|
|
N2H2 is a third party Internet filtering package that allows you to use Internet content filtering through the SonicWALL.
When you select N2H2 from the Content Filter Type menu, the N2H2 tab is available.
Alert!
Customization of Content Filtering is not available if you select N2H2 as your
source for your Content Filter List. Refer to your N2H2 documentation for details
on configuring N2H2 Internet Filtering for your network.
Apply filter and Restrict Web Features on - specifies the port you want content filtering. You can choose LAN or DMZ or both.
Select any of the following applications to block in the Configure tab
ActiveX - ActiveX is a programming language that embeds scripts in Web pages. Malicious programmers can use ActiveX to delete files or compromise security. Select the ActiveX check box to block ActiveX controls.
Java - Java is used to download and run small programs, called applets, on Web sites. It is safer than ActiveX since it has built-in security mechanisms. Select the Java check box to block Java applets from the network.
Cookies - Cookies are used by Web servers to track Web usage and remember user identity. Cookies can also compromise users' privacy by tracking Web activities. Select the Cookies check box to disable Cookies.
Known Fraudulent Certificates - Digital certificates help verify that Web content and files originated from an authorized party. Enabling this feature protects users on the LAN from downloading malicious programs warranted by these fraudulent certificates. If digital certificates are proven fraudulent, then the SonicWALL blocks the Web content and the files that use these fraudulent certificates. Known fraudulent certificates blocked by SonicWALL include two certificates issued on January 29 and 30, 2001 by VeriSign to an impostor masquerading as a Microsoft employee.
Access to HTTP Proxy Servers - When a proxy server is located on the WAN, LAN users can circumvent content filtering by pointing their computer to the proxy server. Check this box to prevent LAN users from accessing proxy servers on the WAN.
Select this option if you have trusted domains using Java, ActiveX, and Cookies. To add a trusted domain, enter the domain name into the Add Trusted Domain field. Click Update to add the domain to the list of trusted domains. To delete a domain, select it from the list, and then click Delete.
Trusted Domains can be added in the Restrict Web Features section of the Configure tab. If you trust content on specific domains, you can select Don’t block Java/ActiveX/Cookies to Trusted Domains and then add the Trusted Domains to the SonicWALL. Java scripts, ActiveX, and cookies are not blocked from Trusted Domains if the checkbox is selected.
Enter your customized text to display to the user when access to a blocked site is attempted. The default message is Web Site blocked by SonicWALL Filter. Any message, including embedded HTML, up to 255 characters long, can be entered in this field.
This section displays the status of the N2H2 Internet Filtering Protocol (IFP) server you are using for Internet filtering.
Server Host Name or IP Address - Enter the Server Host Name or the IP address of the N2H2 Internet Filtering Protocol (IFP) server used to receive IFP requests.
Listen Port - Enter the UDP port number for the N2H2 Internet Filtering Protocol (IFP) server to “listen” for the N2H2 traffic. The default port is 4005.
Reply Port - Enter the UDP port number for the N2H2 server to send packets from the N2H2 client to the SonicWALL. The default port is 4005.
User Name - The User Name refers to a configuration of users, a group of users, or network defined within the N2H2 software
If Server is unavailable for 5 secs - The default value for timeout of the server is 5 seconds, but you can enter a value between 1 and 10 seconds.
If the N2H2 server becomes unavailable, select from the following two options:
Block traffic to all Web sites
Allow traffic to all Web sites
Configure the size of the URL Cache in KB based on your SonicWALL Internet Security Appliance model.
XPRS, PRO, SOHO2, TELE2, SOHO3, TELE3, and PRO-VX: 128 KB
PRO 100, PRO 200, PRO 300, PRO2, PRO-VX2: 256 KB
GX250, GX 2500, GX650, GX 6500: 1024 KB
Tip!
A larger URL Cache size can increase in noticeable improvements in Internet
browsing response times.