manualshive.com logo in svg

ComSifter CS-8D Pro, User Manual, Page: 15 / 245

Share
Download
ComSifter CS-8D Pro User Manual Download Page 15

I N S T A L L I N G   C O M S I F T E R  

User Guide  |  

ComSifter CS-8D Pro

  

1–3 

Overview 

ComSifter is a standalone appliance that connects your internal LAN to the Internet while seamlessly offering 
firewall and content filtering.  

Internet Gateway 

ComSifter is the gateway device from a private LAN to the public Internet. It is able to operate as a standard 
router or in a Network Address Translation (NAT) mode. In the NAT mode, ComSifter converts internal IP 
addresses to a public IP, effectively isolating your private network from the Internet. 

Non-Stop Operation 

Two ComSifter Non-Stop units, in conjunction with two Internet connections, offer a reliable Internet connection 
for organizations that cannot afford any down time. A state-of-the-art failover-enabled DHCP server performs 
IP/gateway-based load balancing while instructing client computers that there are two gateways to the Internet. 
Each ComSifter performs a series of steps every five minutes to determine if a valid Internet connection is 
available. If not, the ComSifter will shut down its LAN interface. This shutdown will trigger Dead Gateway 
Detection on client computers using this gateway. Client computers will then switch to the other ComSifter. 
This same process will occur if either ComSifter is lost due to a hardware failure. 

Firewall 

An industrial strength, rules-based stealth firewall is included in ComSifter. The firewall allows complete control 
of all ports from the Internet to the LAN and from the LAN to the Internet. The resolution of the firewall is such 
that a single port on a single computer on the LAN can be allowed to a single port on a single IP on the 
Internet. The firewall can block internal port hopping programs, has log rate limiting, and does not over react to 
Denial of Service attacks. Full logging of every transaction is available. 

Filtering System 

ComSifter CS-8D Pro incorporates eight individual filters. Each filter may be individually configured for the user 
computers that access the filter. Additionally, a global filter allows configuration system wide. 

When the user computer accesses a filter, two types of filtering are performed: 

  First, ComSifter compares the requested site with its blacklist to determine if the address has already 

been deemed inappropriate. If the site is blacklisted, the user will receive a Denied Access Page, and 
will not be able to view the site. 

  Second, if the site is not blacklisted, ComSifter will scan every word on the Internet page, using its 

CSphrase Filtering Technology, looking for words that indicate inappropriate content. The context of 
these words is analyzed to determine if the page should be blocked. This greatly reduces the number of 
false positives while blocking those pages that are offensive. This feature accounts for ComSifter’s 
remarkable accuracy. 

If the content passes through both types of filtering, ComSifter allows the page to be loaded on the user’s 
computer. If either of the filters disallow, a “Denied Access Denied” page is sent to the user’s computer. All this 
is done in a fraction of a second, with no delay seen by the user.

Summary of Contents for CS-8D Pro

Page 1: ...ComSifter protect web users now User Guide Model CS 8D Pro Version March 26 2012 0326121500 ...

Page 2: ... mechanical including photocopying recording or information storage and retrieval systems for any purpose other than the purchaser s personal use without the express written permission of Comsift Comsift ComSifter CSphrase and the Comsift logo are trademarks of Comsift Inc All other trademarks or registered trademarks listed belong to their respective owners Copyright 2003 2011 Comsift Inc All rig...

Page 3: ... 2 5 Making a secure connection 2 7 Quick Start Guide 2 9 How will the ComSifter Connect to the Network 2 9 Do I need only one filter or multiple filters 2 9 Do I need Proxy or Transparent Mode 2 9 How will I identify and authenticate a user 2 9 How will the ComSifter get a list of my users 2 10 How many filters will I need 2 10 What filter will each user be assigned to 2 10 Network Worksheet 2 11...

Page 4: ... 3 2 Login 3 2 ComSifter Admins 3 3 Overview 3 3 Setting the Username and Password 3 4 Assigning Module Rights 3 4 Remote Administration 3 8 IP Access Control 3 8 Deny from all IP s 3 9 Allow from all IP s 3 9 Allow from only listed IP s 3 9 Follow My IP 3 9 Disable 3 9 Follow the listed IP 3 10 System Logs 3 11 Access Log 3 12 Status Messages 3 12 Firewall 3 14 DHCP Non Stop 3 16 Duplicate IP Not...

Page 5: ...29 DNS 3 29 Client Email POP3 IMAP SMTP 3 30 FTP 3 31 ICQ IM 3 32 Laplink 3 33 MSN Messenger 3 34 PCAnywhere 3 36 Ping and Traceroute 3 37 PPTP 3 38 Telnet 3 40 VNC 3 41 Yahoo Chat 3 42 Web Access browsing 3 43 Apply Configuration 3 45 Stop Firewall 3 45 Check Firewall 3 45 Backup 3 45 Restore 3 45 Firewall Basic Templates 3 46 Template 1 High Security 3 46 Template 2 High Medium Security 3 46 Tem...

Page 6: ...IP 3 57 External Subnet Mask 3 57 External Gateway 3 57 Internal IP 3 57 Internal Subnet Mask 3 58 Primary DNS 3 58 Secondary DNS 3 58 DHCP Server for Local LAN 3 59 Firewall Template 3 59 Non Stop Relationship 3 59 Non Stop Peer IP 3 59 Dynamic IP 3 60 Bridge 3 61 PPPoE 3 62 User Name 3 62 Password 3 62 Current Network Settings 3 63 Non Stop DHCP Configuration 3 64 Using the ComSifter DHCP Server...

Page 7: ...toring the Backup 3 85 ComSifter Status 3 86 Active Directory Last Resync 3 86 CPU Load Average 3 86 Content Filter Service 3 86 DHCP Available Leases 3 86 DHCP Server 3 86 DNS Resolving 3 87 Hardware Health 3 87 Internet Connected 3 87 Non Stop Operation 3 87 Proxy Server Service 3 87 Hours of Operation 3 87 Denied Access Page 3 88 Overview 3 88 Local Message 3 88 Download Install IDENTD 3 89 Fil...

Page 8: ...elete 4 4 Partial Exception Domain List 4 5 Add 4 5 Delete 4 5 Partial Exception URL Filter List 4 5 Add 4 5 Delete 4 5 Banned Domain List 4 6 Delete 4 6 Banned URL List 4 6 Add 4 6 Delete 4 6 Banned CSphrase Filter Groups 4 7 Activating Filters 4 7 Deactivating Filters 4 8 Weighted CSphrase Filter Groups 4 9 Blacklist Domain Filter Groups 4 10 Blacklist URL Filter Groups 4 10 Filter Logging Optio...

Page 9: ...y On 4 26 Warn and Go 4 27 Enable 4 27 Disable 4 27 Change Sensitivity 4 28 Sensitivity Level Guidelines 4 28 Copy Filter 4 29 Whitelist 4 30 Setup a whitelist filter 4 30 Add specific site exception to be whitelisted 4 30 Blocking External IP Addresses 4 30 Words Phrases 5 1 Overview 5 1 Configuring Words Phrases 5 3 Restart ComSifter Filter 5 3 Editing Banned Words Phrases 5 4 Add 5 4 Delete 5 4...

Page 10: ...ing Proxy Mode 6 16 Which is the right solution for our network 6 16 Proxy Configuration Group Policy rule 6 17 Disabling Local Client Computer Access to Browser Proxy Settings 6 18 Authentication Method Step 1 6 20 Authentication Methods Pros and Cons 6 22 Authentication Methods Explained 6 23 BASIC ONLY 6 23 NTLM with FALLBACK TO BASIC 6 24 IDENTD ONLY 6 25 Download Install IDENTD 6 26 Port 113 ...

Page 11: ...User 6 51 Administer Retrieve User IP s from ComSifter IP Database Step 3c 6 52 Adding a new IP 6 52 Modifying an IP 6 54 Deleting an IP 6 55 Administer Retrieve Usernames by merging Usernames from an external file Step 3d 6 56 Enable Disable Automatic Proxy Configuration Step 4a 6 57 Enable Disable Automatic Proxy Configuration 6 57 Overwrite pac WPAD File 6 57 Edit Proxy File proxy pac wpad dat ...

Page 12: ...ate 7 3 CSphrase Filter Technology 7 3 Contact Information 1 Location 1 Phone 1 Sales 1 Technical Support 1 Specifications 2 Configuration 2 Network 2 Number of Computers 2 Throughput 2 Typical Access Time 2 Caching Proxy 2 Blacklist Update and Bypass List Update 2 Mechanical Environmental 3 Filter Defaults 4 License Warranty 6 ...

Page 13: ...logging engine allows control over both ComSifters from either unit High performance destination based firewall and content filter Stops unauthorized programs from accessing the Internet Stops access to pornography hate and gambling sites Blocks downloading of harmful and illegal files including MP3 music files Filters networks with hundreds of computers Intelligent filtering with CSphrase Filteri...

Page 14: ... ComSifter to be configured by way of a browser Logging Logs user activity firewall packet activity system messages and Top Sites User Database Maintains usernames and filter mappings Active Directory Sync If part of a domain maintain binding with domain Update domain user list every 15 minutes Blacklist Updates Daily or weekly blacklist updates Software Check Daily check for software updates Auth...

Page 15: ...he Internet to the LAN and from the LAN to the Internet The resolution of the firewall is such that a single port on a single computer on the LAN can be allowed to a single port on a single IP on the Internet The firewall can block internal port hopping programs has log rate limiting and does not over react to Denial of Service attacks Full logging of every transaction is available Filtering Syste...

Page 16: ...x C Filter Defaults provides default information for the eight filters Appendix D License and Warranty provides information about ComSifter s licensing and warranty Navigating Through This User Guide This User s Guide contains all the information you need to install use and troubleshoot ComSifter To assist you in navigating through this document we have added blue colored hot links to the Table of...

Page 17: ...rnal LAN as shown in the diagrams below Figure 2 1 ComSifter s in the Network Internet CONNECTION TO INTERNET SERVICE PROVIDER S Client User INTERNAL IP 192 168 1 20 GATEWAYS 192 168 1 1 192 168 1 2 INTERNAL IP 192 168 1 2 ComSifter Secondary Optional ComSifter Primary or Single Cable DSL T1 Modem Cable DSL T1 Modem EXTERNAL IP INTERNAL IP 192 168 1 1 EXTERNAL IP Client User INTERNAL IP 192 168 1 ...

