8e6 Technologies ProxyBlocker HTTPS Filtering

GLOBAL ADMINISTRATOR SECTION CHAPTER 1: SYSTEM SCREEN

8E6 TECHNOLOGIES, PROXYBLOCKER USER GUIDE 57

HTTPS Filtering

Specify your preference for filtering HTTPS sites in the

HTTPS Filtering frame. Select from the following settings for

the HTTPS Filtering Level:

• “None” - if you do not want the ProxyBlocker to filter

HTTPS sites

• “Low” - if you want the ProxyBlocker to filter HTTPS sites

without having the ProxyBlocker communicate with IP

addresses or hostnames of HTTPS servers

• “Medium” - if you want the ProxyBlocker to communicate

with HTTPS servers in order to get the URL from the

certificate for URL validation only (this is the default

setting)

If "Medium" is selected, by default the option is enabled

for forwarding the DNS lookup in order to validate the

hostname in the certificate

• “High” - if you want the ProxyBlocker to communicate

with HTTPS servers to obtain the certificate with a very

strict validation of the return URL

If "High" is selected, by default the option is enabled for a

library lookup to overrule the DNS validation of the host-

name in the certificate.

WARNING: If using the “High” setting, end users may be blocked

from accessing acceptable Web sites if the host names of these

sites do not match their generated certificates. To allow users

access to acceptable HTTPS sites, the IP addresses and corre-

sponding URLs of these sites should be included in a custom

library category that is allowed to pass. (See the Custom Catego-

ries sub-section in Chapter 3: Library screen for information on

maintaining the ALLOW and PASS custom library categories.

See Global Group Profile window and Minimum Filtering Level

window in Chapter 2: Group screen from the Global Administrator

Section for information on allowing a library category to pass.)

