESET.

To make WFilter work with ESET personal firewall, you need to adjust the firewall settings.

The following example demonstrates how to configure ESET Smart Security 5.0:

1. Click “Setup” -> “Network” in ESET.

2. The filtering mode shall be “interactive filtering mode”.

3. Click “Configure rules and zones…” to set the rules.

In “Toggle detailed view of all rules” view, click “new” to creat a new rule.

The new rule is set to allow all TCP&UDP traffic. All other rules shall be disabled.

  1. Direction: Both
  2. Action: Allow
  3. Protocol: TCP & UDP
  4. Profile: For every

4. In “Advanced Personal firewall setup…”

Uncheck “Check TCP connection status” in “Packet inspection” section of “IDS and advanced options”.

Now your WFilter shall be able to work.

More information of disable ESET firewall, please check: http://kb.eset.com/esetkb/index?page=content&id=SOLN2113

WFilter adds solution for monitoring terminal server users.

Terminal Services allows IT departments to install applications on a
central server.
For example, instead of deploying database or accounting software on all
desktops, the applications can simply be installed on a server and
remote users can log on and use them via the network.
This centralization makes upgrading, troubleshooting, and software
management much easier.

However, since all terminal clients share the server’s network, it
becomes difficult to monitor/filter individual users internet usage
because most internet monitoring/filtering products only monitor/filter
internet activities based on ip addresses or MAC addresses.

From WFilter en.3.3.148 version, with WFilter proxy’s “user authentication” feature, you are able to monitor terminal client users and set differnet internet policy for each user.

Please check details of this solution at: How to monitor terminal server users?

How to block google mail (gmail) access of network computers?

Sometimes you might want to block google mail(gmail) access in your network. This tutorial will guide to block gmail with WFilter.

Google mail( gmail ) supports vary kinds of access, including:

  1. Web access via HTTPs protocol.
  2. SMTP over SSL for sending emails.
  3. POP over SSL for receiving emails.
  4. IMAP over SSL for receiving emails.

So for complete blocking of gmail, you need to enable blocking of certain email protocols, and also need to enable “HTTPS black list” to block gmail web access.

1. Block SMTP/POP/IMAP over SSL

Enable blocking of “SMTP over SSL”, “POP over SSL” and “IMAP over SSL” in certain blocking policy. These settings will block gmail access from email client programs.

2. Block gmail web access.

Enable “HTTPS black/white list”, and choose “New” to new a list.

Add “mail.google.com” into the new HTTPs black list.

New gmail web access is also blocked.

Please notice: if gmail web page is already open before enabing of HTTPs black list, the current https session can not be blocked until restarting of your browser.

More information, please check “WFilter Enterprise”.

Other related links:

How to block UDP ports in RRAS windows server 2003?
How to block internet downloading?
How to monitor internet usage on company network?
Internet monitoring software for business
How to filter web surfing?
How to block websites and restrict internet access?
How to block HTTPS websites on my network?