Page 18: ... 1 ComSifter in Bridge Mode Cable DSL T1 Modem Router INTERNAL IP 192 168 100 9 with the ComSifter INTERNAL IP 192 168 100 1 Client User INTERNAL IP 192 168 100 21 GATEWAY 192 168 100 1 Client User INTERNAL IP 192 168 100 23 GATEWAY 192 168 100 1 Wireless Access Point INTERNAL IP 192 168 100 24 GATEWAY 192 168 100 1 10 100 1000 BASE T Switch Server Domain Controller INTERNAL IP 192 168 100 25 GATE...

Page 19: ...ired on the sides and top regardless of the placement orientation AC Power Connect the supplied AC power cord to the ComSifter power adapter and a properly grounded 115VAC outlet Connect the power supply output cable to the ComSifter Although not required best practices would suggest that ComSifter be placed on a UPS system This will protect ComSifter from most external power fluctuations and allo...

Page 20: ...f it does not clear it will be necessary to contact the ISP Fast Beep One 1 beep every second for 30 seconds then no beeps for 4 minutes Repeats every five 5 minutes Duplicate IP on the LAN side of the ComSifter More than one device is serving DHCP information or another device on the network has been manually assigned the same IP address as the ComSifter Constant Beep Continuous Overheating condi...

Page 21: ...ation at www java com Windows 98 and Windows 95 should not be used to configure ComSifter If you must use Windows 95 or Windows 98 to configure ComSifter please contact Comsift Technical Support This warning does not apply to ComSifters ability to filter only to its configuration ComSifter is configured from the factory for the 192 168 100 1 255 255 255 0 subnet If your network is already using th...

Page 22: ...M S I F T E R User Guide ComSifter CS 8D Pro 2 6 Figure 2 3 Setting Windows2000 XP Vista 7 IP Address Note After configuring ComSifter to your network subnet you may then set your computer back to its original network settings ...

Page 23: ...ou will be presented with ComSifter s self signed security certificate Figure 2 5 Security Certificate via Internet Explorer 9 This certificate will allow the communication link to be encrypted You may click Yes to continue or you may install the certificate by clicking View Certificate and follow the instructions for installing certificates for you browser Note Different browsers Apple Safari Moz...

Page 24: ...N G C O M S I F T E R User Guide ComSifter CS 8D Pro 2 8 Figure 2 6 ComSifter Login The default Username is admin The default Password is admin You are now ready to configure ComSifter as described in the next chapter ...

Page 25: ...and will not protect you from external probes into your network Do I need only one filter or multiple filters A filter defines how your users will be filtered Do you want all your users to have the same rule set or would you like different rules for different groups i e a filter for students and a filter for teachers or a filter for non management personnel and a different filter for management If...

Page 26: ...ities refer to the table outlining Steps 3a through 3d explains in detail the different methods that are used to determine your usernames After usernames are entered the next question is How many filters will I need Next you will need to determine how many filters you will need how to label those filters and how those filters will need to be configured Chapter 4 Filter Setup explains this in detai...

Page 27: ...ring the ComSifter External IP _________________________ e g 63 195 80 100 External subnet mask _________________________ e g 255 255 255 0 External Gateway _________________________ e g 63 195 80 1 Primary DNS _________________________ Secondary DNS _________________________ Internal IP _________________________ e g 192 168 0 1 External subnet mask _________________________ e g 255 255 255 0 Non ...

Page 28: ...oceed to Step 4 Finishing Up If you have selected multiple filters then you will need to proceed to the next step Before proceeding further best practices would suggest running your ComSifter as a single filter unit for a short period of time one day to one week This period of time can be used to ensure that your new configuration is stable Access speed is as expected and your user are being prope...

Page 29: ...ings for users that will be filtered 3 Automatic Proxy Configuration Determine if you will need Automatic Proxy Configuration Best practices would suggest setting a Group Policy in the Domain Controller to force browsers into Proxy Mode Refer to User Management Utilities Understanding and Determining Transparent and Proxy Modes Proxy Configuration Group Policy rule for an example of this rule If y...

Page 30: ...nt Utilities and select Step 2 Join ComSifter to AD Domain Enter the specifics for your domain and then execute The ComSifter will report if it has successfully bound with your domain Do not continue unless a successful binding has been confirmed 3 Retrieve user names from AD Go to User Management and select Step 3a Administer Retrieve User Names from Active Directory Enter the specifics for your ...

Page 31: ...lities Understanding and Determining Transparent and Proxy Modes for explanation of transparent and proxy modes Once in Authentication Method select and execute 4 IdentD Only transparent or 5 IdentD Only proxy 2 Retrieve user names from AD Go to User Management and select Step 3a Administer Retrieve User Names from Active Directory Enter the specifics for your domain and then execute The ComSifter...

Page 32: ...elect 3c Administer Retrieve User IPs from ComSifter IP Database Enter the IP addresses and filter mappings for client computers that will be filtered 3 Automatic Proxy Configuration Optional Determine if you will need Automatic Proxy Configuration Best practices would suggest setting a Group Policy in the Domain Controller to force browsers into Proxy Mode Refer to User Management Utilities Under...

Page 33: ...enance functions Admin Understanding Modules and Categories ComSifter uses a module concept to allow certain functions to be performed by different ComSifter administrators A module may contain one or more commands that may be performed by the ComSifter administrator configuring the system Modules are grouped within Categories Categories are represented by Icons at the top of each page There are s...

Page 34: ...s Note It is recommended that you immediately change the default password to a password of your own choosing as described below Note Administration of the ComSifter may be performed by only one user at a time Any subsequent attempts to login to ComSifter by other users will be rejected If the current user forgets to logout of ComSifter it may take up to 10 minutes for the inactivity timer to logou...

Page 35: ... will bring up the ComSifter Admins menu Figure 3 3 Select ComSifter Admins ComSifter Admins Overview ComSifter Admins are personal that will be configuring ComSifter Ten 10 ComSifter Admins have been pre defined A special ComSifter Admin Admin is designated as the System Administrator Admin may edit the username and password of other ComSifter Admins and assign responsibilities to them by assigni...

Page 36: ...wn selection to set to enter the new password click on Save Warning Do not forget your password You will not be able to configure ComSifter if the password is forgotten ComSifter does not have any back door or hidden passwords Assigning Module Rights As Admin you may define new ComSifter Admins and grant them access to all or selected modules In the following example username Admin1 was changed to...

Page 37: ... Guide ComSifter CS 8D Pro 3 5 Figure 3 6 Assigning Module Rights When Operator logs into ComSifter they will only see the Modules and Categories that they have been granted rights to as shown in the example below Figure 3 7 Operator Admin Screen ...

Page 38: ...work_technician network_technician is allowed access to the DHCP and Network Configuration Modules Figure 3 8 Assign Module Rights When network_technician logs into ComSifter they will only see the Modules and Categories that they have been granted rights to as shown in the example below Figure 3 9 network_technician Admin Screen ...

Page 39: ...h the username filter_specialist is defined This admin is allowed only in to the Filter Setup and Words Phrases Modules When filter_specialist logs into ComSifter they will only see the Modules and Categories that they have been granted rights to as shown in the example below Figure 3 10 filter_specialist Admin Screen ...

Page 40: ...Remote Administration ComSifter supports remote administration over the Internet using an encrypted SSL link to port 10000 Additional security is attained by limiting Remote Administration by IP Figure 3 11 Remote Administration IP Access Control Figure 3 12 IP Access Control ...

Page 41: ...addresses This is the preferred setting for Remote Administration and offers excellent security To gain access remotely the following conditions must be met 1 The access must be from the listed IP 2 The access must be to port 10000 3 SSL must be supported 4 The security certificate must be accepted 5 A proper username password must be entered Follow My IP Overview As an added security feature ComS...

Page 42: ...D Pro 3 10 Follow the listed IP This selection will enable the Following of the IP of any domain entered in the text box Note Upon clicking save ComSifter will add the new IP s and restart Firewall Services This will interrupt current connections for up to 30 seconds ...

Page 43: ...ternet that have been processed by the Content Filter Firewall Log Records any access through the firewall Non Stop DHCP Log Records all DHCP activity and all Non Stop events Security Log Records any login or attempted login into ComSifter Top Sites Log Shows in descending order the most often visited sites Figure 3 14 System Logs Note ComSifter keeps the last seven 7 days of data in its logs ...

Page 44: ... Domain Filter Groups or is in the Banned Domain List DENIED Banned URL The URL is listed in one of the Blacklist URL Filter Groups or is in the Banned URL List DENIED Banned Extension The extension is listed in one of the Banned Extension Lists DENIED Banned MIME type The MIME type is listed in one of the Banned MIME Type Lists DENIED Weighted phrase limit of xxx yyy The word phrase is listed in ...

Page 45: ...cess to the site regardless of the content Then he tried to access casino com This site was in the Blacklist of the filter he was connected to and thus he was DENIED from viewing the site Next Charlie tried a Google search for naked breasts This search exceeded the Sensitivity Level for his filter and he was DENIED from viewing the site The entry in the log shows the Sensitivity Level for his filt...

Page 46: ...e event happened 2 Chain Action shows the Chain direction of the event and what Action was taken Possible Chains are a loc2fw the packet was traversing from the internal LAN to the ComSifter Typically these packets will be DHCP port 66 67 DNS port 53 related i e an internal computer is asking ComSifter for DNS or DHCP information b loc2net the packet was traversing from the internal LAN to the Int...

Page 47: ...et was found The packet is silently dropped c _redirect and _dnat a matching rule was found to DNAT or Redirect the packet 3 Source IP The IP the packet originated from 4 Destination IP The IP the packet is destined for 5 Protocol The protocol the packet is using 6 Sport the port the packet originated from 7 DPort the port the packet is destined for ...

Page 48: ...y and Non Stop events are logged Messages are self explanatory In the following example we see a number of DHCP messages and a number of Non Stop messages For debugging purposes you may select Show client DHCP messages When Yes is selected all client DHCP requests will be shown Figure 3 17 Non Stop DHCP Log ...

Page 49: ... active an entry is made in the Non Stop DHCP log every five 5 minutes If the duplicate IP is on the WAN interface there will be a slow audible beep one beep every three 3 seconds for 30 seconds then no beeps for 4 minutes If the duplicate IP is on the LAN interface there will be a fast audible beep one beep every second for 30 seconds then no beeps for 4 minutes Note Using the audible beep the ap...

Page 50: ...ed into the Secondary successfully at 10 08 16 Non existent ComSifter Admin filter_specialist tried to login five times into the Secondary ComSifter and was locked out on the fifth try Note A lock out lasts for 10 minutes The lock out is by IP address In this example IP 192 168 1 101 will be locked out for 10 minutes At 10 09 38 ComSifter Admin admin tried to log into the Primary ComSifter but for...

Page 51: ...ite must have at least 10 connects to be shown on the Top Site Log Change Change shows the relative change referenced to 7 days ago Possible conditions are 1 Number in Red a greater than 1 change higher in Rank from 7 days ago 2 Number in Black a greater than 10 change lower in Rank from 7 days ago 3 references a no change in Rank from 7 days ago 4 nr in Magenta indicates there was no reference av...

Page 52: ...lows setting the ComSifters IP Gateway and DNS settings Network Utilities Basic network utilities including ping traceroute nslookup and others Network Wizards Include easy to use wizards that allow you to easily set up a Static DHCP or PPPoE Internet connection Note It is suggested that you start with the Network Wizards The Wizard can configure your ComSifter to your Internet Connection type set...

Page 53: ...er Enter the User Name given to you by your ISP or Network Administrator Get DNS from ISP Select Yes Limit packet size Leave at the default of 1412 unless instructed otherwise by your ISP Connect on demand The ADSL Client will connect whenever there is traffic destined for the Internet Login with password Enter the password given to you by your ISP or Network Administrator Attempt connection for T...

Page 54: ...e IP of its FQDN If the IP has changed ComSifter will automatically update the records of supported Dynamic DNS providers Figure 3 23 Dynamic DNS Provider Add an entry This form is used to enter the specific account information for the Dynamic DNS provider Comsift supports dyndns com and no ip com Your account information from these providers is entered in this form Figure 3 24 Add an Entry Create...

Page 55: ...at were compiled into the Create Runtime Program Warning Use caution when clicking Update All Dynamic DNS providers ask that updates are only performed when your IP is changed The provider may terminate your account if to many updates without an IP change is performed ComSifter will automatically perform this function when the external IP changes ...

Page 56: ...onsibility of the firewall is to block all traffic from the Internet to your LAN and vice versa unless a rule explicitly allows the traffic to pass In this section we will discuss how these rules are created and what rules to use to allow different applications to access the Internet or the LAN Upon selecting the Network icon you will be presented with the Firewall Advanced screen From this menu y...

Page 57: ...C network The non routable range is translated to the external public IP Traffic from the LAN appears to be coming only from the public IP This is a very secure way of hiding your internal LAN from the Internet thus the name masquerading All traffic into and out of the LAN is by way of the public IP The above example is default for the ComSifter and should not be changed unless you are using a pub...

Page 58: ... as needed for your network In the preceding example we have a group of rules that The first rule a REDIRECT takes any TCP packet from the Local Zone destined for Port 80 and redirects it to Port 8080 This rule is used to intercept LAN traffic that is destined for web sites port 80 and redirect that traffic to port 8080 ComSifter filtering service is listening on port 8080 The next rule a DNAT tak...

Page 59: ... when processing a packet in either direction A port closed response to the packet will be sent Do not use reject unless you specifically need it DNAT or Port Forwarding Used to dynamically route packets from the Internet net to specific IP s on the LAN loc This action is typically used to allow access to servers running on the LAN DNAT TBD REDIRECT Redirect is used to redirect packets from the LA...

Page 60: ...ddress IP addresses may be entered in this field Multiple IP addresses may be entered by separating each address by a space A not function may be entered by using the character in front of the first IP address Destination Zone Destination Zone is the zone that the packet is destined for This may be further refined by selecting Only hosts in zone with address IP addresses may be entered in this fie...

Page 61: ... the most common applications that access the Internet If your application is not listed then you will need to consult the documentation for the application to determine what ports are required DNS Ports 53 TCP UDP To allow client access from the LAN to the Internet use the following two rules Figure 3 30 Client Access to DNS TCP Figure 3 31 Client Access to DNS UDP ...

Page 62: ...TCP IMAP secure 993 TCP SMTP 125 TCP To allow client access from the LAN to the Internet use the following rule Figure 3 32 Client Email If you have an internal mail server and you wish to allow client access from the Internet to the LAN use the following rule Figure 3 33 Internet Access to Email Server In this example we have a POP3 email server at 192 168 1 8 port 110 ...

Page 63: ...rnet use the following rule Figure 3 34 Client FTP Access If you have an internal FTP server and you wish to allow client access from the Internet to the LAN use the following rule Figure 3 35 Access to Internal FTP Server In this rule any packet from the Internet destined for port 21 will be routed to the FTP server located at 192 168 1 8 ...

Page 64: ...O N F I G U R I N G C O M S I F T E R User Guide ComSifter CS 8D Pro 3 32 ICQ IM Ports 5190 TCP To allow client access from the LAN to the Internet use the following rule Figure 3 36 ICQ AOL Client Access ...

Page 65: ...om the LAN to the Internet use the following rule Figure 3 37 Client Access to Laplink If you have an internal Laplink server and you wish to allow access from the Internet to the server add the following rule Figure 3 38 Accessing an Internal Laplink Server In this rule packets from the Internet destined for port 1547 are forwarded to 192 168 1 250 port 1547 ...

Page 66: ...C O M S I F T E R User Guide ComSifter CS 8D Pro 3 34 MSN Messenger Ports 1863 TCP 5190 TCP 6891 6901 TCP To allow client access from the LAN to the Internet use the following rule Figure 3 39 Client Access to MSN Messenger ...

Page 67: ...G U R I N G C O M S I F T E R User Guide ComSifter CS 8D Pro 3 35 NTP Network Time Protocol Port 123 UDP To allow client access from the LAN to the Internet use the following rule Figure 3 40 Client Access to NTP ...

Page 68: ... 5632 TCP To allow client access from the LAN to the Internet use the following rule Figure 3 41 Client Access to PCAnywhere If you have an internal PCAnywhere server and you wish to allow access from the Internet to the server add the following rule Figure 3 42 Accessing an Internal PCAnywhere Server ...

Page 69: ...exist Use the rule shown below to reply to a ping from the Internet Warning Allowing a ping from the Internet will confirm the existence of your location to potential hackers Best practices suggest that this only be for testing purposes ComSifter will not allow ping requests from the LAN to the Internet Using the rule shown below ComSifter can be configured to allow ping from the LAN to the Intern...

Page 70: ...TCP GRE To allow client access from the LAN to the Internet use the following rule Figure 3 45 Client Access to PPTP To allow client access from the Internet to the LAN use the following rule First enable Protocol 47 GRE Figure 3 46 Client Access to PPTP protocol Setup continued on next page ...

Page 71: ...C O N F I G U R I N G C O M S I F T E R User Guide ComSifter CS 8D Pro 3 39 Then add a rule that connects TCP to the PPTP server Figure 3 47 Client Access to PPTP ...

Page 72: ...N to the Internet use the following rule Figure 3 48 Client Access to Telnet If you have an internal Telnet server and you wish to allow access from the Internet to the server add the following rule Figure 3 49 Access to Telnet Server In this rule packets from the Internet destined for port 23 are forwarded to 192 168 1 8 port 23 ...

Page 73: ... rule Figure 3 50 Client Access to VNC Each client accessing VNC outbound will need a separate port If you expect only one client at a time then only open one port The above example allows for up to 10 simultaneous clients If you have an internal VNC server and you wish to allow access from the Internet to the server add the following rule Figure 3 51 Accessing VNC Server ...

Page 74: ... G C O M S I F T E R User Guide ComSifter CS 8D Pro 3 42 Yahoo Chat Ports 5000 5010 TCP 5055 TCP 5100 TCP To allow client access from the LAN to the Internet use the following rule Figure 3 52 Client Access to Yahoo Chat ...

Page 75: ...direct all requests for access to the Internet HTTP to port 8080 ComSifter Filter Service is listening on this port It will intercept the request retrieve and filter the response and send either the response or a denied page to the requesting computer In addition to allowing normal web browsing you may allow secure authentication HTTPS by allowing port 443 outbound as shown below Figure 3 54 Allow...

Page 76: ...mSifter CS 8D Pro 3 44 To allow access from the Internet to a Web Server located on the LAN use the following rule Figure 3 55 Web Server Access This rules routes any incoming port 80 requests from the Internet to the host defined in the Destination Zone ...

Page 77: ... port used by ComSifter for configuration Check Firewall The Check Firewall command is used to verify that the new Firewall Rules are valid and that the firewall will start Check Firewall does not validate that the created rule will operate as you think it will only that the firewall will start If you receive a failure notice you will have to view the Check Firewall output and find the rule that c...

Page 78: ...ted in Firewall Advanced Upon selecting a Template ComSifter will 1 Stop Network Filtering and Proxy Services 2 Load the Firewall Rules from the selected Template 3 Restart the Firewall with the Template rules set 4 Start Network Filtering and Proxy Services Template 1 High Security Template 1 allows no connection from the Internet to the LAN and only allows web browsing 80 and secure web browsing...

Page 79: ... 5901 5905 are opened from the LAN to the Internet Template 5 Low Security Template 5 allows opens all ports from the LAN to the Internet This setting is equivalent to the capabilities of the firewall found in home and small business routers from companies such Linksys Netgear and SMC Warning Although this setting may be the easiest to configure and maintain it is the least secure Any program orig...

Page 80: ...matically configure most network settings defined in this chapter and will prevent mis configuration of the ComSifter To access these settings click on Network Configuration You will be presented with the following choices Figure 3 57 Network Configuration Choices Network Interfaces IP Address Configuration ComSifter is configured with two Ethernet interfaces Eth0 is connected to the WAN cable DSL...

Page 81: ...ormal configuration of ComSifter networking is done in this area Any changes made here will be permanent ComSifter is factory configured to an IP of 192 168 100 1 with a subnet mask of 255 255 255 0 If your network does not use these settings then change the IP and subnet mask of ComSifter as described below Warning Entering the wrong IP address and subnet mask will cause you to lose communication...

Page 82: ... address for ComSifter if different from default Normally the broadcast address ends in 255 5 Activate on Boot Insure that Yes is selected LAN Interface Settings eth1 1 Netmask Change the subnet mask to reflect your network requirements 2 MTU Leave the MTU blank default unless your network has special requirements 3 IP Address Enter the Internal LAN address for ComSifter This will also be the gate...

Page 83: ...ssible for two Class A networks a 10 xxx xxx xxx network and a 192 xxx xxx xxx network to both use a 192 xxx xxx xxx gateway This is accomplished by clicking on Add Virtual Interface as shown in Figure 3 7 When a virtual interface is added ComSifter will need an IP on the new network Enter the information for the virtual interface and click on Create Figure 3 60 Adding a Virtual Interface Note If ...

Page 84: ...o 3 52 Routing and Gateways Figure 3 61 Entering Gateway IP Enter the IP address of the External Gateway that ComSifter will use to access the Internet Note The remaining options are not used in normal operation and may be left blank default When completed click on Save ...

Page 85: ...2 DNS servers Enter the DNS server names that ComSifter will use to resolve Domain Names 3 Resolution order must be Hosts DNS remaining four entries are left blank 4 Search domains must be Listed localhost Note ComSifter includes a Smart DNS feature Every 15 minutes ComSifter queries the defined DNS servers and calculates their lookup times If the Secondary DNS server is faster than the Primary DN...

Page 86: ...ifter to reflect the new IP and netmask Recovering a lost IP address ComSifter includes a failsafe method to determine network settings in the event that the settings are forgotten or miss configured 1 Attach a standard VGA compatible monitor and keyboard to the ComSifter 2 Restart the ComSifter 3 At the end of the start up process you will see a screen that says type YES to enter the Emergency Co...

Page 87: ...ting host to a destination source Traceroute Displays the route path and measures transit delays of packets Lookup Uses nslookup to resolve domain names to IP addresses via the Domain Name System DNS servers Nmap Discovers hosts and services on a local network IP Subnet Calculator Calculates number of hosts and broadcast and network addresses for a given IP and subnet mask Whois Queries a database...

Page 88: ...will be set A Static DHCP Bridge or PPPoE connection method External IP Netmask and Gateway settings A Firewall Basic Template Internal IP and Netmask Non Stop peer address DNS Settings optional DHCP Server settings optional Figure 3 65 Network Wizards After selecting a Network Wizard further refinements to network and firewall settings may be performed from ADSL Client Network Configuration and F...

Page 89: ...er will assign the subnet mask The format for this entry is xxx xxx xxx xxx such as 255 255 255 0 External Gateway Enter the External Gateway for your installation Typically your service provider will assign the gateway address The format for this entry is xxx xxx xxx xxx such as 63 195 80 1 Internal IP Enter the Internal IP for your installation This may be any Class A B or C Internet address but...

Page 90: ...he same Domain Controller for DNS Enter the IP address of the Domain Controller Note ComSifter includes DNS forwarding ComSifter will listen to the LAN network for DNS requests If a request is received ComSifter will forward the request to the defined DNS server This feature may simplify LAN installation as ComSifter may be used as the Primary DNS Secondary DNS Enter the Secondary DNS settings for...

Page 91: ...erver Firewall Template Select a Firewall Template from the drop down box Firewall Templates are described in this manual under Firewall Basic Templates Non Stop Relationship This field defines if this ComSifter is a single primary or a secondary device Single Non Stop operation is disabled The ComSifter will act as a single device Primary The ComSifter will act the primary device All configuratio...

Page 92: ...e time or the amount of time that the information will be valid The lease time is determined by the provider of the information and may range from hours to days When the lease expires ComSifter will ask for a new lease The lease may contain the same information or may contain new information In this arrangement the external IP cannot be guaranteed as the provider may change it dependent on their n...

Page 93: ...tion of the ComSifter Bridge mode should be used if your network has the following requirements A quality router firewall already exists and the ComSifter will be used only for Content Filtering Your network has requirements for outside services to access client computers without translation e g external source accessing local computers using VPN Figure 3 68 Network Wizard Bridge mode Configuratio...

Page 94: ...vice provider and logs on After a predetermined period of inactivity the ComSifter logs out of the connection In this arrangement the External IP of the ComSifter may change many times per day Figure 3 69 Network Wizard PPPoE User Name Enter the User Name supplied by your provider Password Enter the password supplied by your provider The remainder of the configuration options is the same as those ...

Page 95: ...C O N F I G U R I N G C O M S I F T E R User Guide ComSifter CS 8D Pro 3 63 Current Network Settings Current Network Settings will list all current settings Figure 3 70 Current Network Settings ...

Page 96: ...Sifter unit fails Automatic rebalancing upon ComSifter unit recovery Using the ComSifter DHCP Server ComSifters DHCP server is factory configured but not activated when shipped Following are the factory settings for the DHCP server Scope 192 168 1 10 192 168 1 240 Subnet Mask 255 255 255 0 Default Router 192 168 1 1 Default Gateway 192 168 1 1 Broadcast Address 192 168 1 255 Lease Time 7 days It i...

Page 97: ...on Stop pair List Leases List leases allows you to see the lease database as defined below Figure 3 72 DHCP Leases In active leases only in all leases Displays leases that are currently active within lease period or displays all leases including leases that have expired Only local leases all leases Displays local leases only or displays local leases and remote leases Note Non Stop pairs synchroniz...

Page 98: ...kstation with the lease Hostname The NetBIOS name of the workstation with the lease Start Date The time and date the lease was issued End Date The time and date the lease will expire Figure 3 73 DHCP Statistics Note You may sort each column by clicking the column heading Leases Utilization At the bottom of the DHCP Statistics page Lease Utilization is shown Network The network being utilized Size ...

Page 99: ... peer is also normal and the time and date each went normal is displayed appropriately Figure 3 75 Non Stop Status Good TCP Connections displays the sequence of events that the Non Stop pairs are transacting In the above example address 192 168 1 1 began listening on local port 520 for any other Non Stop pair It was able to establish a connection with remote address 192 168 1 2 using local port 38...

Page 100: ...and alerting the email recipient that a partner down determination should be considered This determination should be quickly made if the interrupted condition is caused by a failed ComSifter If the condition is caused by a failed ComSifter then the operational Non Stop should be placed into a partnered down state By placing it in a partnered down state the operational Non Stop will recover and reu...

Page 101: ...imary Non Stop unit Port This defines the port the local unit will listen on for Non Stop events Do not change from port 520 unless instructed to do so by Comsift technical support Peer Port This defines the port the remote unit will listen on for non Stop events Do not change from port 520 unless instructed to do so by Comsift technical support Max Unacked Updates Do not change from 10 unless ins...

Page 102: ...nal ComSifter may eventually run out of leases After 24 hours if the condition is not resolved the remaining ComSifter will automatically place itself in a partner down state Split ComSifter tries to balance the IP load between Non Stop pairs based on this figure ComSifter takes the total number of IP addresses available for lease and divides them at this number For example in this manual we use a...

Page 103: ...y Comsift technical support Peer Port This defines the port the remote unit will listen on for non Stop events Do not change from port 520 unless instructed to do so by Comsift technical support Max Unacked Updates Do not change from 10 unless instructed to do so by Comsift technical support Load balance max seconds Do not change from 3 unless instructed to do so by Comsift technical support Auto ...

Page 104: ...placing it in a partnered down state the operational Non Stop will recover and reuse all of the failed Non Stop leases If this procedure is not followed then the operational ComSifter may eventually run out of leases After 24 hours if the condition is not resolved the remaining ComSifter will automatically place itself in a partner down state Split Not used in the secondary Non Stop unit do not fi...

Page 105: ...ared Networks allow you to define a network over which ComSifter will control DHCP Figure 3 79 Selecting Network Click on Add a New Subnet or click on an existing defined network as displayed by a small network picture with an appropriate subnet label The example below is the result of selecting the 192 168 1 0 network ...

Page 106: ... network s settings 1 Network Address Enter the network address This should end in a zero 0 i e xxx xxx xxx 0 2 Netmask The netmask of the Network Address defined in step 3 Edit Client Options See next section Edit Client Options 4 List Leases List current and expired leases 5 Address Pools for Subnet See section Address Pools for Subnet 6 Add A New Host See section Add a New Host Note The remaini...

Page 107: ...network s settings Figure 3 81 Entering Client DHCP Option 1 Subnet mask enter the subnet mask that client computers should use 2 Default Routers enter the IP address of ComSifter This will become the Default Gateway for client computers 3 Broadcast Address in the format xxx xxx xxx 255 4 DNS Servers enter the DNS server s that client computers should use Multiple servers may be entered by placing...

Page 108: ...n will fail Figure 3 82 Edit Address Pool Address ranges An address range scope is defined in these fields Multiple to and from fields may be defined if you have static IP addresses in the middle of a range Clients to allow Not used Non Stop peer Select if this unit is a primary or secondary unit of a Non Stop pair Default lease time Not used Clients to deny When using in a Non Stop environment Co...

Page 109: ...t be entered in the format xx xx xx xx xx xx 4 Fixed IP Address The IP address to be assigned to ComSifter 5 Host Assigned to Subnet Note The remaining options are not used in ComSifter and may be left blank default The ADD Host feature may appear to be the proper solution for defining fixed IP devices on a network but best practices would suggest otherwise Since the IP is based on the client devi...

Page 110: ...Stop DHCP Server Apply Changes This will stop the DCHP server and apply all current changes You must then start the DHCP server Partner Down This informs the local Non Stop that the remote Non Stop is not available The local Non Stop will then take compete control of the address pool Warning This function should be applied if the remote Non Stop has failed been powered down or removed from the net...

Page 111: ...file is being uploaded another user starts downloading a file It would be assumed that the downloading would not be affected by the upload but this is not true As downloaded packets arrive they are acknowledged back to the sender by way of an ACK packet This packet must traverse the same path as the file being uploaded Since the uploaded file is filling the buffers at the ISP the ACK packet must w...

Page 112: ...dslreports com stest Upstream speed was 309Kbps We will take 1 off this figure 306 and use it as our Up Speed in ComSifter QOS incorporates three Queues These are Default no user control High Priority and Low priority A fourth queue called Special Network is available in the event that ComSifter is routing into another network that is a part of your LAN Each of these queues has two parameters a ra...

Page 113: ... the Internet but is routing upstream into another network that is a part of your LAN The upstream network may have the gateway to the Internet and may also have resources such as a Domain Controller that clients on ComSifter s network need to access Since these resources may be accessed at LAN speeds 10 or 100Mbps the Special Networks Queue allows these speeds to be realized Queue Rate and Ceilin...

Page 114: ...R notation If the upstream network is 192 168 1 0 and you wish this entire class C network to have priority then enter 192 168 1 0 24 A Class B network would be xxx xxx xxx xxx 16 A Class A network would be xxx xxx xxx xxx 8 Viewing Queue Status Once QOS has been configured and enabled you may review the current queue status with this command Figure 3 87 Queue Status Each Queue will display The ra...

Page 115: ...ettings in ComSifter View the status of all critical services running in ComSifter Change the Denied Access Page Download Install IDENTD Move files into and out of ComSifter using File Manager View Information about ComSifter Run an Internet Connection Test Reset ComSifter to factory defaults Change the ComSifter System Name Set Change the System Time and Time Zone Stop and Start critical services...

Page 116: ...omplished as follows 1 Click on Maintenance Backup Restore Save Configuration Data Upon clicking backup a file is created containing the user defined parameters described above 2 The file then needs to be moved to a location of your choice This is done by clicking on Maintenance File Manager File Manager will open and display the screen shown below Figure 3 89 File Manager 3 Select userdatacs8prod...

Page 117: ...s been enabled in Security Configuration If allowed a potential lockout condition could occur if the restored IP is different from that allowed in IP Access Control To allow the restore to complete you must select allow from all addresses in IP Access Control After completion of the restore you may then re enter the previous settings in IP Access Control Warning During this restart ComSifter will ...

Page 118: ...ith occasional peaks up to 50 If ComSifter sustains a 50 load for more than one minute this indicator will turn red and a message will be sent to ComSifter Technical Support Content Filter Service Content Filter is the service that is running the filtering process This indicator should always be green If the service were to stop the condition would turn red and a message will be sent to ComSifter ...

Page 119: ...net Connected Upon entering the ComSifter Status screen ComSifter does a ping test to the Comsift web site A reply will result in a green condition If a reply is not received the condition will turn red A more comprehensive test is available in Maintenance Internet Connection Test Non Stop Operation If both units of a Non Stop pair are operational and in communication this indicator will be green ...

Page 120: ...isplay that white space instead of the ad Figure 3 92 Denied Access Page In the example we see that user ronaldlambert tried to access www playboy com He was denied because the domain is a banned site in the Blacklist Domain List Next we see the local message described in Local Message Next we see the Warn and Go option If the users filter is configured to allow warn and go then clicking on If Aut...

Page 121: ...gram that must be installed on each user s client computer if multiple filters are to be used in ComSifter using the Identd authentication method See Chapter 6 Users User Management Utilities Step 1 Authentication Method Authentication Methods Explained IDENTD Only Download Install IdentD for more information on use and installation ...

Page 122: ...into and out of ComSifter The following functions use File Manger Backup Restore this function is defined in Backup Restore Merge User Names this function is defined in Chapter 6 Merge User Names from File Note File Manager requires the use of Java If you need to obtain Java it is available for download courtesy of Oracle Corporation at www java com ...

Page 123: ...me Uptime Shows the amount of time the ComSifter has been running Cache hit ratio Shows the efficiency of the cache ComSifter Health Displays the condition of ComSifter hardware Software Information Shows ComSifter revision number Figure 3 96 Software and Blacklist info Blacklist Information Displays how often the blacklist will be updated when the blacklist was last updated and when blacklist upd...

Page 124: ...s ComSifter DNS Displays ComSifter DNS configuration settings DHCP Settings Displays ComSifter DHCP configuration settings ComSifter Release Notes To view information about Release Notes click on Maintenance Information Release Notes Execute ComSifter will respond as shown below Figure 3 98 Release Notes ...

Page 125: ...in Network Network Configuration DNS will be tested If DNS passes then an Internet Connection Speed will be performed Upon completion an average speed will be displayed Note The above example was the result of a test over a standard 1 5mb DSL connection Note ComSifter will try to resolve DNS once for 5 seconds for each DNS server If unable to reach a DNS server the speed test will not run and the ...

Page 126: ... System Name Figure 3 101 System Name System Name is a friendly name that will display in the header bar of ComSifter Configuration This name may be useful if more than one ComSifter is being accessed by ComSifter administrators The name may be up to 35 alphanumeric characters and can include spaces and the symbols _ and ...

Page 127: ... and Time Zone Correct time is necessary for Hours of Operation Scheduling and for System Log entries Note ComSifter uses Network Time Protocol NTP to keep its clock accurate after the System Time has been set NTP is checked at least twice during any 24 hour period and during any power up of ComSifter Any changes to the System Time are logged to the Non Stop DHCP Log ...

Page 128: ... as needed basis Email Notification Parameters Set up parameters for email notification of serious system events These events include but are not limited to Loss or resumption of communications with a Non Stop peer Low lease level in DHCP pool Changing of external IP or DNS Hardware health in or out of specification LAN WAN Cable connect or disconnect Duplicate IP found on the WAN or LAN interface...

Page 129: ...pient Email address of the first of two possible recipients Do not change Email address of second recipient Email address of the second of two possible recipients From email address A valid email address the Non Stop can use to send emails Do not change SMTP Server The Simple Mail Transport Protocol Server that the Non Stop will use to send emails Do not change SMTP authorized user name A user nam...

Page 130: ...estart ComSifter as if the power were turned off then on The restart will take up to two minutes to complete and will disrupt client Internet connections This should only be used if instructed to do so by Comsift Technical Support Clear all log files All logs will be cleared During this process all ComSifter services will be restarted This will result in up to a 30 second interruption Clear DHCP L...

Page 131: ...er What additional domains and URLs are to be fully or partially banned What domains and URLs are to be excepted The CSphrase sensitivity threshold Activation and access time for the Warn and Go feature Figure 4 1 Filter Setup screen In addition to each filter all of the groups and lists selected in the Master Filter will be applied The Master Filter settings are used when a setting is required on...

Page 132: ...ist and assigning nousername to another filter of your choice Master Filter Items entered in the Master List affect all users and all filters If you have a domain URL extension or MIME type that you either want to ban or except system wide it should be entered in the Master List Additionally the Master List includes A utility to restart the ComSifter Filter service A powerful search facility A com...

Page 133: ...it including the domain s URLs unless the URL is listed in the Banned URL List Add Figure 4 3 Add Domain to Full Exception List 1 To add a Domain to be excepted select Add in the Function drop down box 2 Enter the domain to be excepted 3 Click Execute Note To except all of a domain enter only the domain name without the www subdomain It is possible to except the domain prefix by putting in the app...

Page 134: ...he ComSifter or may be proactive such as a local home page or site that you deem safe If ComSifter sees this URL it will not filter any portion of it including its URLs unless the URL is listed in the Banned Domain List Add 1 To add a URL to be excepted select Add in the Function drop down box 2 Enter the URL to be excepted 3 Click Execute Note ComSifter will allow alphanumeric characters the symb...

Page 135: ...racters Delete 1 To delete a domain select Delete in the Function drop down box 2 Select the domain from the Domain to Delete 3 Click Execute Partial Exception URL Filter List The Partial Exception URL List allows you to enter a URL that you do not want to be completely excepted but instead allow CSphrase Filtering to determine if the site is appropriate based on good words phrases and bad words p...

Page 136: ...characters Delete 1 To delete a domain select Delete in the Function drop down box 2 Select the Domain from the URL to Delete 3 Click Execute Banned URL List The Banned URL List allows you to enter a URL name that you want to be banned Add 1 To add a URL select Add in the Function drop down box 2 Enter the URL to be banned 3 Click Execute Note ComSifter will allow alphanumeric characters the symbo...

Page 137: ... located in the Words Phrases category These groups may be activated or deactivated depending on the requirements of your installation The groups are Ads Audio video Chat Custom A Custom B Drugs Gambling Hate Hacking Mail In addition to the above list two additional groups are permanently engaged These are Pornography Good Words Phrases Activating Filters To activate a filter 1 Select Activate in ...

Page 138: ...er CS 8D Pro 4 8 Deactivating Filters To deactivate a filter 1 Select Deactivate in the Function drop down box 2 Select the filter to deactivate in the Select Filter to Deactivate drop down box 3 Click Execute Figure 4 6 Deactivating a Filter ...

Page 139: ...ed to the good word phrase After analyzing all the words on a page ComSifter will compare its Sensitivity Counter with the Sensitivity Threshold set for the individual filter If the threshold is exceeded the page will be banned Note The actual words phrases that are in each of these filter groups are located in the Words Phrases category and are discussed in Chapter 4 These groups may be activated...

Page 140: ... Chat Drugs Gambling Hate Hacking Mail In addition to the above list there is a pornography group This group is permanently enabled Blacklist URL Filter Groups ComSifter has available nine Blacklist URL filter groups A URL is a subset of a domain and is typically denoted by the symbol If a URL is in the filter group and the filter is activated the site will be banned Note These groups are maintain...

Page 141: ...l Logging When enabled ComSifter will log every request A typical web site may have a minimum of 10 40 requests per page In a week this may translate in up to a million log entries To reduce the size of the logs and increase the speed of log searching Comsift recommends turning this feature off When not enabled only text files will be logged This can easily reduce the size of the log files by a fa...

Page 142: ... the value selected in characters A smaller number will result in smaller log sizes and faster searches Only the maximum of 2500 characters should be used for testing Inactivity Timeout The default inactivity timeout for the ComSifter is 15 minutes This can be increased to as much as 60 minutes before requiring logging in to the ComSifter again ...

Page 143: ...te ComSifter sorts the Filter Setup alphabetically Changing a filter name will change this sort Although you can change the name of Filter 1 it will always carry the suffix non IDENTD The filter mapping name change associated with a filter number can be referenced by going to Maintenance Information ComSifter Information under the section Filter Mappings Warning If the ComSifter is set to synchron...

Page 144: ...T E R S E T U P User Guide ComSifter CS 8D Pro 4 14 Clear Filter This command will reset the filter to factory defaults Figure 4 9 Clear Filter Select Yes to reset the filter to factory defaults Click Execute ...

Page 145: ...e should be banned and it is not Note Search will search through all filters and lists This includes the blacklist that Comsift controls A search report will show if an item was found in the Comsift controlled blacklist or the administrator controlled lists Items in the Comsift controlled blacklist are not accessible or configurable If an item is banned and you do not want it banned you must excep...

Page 146: ...ct Match Report The search report shows us that badsite com was not found in the ComSifter controlled blacklists but was found in the Master Filter Banned Domain List With this information we can then go to the Master Filter and look in the Banned Domain List for badsite com ...

Page 147: ...he beginning of a string This is useful when looking for domains that have county extensions or when looking for all the URLs that are listed within a domain Figure 4 12 Begins With Search Figure 4 13 Begins With Report In the example we see that badsite com was found in the Master Filter Banned Domain List We see that badsite com au was also found in the same list ...

Page 148: ...s found anywhere in the string Figure 4 14 Any Match Search Figure 4 15 Any Match Report In the example we see that anybadsite com reallybad was found in the Master Filter Banned URL List badsite com was found in the Master Filter Banned Domain List badsite com au was found in the Master Filter Banned Domain List ...

Page 149: ...effective until the ComSifter Filter is restarted ComSifter is designed to allow you to quickly make multiple changes to filter settings and then apply the changes by restarting the filter Figure 4 16 Restart ComSifter Filter Note A restart may take up to 30 seconds to complete During this time all Internet connections will be disrupted ...

Page 150: ...guration of the Master Filter This report is useful for understanding at a glance how the Master Filter is configured It includes CSphrase Filter Groups that are active Blacklist Filter Groups that are active All domains URLs extensions and MIME types that are in there respective lists Figure 4 17 Display Summary Report ...

Page 151: ...nfiguration details with the following exceptions Individual filters do not have a Change Filter Name Command Individual Filters have several additional commands Regular Expressions RegEx modify ban or except Page Header and URL Hours of Operation Warn and Go Change Sensitivity Copy Filter Individual Filters have additional features that can be utilized in areas covered in the Master Filter Whitel...

Page 152: ...regular expression on the page and when matched replace the expression HTTPS transactions are encrypted and cannot be replaced Modify Header RegEx Modify Header is used to match a regular expression in the HTML header and when matched replace the expression Banned Header RegEx Banned Header is used to match a regular expression in the HTML header and when matched ban the page Modify URL RegEx Modi...

Page 153: ...F I L T E R S E T U P User Guide ComSifter CS 8D Pro 4 23 Figure 4 19 Modify Page RegEx ...

Page 154: ...ment force filtering on cookie ADLT OFF DEMOTE Cookie 1 ADLT STRICT Banned Header RegEx Block several version of Internet Explorer User Agent MSIE Modify URL RegEx Substitute youtube com with youtube com education for YouTube for Schools http a zA Z0 9 youtube com _a zA Z0 9 1 edufilter your_schools_ke y here http a zA Z0 9 youtube com 1 edufilter your_schools_k ey here Banned URL RegEx Ban Google...

Page 155: ...e stating that the Internet is not active due to the Hours of Operation Schedule Note Filter 1 non IdentD does not have Hours of Operation Figure 4 20 Hours of Operation Filters 2 through 8 only Normal Operation Enter the desired Start End Times Start End Days and click Execute Permanently Off To permanently turn off a filter select 00 00 as the Active Start Time and 00 00 as the Active End Time S...

Page 156: ...ter CS 8D Pro 4 26 Permanently On To permanently turn on a filter select 00 00 as the Active Start Time and 24 00 as the Active End Time and select Sunday as the Active Start Day and Saturday as the Active End Day Figure 4 22 Permanently On ...

Page 157: ...for administrators staff and others that would like to know that their destination is potentially unsafe If Warn and Go is enabled it will allow viewing of a blocked site for the selected period of time Figure 4 23 Warn and Go Enable 1 To enable Warn and Go select the time period that the user will be able to view the site 2 Click Execute Disable 1 To Disable Warn and Go select disable 2 Click Exe...

Page 158: ... are any Good Words Phrases on the same page the CSphrase Sensitivity counter will decrement by the weight assigned to the good word phrase After analyzing all the words on a page ComSifter will compare it s Sensitivity Counter with the Sensitivity Threshold set for the individual filter If the threshold is exceeded the page will be banned Figure 4 24 Sensitivity Threshold Sensitivity Level Guidel...

Page 159: ...actory defaults Note It is important to choose the option from the filter that you want changed The settings will be selected from another filter to this filter Figure 4 25 Copy Filter Select the filter that you want to modify In the example above Filter 5 is the filter to be modified From Select the filter to copy into this filter select the filter that has the settings you wish to apply to this ...

Page 160: ...to Add Click Execute Note Setting up the whitelist blocks ALL Internet traffic To allow the actual whitelisting of specific sites follow the directions below Add specific site exception to be whitelisted In the filter setup from the steps above go to either the Full or Partial Exception Domain List or Full or Partial Exception URL List To add a domain URL select Add in the Function drop down box E...

Page 161: ... Good words phrases have a negative value while bad words phrases have a positive value These values are kept internally in a Sensitivity Counter 6 Upon completing the analysis CSphrase Technology compares the Sensitivity Counter with the Sensitivity Threshold for the user s filter If the threshold is exceeded the Access Denied Page is given to the user and the event is logged in ComSifter Access ...

Page 162: ...d be gambling Thus if the web page said Visit our casino to gamble at your favorite games the page would be banned If a match of a word beginning with gambling is required then the proper format would be gambling Thus if the web page said Solve your gamblingfever the page would be banned If a match of a word ending in with gambling is required then the proper format would be gambling Thus if the w...

Page 163: ...e in Words Phrases will not become effective until the ComSifter Filter is restarted ComSifter is designed to allow you to quickly make multiple changes to Words Phrases and then apply the changes by restarting the filter Figure 5 3 Restart ComSifter Filter Note A restart may take up to 30 seconds to complete During this time all Internet connections will be disrupted ...

Page 164: ...g or Deleting Words Phrases Add To add a word to the Banned CSphrase Word Phrase list 1 Select Add Word Phrase in the Function drop down box 2 Enter the Word Phrase to be banned following the syntax rules described at the beginning of this chapter 3 Click Execute Delete To remove a word in the Banned CSphrase Word Phrase list 1 Select Delete Word Phrase in the Function drop down box 2 Select the W...

Page 165: ...d the user will receive an Access Denied Page If the threshold is not exceeded the user will be allowed to view the web page Figure 5 5 Editing Weighted Words Phrases Add To add a word to the Weighted CSphrase Word Phrase list 1 Select Add Word Phrase in the Function drop down box 2 Enter the Word Phrase to be banned following the syntax rules described at the beginning of this chapter 3 Assign a ...

Page 166: ...rch for a Word or Phrase The search will check all Word Phrase groups and return where the search term was found In the following example we are searching for the word gambling Figure 5 6 Word Phrase Search Figure 5 7 Word Phrase Search Result Search returns a report that tells us gambling was found in gambling weighted and has a weight of 30 ...

Page 167: ...names Each username must be entered into the ComSifter Username Database and a filter associated with the user name Individual entries IP addresses Each IP address must be entered into the ComSifter IP Database and a filter associated with the IP address File Import Usernames may be imported from a comma separated value CSV based file Active Directory Integration ComSifter will synchronize with a ...

Page 168: ...r by username or to unblock a user by username Note The username must already have been entered into the ComSifter via the User Management Utilities Step 3a Active Directory or Step 3b ComSifter Username Database Enable Block To block a user Set Function to Enable Block Select the username to be blocked Click on Execute Figure 6 2 Blocking a User Note Upon clicking Execute ComSifter Filter Service...

Page 169: ...Remove Block Choose the username to be unblocked from Select User Name to be Un Blocked Click on Execute Figure 6 3 Un Blocking a User Note Upon clicking Execute ComSifter Filter Service will restart automatically This may take up to 30 seconds and will disrupt other Internet users during the restart ...

Page 170: ...onds and will disrupt other Internet users during the restart Warning If DHCP is being used on the network be aware that the IP address being blocked can be given to another computer on the network causing that computer to lose Internet access Best practice would suggest setting a reservation Active Directory or Host ComSifter to assign a specific IP to that computer based on the computer s MAC ad...

Page 171: ...fter CS 8D Pro 6 5 Figure 6 5 Removing Blocked Computer by IP Note Upon clicking Execute ComSifter Filter Service will restart automatically This may take up to 30 seconds and will disrupt other Internet users during the restart ...

Page 172: ...rname must already have been entered into the ComSifter via the User Management Utilities Step 3a Active Directory or Step 3b ComSifter Username Database Enable Bypass To bypass a user Set Function to Enable Bypass Select the username to be bypassed in Select User Name to Enable Bypass Set the bypass time for the user in Time to Bypass Click on Execute Figure 6 6 Enable User Bypass Note Upon click...

Page 173: ...User Guide ComSifter CS 8D Pro 6 7 Figure 6 7 Remove User Bypass Note Upon clicking Execute ComSifter Filter Service will restart automatically This may take up to 30 seconds and will disrupt other Internet users ...

Page 174: ...uter to be bypassed in Select IP to Enable Bypass Set the bypass time for the IP address in Time to Bypass Click on Execute Figure 6 8 Enable Computer Bypass Note Upon clicking Execute ComSifter Filter Service will restart automatically This may take up to 30 seconds and will disrupt other Internet users Remove Bypass To remove a bypass Set Function to Remove Bypass Choose the IP address to be rem...

Page 175: ...er Guide ComSifter CS 8D Pro 6 9 Figure 6 9 Remove Computer Bypass Note Upon clicking Execute ComSifter Filter Service will restart automatically This may take up to 30 seconds and will disrupt other Internet users ...

Page 176: ...omSifter CS 8D Pro 6 10 User List User List allows you to Display user list by filter Display user list alphabetically Figure 6 10 User List Commands without AD Integration Figure 6 11 User List Commands with AD Integration ...

Page 177: ...ommand will display by filter all the User Names in the ComSifter Database Figure 6 12 User Names by Filter Display user list alphabetically This command will display alphabetically all the User Names and their filter in the ComSifter Database Figure 6 13 User Names Alphabetically ...

Page 178: ...U S E R S User Guide ComSifter CS 8D Pro 6 12 User Management Utilities Figure 6 14 User List Management ...

Page 179: ...y performing an LDAP query to AD Step 3b Administer Retrieve User Names from ComSifter Username Database only used for Basic Authentiction method ComSifter will populate the user list by using a database located in the ComSifter This is an alternate method for facilities without a domain controller or Windows Server Step 3c Administer Retrieve User IPs from ComSifter IP Database ComSifter will pop...

Page 180: ... Delete all usernames from ComSifter This will delete all names from the user list Warning All names will be permanently deleted If usernames are retrieved from AD you must disable that feature before clearing this list otherwise the list will be repopulated at the next sync every 15 minutes Display Summary Displays a summary of items in the User Management Utilities ...

Page 181: ...mine that the ComSifter is a man in the middle and refuse to complete the transaction Additionally if a client program uses a non standard port not port 80 and encrypts the transmission HTTPS the ComSifter is unable to see the data and apply filtering rules The real world result of this is users are able to try adding an s to the protocol HTTPS to see if the web site has a secure server If so this...

Page 182: ...er to map the user to specific filters This mode is required when using either Basic or NTLM authentication methods Pros Browser must authenticate with the proxy which increases security and gives the ComSifter a method of retrieving a username automatically HTTPS transactions work properly as ComSifter is not seen as a man in the middle ComSifter has a chance to see if a site is on the blacklist ...

Page 183: ...vers This rule will configure the browser s proxy configuration on any computer connected to the Domain As this rule is under User Configuration domain users will be required to logout and re login to activate the rule 1 Edit your Group Policy 2 Under User Configuration click Windows Settings Internet Explorer Maintenance Connection Figure 6 15 Browser Proxy Configuration Group Policy ...

Page 184: ... 10 000 so trying to access the ComSifter while in proxy mode will fail The fix for this issue is very straightforward All browsers in the Proxy Configuration area will have a provision for exceptions Any IP placed in the exception list will not use Proxy Mode place the ComSifter s IP in this exception area To resolve this issue add the ComSifter s IP address 192 168 100 1 in this example to the E...

Page 185: ...ctions page for Local Client Computers 1 Edit your Group Policy 2 Under Computer Configuration click Administrative Templates Windows Components Internet Explorer Internet Control Panel 3 In the right panel double click Disable the Connections page 4 Click on Enabled 5 Click OK ...

Page 186: ... When a browser application is opened an authentication popup will appear A username password combination that has previously been input into the ComSifter Username Database must be entered The browser application must be in Proxy Mode 2 NTLM with fallback to Basic When an NTLM browser application is opened authentication is performed automatically with no user input For NTLM authentication to wor...

Page 187: ...P of the client computer is used to authenticate IP information must be entered in the ComSifter IP Database All client IP addresses must be non changing static The browser application may be in either Transparent or Proxy Mode 7 IP Only proxy mode Same as Item 6 above with the requirement that the browser application must be in Proxy Mode 8 No Authentication transparent mode No authentication is ...

Page 188: ...onal Terminal Services Yes Yes No No Yes Browsers Most current browsers IE Chrome and FF Yes Doesn t matter Doesn t matter Doesn t matter Speed Efficiency Good Requires 1 extra transaction per connect Usable Requires up to 3 extra transactions Good Requires 1 extra transaction Excellent No extra transactions Excellent No extra transactions Security ability to spoof Difficult for normal user easy f...

Page 189: ...r The user must enter a username password combination that was previously entered into the ComSifter Username Database Note The user will not be re asked for credentials unless one of the following is true The browser is closed and then re opened The user browser makes no requests to the Internet for two 2 hours In practice this never happens Method Pros and Cons Pros Any computer can access the I...

Page 190: ...ring rules set in the AD domain controller The computers are using browsers that support NTLM When a browser is opened it is automatically authenticated using the usernames and passwords available in the AD domain controller The user does not have to do anything The 20 laptops when connected to the network and a browser is opened will get a pop up requesting authentication The user must enter a va...

Page 191: ...d the firewall rule may be automatically load using Group Policy In the absence of a domain controller the service and firewall exception must be manually loaded on each client computer Operation When a user opens a browser application the ComSifter looks at the client computer s IP address The ComSifter then queries the IP address with the command who are you The client computer running comsiftse...

Page 192: ...fter will query the IP of the requesting computer and ask for its IDENTD The IDENTD program will respond with the username of the user currently logged into the computer ComSifter then matches the username with the filter associated in the ComSifter Username Database and applies the filter settings appropriate for that filter By using IDENTD multiple users may log into and out of a computer during...

Page 193: ...ushed out with a Group Policy rule Warning Identd listens on Port 113 of the client computer If client computers have personal firewalls Port 113 must be opened If Port 113 is not opened Internet access will fail Note If other local firewall programs are used e g from anti virus software the port 113 exception must be made in that firewall instead usually only one firewall is allowed to run on a l...

Page 194: ...U S E R S User Guide ComSifter CS 8D Pro 6 28 Figure 6 19 Windows Firewall ...

Page 195: ...e ComSifter CS 8D Pro 6 29 2 Click on Exceptions Figure 6 20 Click Exceptions 3 Click on Add a Port Figure 6 21 Add Port 113 TCP 4 Enter Comsift as the Name 5 Enter the port as 113 6 Ensure that TCP is selected 7 Click OK ...

Page 196: ...U S E R S User Guide ComSifter CS 8D Pro 6 30 8 You should now see the rule added to your exception list Figure 6 22 Finished Rule ...

Page 197: ...e will open port 113 inbound on any computer connected to the Domain As this rule is under Computer Configuration a one time restart of all Domain Computers will be required to activate the rule 9 Edit your Group Policy 10 Under Computer Configuration click Administrative Templates Network Network Connections Firewall Domain Profiles Define Inbound Port Exceptions Figure 6 23 Port 113 Exception ...

Page 198: ...er Guide ComSifter CS 8D Pro 6 32 11 Click on Enabled 12 Click on Show Figure 6 24 Define Properties 13 Enter the following string into the text field 113 tcp enabled Comsift 14 Click Add Figure 6 25 Show Contents ...

Page 199: ...pt to push out at each login Warning ComSifter CS 8D Pro relies on secure authentication from the client workstation Windows NT 2000 XP Vista 7 Apple Macintosh OS X and Linux are able to provide this secure authentication Windows 95 98 ME is unable to provide secure authentication As a result Comsift is unable to officially support Windows 95 98 ME If you have a mixed environment that includes the...

Page 200: ...ps Note File Manager requires the use of Java If you need to obtain Java it is available for download courtesy of Oracle Corporation at www java com Figure 6 26 Download Install IDENTD from ComSifter 1 Select the appropriate file based on the operating system and installation type from within the directory and click on the Save icon 2 A standard save dialog box for your operating system will open ...

Page 201: ...available on the CD follow these steps Figure 6 27 ComSifter CD 1 Insert the CD 2 Autorun will run and you should see the ComSifter splash page 3 Click on Identd Utilities to open the following page 4 Determine which Identd to install Figure 6 28 Open Identd Utilities ...

Page 202: ...e click comsiftservice14 msi After installation completes Comsift Service will be listed in the computers Services Note Comsift Service will not appear in Add Remove Programs It must be installed by an administrator The installer is designed for silent installation Once started it will complete without notice unless there is an error This design allows the MSI file to be used in Group Policy for a...

Page 203: ...utomatically installed to all Windows 7 Vista XP computers that are part of a domain 1 Copy comsiftservice14 msi to a Domain User accessible directory located on your domain controller 2 Open the Group Policy editor to the Group Policy of your choice 3 Open Computer Configuration Software Installation New Package Figure 6 30 Add New Package to Software Installation ...

Page 204: ...ouble click comsiftservice14 msi Figure 6 31 Select comsiftservice msi 5 You will be prompted to select a deployment method Select assigned unless your requirements differ Figure 6 32 Select Deployment Method 6 After a few seconds Comsift Service will appear as shown in the following figure Figure 6 33 Finished Rule ...

Page 205: ...known computers tablets or smartphones will use DHCP The range of addresses assigned by DHCP is mapped to a filter for unknown devices Operation When a user opens a browser application the ComSifter looks at the IP then redirects the user to the appropriate filter based on data entered in Users User Management Utilities Administer Retrieve User IP s from ComSifter IP Database The operation is comp...

Page 206: ...are if the username is logged They do not care that all users will use a single filter Operation No authentication is done The operation is completely transparent to the end user Method Pros and Cons Pros The operation is completely transparent to the end user Any device can access the Internet No software needs to be installed on client computers This method is a single stage transaction No extra...

Page 207: ... 6 34 Joining the ComSifter to an Active Directory domain To properly join the ComSifter to the Domain Controller ComSifter must know the following information Join ComSifter to the AD Domain In this field click Yes to join to an Active Directory domain or No to remove the ComSifter from the Active Directory domain Full Name of the AD Domain In this field enter the name of the Domain Controller Th...

Page 208: ... name is comsift Password Server In this field enter the server IP address of the Password Server for your network In a typical simple network this IP address is the domain controller itself In the screenshot above the machine name is 192 168 10 5 Enter Username Authorized to Join the Domain In this field enter the authorized user to join the domain Typically this is the main administrator usernam...

Page 209: ...n that filter Note If NTLM is used as the authentication method Step 1 it is necessary to also join the ComSifter to the Active Directory domain as a member Step 2 See previous section for details Preparing Active Directory for Synchronization Before this feature is enabled on the ComSifter the following changes must first be made to Active Directory on the domain controller 1 Add an Organizationa...

Page 210: ...r CS 8D Pro 6 44 Figure 6 36 OU Naming 2 Under the OU ComSifter add new groups using the exact name of the filter label in ComSifter by default filter names in ComSifter are labeled Filter 1 Filter 2 Filter 3 Figure 6 37 AD Groups ...

Page 211: ... Com last name Sifter The new user s username must be comsifter Assign a password to new user Figure 6 38 Add Domain User ComSifter The Domain Controller is now prepared to accept queries from the ComSifter for user names and filter assignments Note Any changes made to the users in Active Directory will be reflected in ComS7ifter s User List ...

Page 212: ...information Populate the user list by a LDAP query to the AD Domain Controller Users and Computers In this field click Yes to enable Active Directory integration or No to disable Active Directory integration Warning Use this command with caution Step 3a Administer Retrieve usernames from Active Directory and Step 3b Administer Retrieve Usernames from ComSifter Username Database are mutually exclus...

Page 213: ...68 1 2 Distinguished Name In this field enter the Distinguished Name of the server as follows If the server name is fully qualified as in myschool com then enter DC myschool DC com Note the comma is not a typo If the server name is not fully qualified then enter just the domain name i e DC myschool AD User Name In this field enter the Common Name CN of the AD domain user Com Sifter this was define...

Page 214: ... is already included in the database with a username password of csadmin csadmin The username can be deleted Adding a new User This command will add a new user to the database In the following example new user dsmith is being added Function must be set to Add User New User Name must be set to the user s username this is the same name the user used to login to their computer Enter Password will be ...

Page 215: ...U S E R S User Guide ComSifter CS 8D Pro 6 49 Figure 6 40 Add User ...

Page 216: ... Modify User Select Profile to be used by user should be set to the filter to which the new user will be directed Select User Name to be modified deleted should be set to the user s username Upon clicking Execute the filter will be changed Note ComSifter retains the password information for each user It is not necessary to re enter the user s password to modify the filter to which the user will be...

Page 217: ...ill delete a user name from the database In the following example dsmith is being deleted Function must be set to Delete User Select User Name to be modified deleted should be set to the user s username Upon clicking Execute the User Name will be deleted Figure 6 42 Delete User ...

Page 218: ... 255 255 255 0 Note Best networking practice would suggest setting static IP addresses for all network clients instead of using DHCP This will avoid clients unintentionally receiving an IP set to a different filter that allows content not meant for certain users Adding a new IP This command will add a new IP to the database In the following example new user 192 168 1 45 is being added Function mus...

Page 219: ...U S E R S User Guide ComSifter CS 8D Pro 6 53 Figure 6 43 Add IP ...

Page 220: ...ample 192 168 1 45 filter assignment is being changed to Filter 7 Function must be set to Modify IP Select filter to be used by IP should be set to the filter to which the new IP will be directed Select IP to be modified deleted should be set to the IP address to be modified Upon clicking Execute the filter will be changed Figure 6 44 Modify IP ...

Page 221: ...delete an IP address from the database In the following example 192 168 1 45 is being deleted Function must be set to Delete IP Select IP to be modified deleted should be set to the IP address to be deleted Upon clicking Execute the User Name will be deleted Figure 6 45 Delete IP ...

Page 222: ...e filter at a time In large installations best practices would suggest building multiple merge files each can then be merged to a specific filter The file must be named users txt The file must be previously uploaded to ComSifter using File Manager Upon clicking Execute ComSifter will process the file by looking on each line for a text string followed by a CR LF If the format is valid ComSifter wil...

Page 223: ...me 14 It is not compatible with Mozilla Firefox or Apple Safari any versions Figure 6 47 Enable Disable Automatic Proxy Configuration Enable Disable Automatic Proxy Configuration Selecting Yes will enable the Automatic Proxy Configuration modifying ComSifter s DHCP server to include the location of the WPAD file when configuring client computers It will also enable ComSifter s internal web server ...

Page 224: ... pad wpad date file Certain authentication methods require the user s browser to be in Proxy Mode This script allows auto configuration of the user s browser Figure 6 48 Edit Proxy File Note It is not necessary to edit this file It will work as is and only should be altered by someone with WPAD knowledge and reason to add to the script ...

Page 225: ... or do not have a method of setting proxy mode In these cases the domain URL that the application is accessing must be entered into the Application Bypass List If a domain URL is in this list then the proxy will be bypassed and the application will be able to connect with the domain URL it is trying to access Figure 6 49 Client Program Application Bypass Note Do not enter www or http in front of t...

Page 226: ...dded to the bypass list Upon clicking Execute the new domain URL will be added to ComSifter s bypass list Figure 6 50 Add a Domain URL to the Client Program Application Bypass Deleting a Domain URL This command will delete a domain URL from the bypass list In the following example comsift com is being deleted Function must be set to Delete Domain to Delete should be set to the domain URL to be del...

Page 227: ...U S E R S User Guide ComSifter CS 8D Pro 6 61 Figure 6 51 Delete a Domain URL to the Client Program Application Bypass ...

Page 228: ...nction must be set to Merge Bypass On Upon clicking Execute the ComSifter Bypass List will merge with the Comsift maintained Bypass List Figure 6 52 Merge with Comsift Maintained Bypass List Note Unmerging the Comsift maintained Bypass List will not remove the domains URLs that have been added unmerging will only discontinue adding new domains URLs that have been added to the Comsift maintained By...

Page 229: ...U S E R S User Guide ComSifter CS 8D Pro 6 63 Figure 6 53 Turning off Merge with Comsift Maintained Bypass List ...

Page 230: ...ble the Merge Exception List feature This will add all the domains in the Application Bypass List to the Exception site List for Filter 1 Doing this will block unidentified users from your network while allowing applications that need to bypass the Proxy to function properly Function must be set to Merge Exception On Upon clicking Execute the ComSifter Bypass List will merge with the Comsift maint...

Page 231: ...U S E R S User Guide ComSifter CS 8D Pro 6 65 Figure 6 55 Turning off Merge with Exception Domain List ...

Page 232: ... the list generated by the debug mode One of the items says download maps com This entry would be suspect and should be tried in the Client Program Application Bypass List Enable Debug Mode By default this option is disabled Select Yes for Enables the special debug mode Upon clicking Execute ComSifter will search the log and show DENIEDs that were processed Note Due to the large amount of traffic ...

Page 233: ...en immediately refresh the debug log results Raw Data for DENIEDs By default this option is disabled Select Yes for Shows the raw data for the Denieds Upon clicking Execute ComSifter will search the log and show the raw data of the DENIEDs that were processed Note It is not necessary to use the raw data mode unless Comsift Support requests it ...

Page 234: ...ectory or Step 3b via the ComSifter Username Database can be cleared from the ComSifter using this command Figure 6 57 Delete All Usernames from ComSifter Note If usernames are retrieved from Active Directory you must disable that feature before clearing this list Otherwise the list will be repopulated within 15 minutes Warning All names will be permanently deleted ...

Page 235: ...U S E R S User Guide ComSifter CS 8D Pro 6 69 Display Summary This command will show an overall summary of all the sections of User Management Utilities Figure 6 58 Display Summary ...

Page 236: ... 7 1 Chapter 7 ComSifter Operation ComSifter operates as an in line filter between the requesting computer and the Internet The diagram below shows how a request is routed through ComSifter Figure 7 1 ComSifter Operation showing the use of authentication method IdentD ...

Page 237: ...ategorized by content 4 ComSifter then loads the complete page into memory and scans every word on the page It then applies the CSphrase Filter Technology to determine if the page is acceptable or not 5 If acceptable the page is sent to the requesting computer 6 If the page is deemed unacceptable the Access Denied page is sent to the requesting computer Order of Precedence Following is the Order o...

Page 238: ...e sites are blocked until they can be added to the Blacklist ComSifter uses CSphrase Filtering technology CSphrase Filtering scans and assigns a numeric weight to each word on the requested page Appropriate words are assigned a negative value while inappropriate words are assigned a positive value ComSifter then adds these weights together and derives a value for the page This value is then compar...

Page 239: ...e click the URL above and you ll be transported to our website On our website you will find the latest information about our leading edge solutions product announcements along with a form you can use for general information requests Sales Our friendly and knowledgeable sales staff is available to answer your sales related questions Hours of operation are from Monday through Friday 8 00 a m to 5 00...

Page 240: ...ters being connected to ComSifter at once Throughput Raw throughput through ComSifter is greater than 250 Mbps when serving large files from the proxy cache Filtered throughput through ComSifter has been tested at over 105 Mbps using Comcast XFINITY Extreme 105 Internet access This figure may be reduced based on the number of concurrent connections the size of pages that are being filtered and the...

Page 241: ...er CS 8D Pro 3 Mechanical Environmental Dimensions 2 44 H x 7 56 W x 8 27 D Weight 3 5 lbs Electrical 115 VAC 26 watts Temperature 50 95 F 10 35 C Note If the unit becomes overheated the unit will sound an audible tone a constant beep until the condition is cleared ...

Page 242: ...ing Hate Porn Weighted CSphrase Filter Groups Porn Porn Ads Audio video Chat Custom a Custom b Drugs Gambling Games Hacking Hate Mail Porn Ads Audio video Custom a Custom b Drugs Gambling Games Hacking Hate Porn Blacklist Domain Filter Groups Porn Porn Ads Audio video Chat Drugs Gambling Games Hacking Hate Mail Porn Ads Audio video Drugs Gambling Games Hacking Hate Porn Full Exception Domain List ...

Page 243: ...mdz mp3 mpeg msc mst ogg ops otf pcd pif prf asf avi bin bz2 cdr cpl cue dll dmg exe gz hlp hqx inf ini ins iso isp mda mdb mde mdn mdt mdw mdz mp3 mpeg msc mst ogg ops otf pcd pif prf rar reg scr sct sea sh shs sit smi sys tar tgz vxd wmf zip rar reg scr sct sea sh shs sit smi sys tar tgz vxd wmf zip Sensitivity 150 100 150 200 Hours of Operation Always On Always On Always On Always On Warn and G...

Page 244: ...ment installation or electrical supply improper maintenance or any other misuse abuse or mishandling iv governmental actions or inactions v strikes or work stoppages vi Your failure to follow applicable use or operations instructions or manuals or vii such other events outside Comsift s reasonable control Upon discovery of any failure of the Hardware or component thereof to conform to the applicab...

Page 245: ...source code for these programs only upon request at a nominal charge If you are interested in obtaining a copy of such source code please contact Comsift Customer Service at the above addresses for further information 4 Export Regulation You agree to comply strictly with all applicable export control laws including the US Export Administration Act and its associated regulations and acknowledge You...

Reviews:

No comments