Contents

Main Page 8 Page C INTRODUCTORY SECTION ...............................................1 Chapter 1: Filtering Operations ............................................... 11 Chapter 2: Logging and Blocking ............................................25 Chapter 3: Getting Started ....................................................... 31 GLOBAL ADMINISTRATOR SECTION ..............................50 Page Chapter 2: Group screen ........................................................ 199 Chapter 3: Library screen .......................................................248 Chapter 4: Reporting screen .................................................. 290 GROUP ADMINISTRATOR SECTION .............................311 Chapter 2: Library screen .......................................................367 TECHNICAL SUPPORT / PRODUCT WARRANTIES .........390 Technical Support ................................................................... 390 Product Warranties ................................................................. 393 APPENDICES SECTION ...............................................396 Appendix A ..............................................................................396 Appendix B ..............................................................................400 Appendix C ..............................................................................408 Appendix D ..............................................................................423 INDEX .......................................................................455 Appendix F ............................................................................... 437 Appendix H ..............................................................................448 INTRODUCTORY SECTION 8e6 ProxyBlocker About this User Guide Page How to Use this User Guide Conventions The following icons are used throughout this user guide: Terminology Page Page Page Page Overview Environment Requirements Workstation Requirements Network Requirements Chapter 1: Filtering Operations Invisible Mode Page Group Types Global Group IP Groups Filtering Profile Types Static Filtering Profiles Master IP Group Filtering Profile IP Sub-Group Filtering Profile Individual IP Member Filtering Profile Active Filtering Profiles Global Filtering Profile Override Account Profile Time Profile Lock Profile Filtering Profile Components Library Categories 8e6 Supplied Categories Custom Categories Service Ports Rules Minimum Filtering Level Filter Settings Filtering Rules Filtering Levels Applied Page Page Chapter 2: Logging and Blocking Web Access Logging Instant Messaging, Peer-to-Peer Blocking How IM and P2P Blocking Works IM Blocking P2P Blocking Setting up IM and P2P Using IM and P2P Block IM, P2P for All Users Block IM for All Users Block P2P for All Users Block Specified Entities from Using IM, P2P Block IM for a Specific Entity Block P2P for a Specific Entity Chapter 3: Getting Started Initial Setup Using the Administrator Console Log On 4. When the Login dialog box opens, enter your Username and Password: Page Last Library Update message Page Navigation Tips Access Main Sections Page Help Features Access Help Topics Tooltips Screen and Window Navigation Topic Links Select Sub-topics Navigate a Tree List Tree List Topics and Sub-topics Navigate a Window with Tabs Console Tips and Shortcuts Navigation Path Refresh the Console Select Multiple Items Copy and Paste Text Calculate IP Ranges without Overlaps Log Off GLOBAL ADMINISTRATOR SECTION Introduction Chapter 1: System screen Page Control Filter window Local Filtering Disable Local Filtering Options Enable Local Filtering Options HTTP Filtering Enable HTTP Packet Splitting Detection Disable HTTP Packet Splitting Detection HTTPS Filtering Service Control In the Service Control frame, indicate whether or not Pattern Blocking with be enabled or disabled. Enable Pattern Blocking 8E6 TECHNOLOGIES, PROXYBLOCKER USER GUIDE 59 Disable Pattern Blocking Click Off to disable Pattern Blocking. NOTE: After making all entries in this window, click Apply. Block Page Authentication window Enter, Edit Block Page Options Page Block page Page Options page Option 2 Option 3 ShutDown window Shut Down the Server GLOBAL ADMINISTRATOR SECTION CHAPTER 1: SYSTEM SCREEN 8E6 TECHNOLOGIES, PROXYBLOCKER USER GUIDE 69 Reboot window Fig. 2:1-10 Reboot window Reboot the Server Page Network LAN Settings window Specify LAN Settings NTP Servers window Specify Network Time Protocol Servers Add an NTP Server Remove an NTP Server Regional Setting window Specify the Time Zone, Language Set Block Page Route Table window Add a Router Remove a Router Administrator Administrator window View Administrator Accounts Add an Administrator Account Edit an Administrator Account Delete an Administrator Account Secure Logon Logon Settings window Enable, Disable Password Expiration Enable, Disable Account Lockout Page Logon Management View User Account Status, Unlock Username View Account Status Unlock a Username View Locked IP Address, Unlock IP Address View Locked IPs Unlock an IP Address View Admin, Sub Admin Interface Access Diagnostics System Command window Perform a Diagnostic Test, View Data Command Selections Ping Trace Route Process list TOP CPU processes NIC configuration Active connections Routing table Current memory usage CPU usage System performance Recent logins System uptime df(disk usage) dmesg(print kernel ring buffer) View Log File window View Log Results Page Troubleshooting Mode window Use the Troubleshooting Mode Active Profile Lookup window Verify Whether a Profile is Active Page Page Admin Audit Trail window Admin Audit Trail Specify FTP Criteria FTP the Log on Demand View View the Log of Administrator Changes Alert Alert Settings window Page Enable the Alert Feature Modify Alert Settings Disable the Alert Feature SMTP Server Settings window Enter, Edit SMTP Server Settings Verify SMTP Settings Patch Local Patch window Read Information about a Software Update Select and Apply a Software Update Page Undo an Applied Software Update Patch Update Log window View Log Contents Download Log, View, Print Contents Download the Log Page View the Contents of the Log Page Save, Print the Log File Contents Mode Operation Mode window Specify the Listening Device Specify the Block Page Device Specify the Block Page Delivery Apply Settings Proxy Environment Settings window Use a Local Proxy Server Use Proxy Port 80 Authentication NIC Mode NIC Mode window View the NIC Negotiation Modify the NIC Mode Setting Backup/Restore Backup/Restore window Backup Procedures Perform a Backup Download a File Page Perform a Restoration Upload a File to the Server Restore Configurations to the Server Remove a Backup File View Backup and Restoration Details Reset Reset window Reset All Server Settings SNMP SNMP window Enable SNMP Specify Monitoring Settings Set up Community Token for Public Access Create, Build the Access Control List Maintain the Access Control List Hardware Failure Detection Hardware Failure Detection window View the Status of the Hard Drives X Strikes Blocking X Strikes Blocking window Configuration Set up Blocking Criteria Reset All Workstations Lock Page Overblocking or Underblocking Page Email Alert Set up Email Alert Criteria Set up Email Alert Recipients Remove Email Alert Recipients Logon Accounts Set up Users Authorized to Unlock Workstations Deactivate an Authorized Logon Account Delete a Logon Account Categories Set up Categories to Receive Strikes or No Strikes Go to X Strikes Unlock Workstation GUI Re-login window X Strikes Unlock Workstation Unlock a Workstation Set up an Email Address to Receive Alerts Remove an Email Address from the Alert List Close the Pop-up Window Warn Option Setting Warn Option Setting window Specify the Interval for Re-displaying the Warn page Customization Common Customization window Enable, Disable Features Page Lock Page Customization window Edit Entries, Setting Preview Sample Lock Page Block Page Customization window Page Preview Sample Block Page Page Warn Page Customization window Page Preview Sample Warning Page Page 8E6 TECHNOLOGIES, PROXYBLOCKER USER GUIDE 183 Profile Control window Edit Entries Quota Block Page Customization window Page Preview Sample Quota Block Page Quota Notice Page Customization window Page Preview Sample Quota Notice Page Page Quota Setting Quota Setting window Configure Quota Hit Settings Reset Quotas Reset Quotas Now Set up a Schedule to Automatically Reset Quotas Delete a Quota Reset Time from the Schedule Quota Notice page Quota Block page Page Chapter 2: Group screen Page Global Group Range to Detect window Add a Segment to the Network Range to Detect Setup Wizard Page Step 2: Optional In this step you define the destination IP address(es) to be filtered. Page Page Page Page Range to Detect Advanced Settings Modify a Segment of the Network Remove a Segment from the Network Rules window View Criteria for a Rule Add a Rule Page Modify a Rule Copy a Rule Remove a Rule Global Group Profile window Category Profile Create, Edit a List of Selected Categories Page Page Port Create, Edit a List of Service Ports Default Redirect URL Create, Edit the Redirect URL Filter Options Create, Edit the Filter Options Page Page Page Override Account window Add an Override Account Page Page Page Page Page Page Page Edit an Override Account Change the Password Modify an Override Account Delete an Override Account Minimum Filtering Level window Minimum Filtering Categories Page Create, Edit Minimum Filtering Categories Port Create, Edit a List of Service Ports Minimum Filtering Bypass Options Specify Minimum Filtering Bypass Options Refresh All Refresh All Main Branches GLOBAL ADMINISTRATOR SECTION CHAPTER 2: GROUP SCREEN 8E6 TECHNOLOGIES, PROXYBLOCKER USER GUIDE 245 IP Fig. 2:2-24 Group screen, IP menu Add Group Add a Master IP Group GLOBAL ADMINISTRATOR SECTION CHAPTER 2: GROUP SCREEN 8E6 TECHNOLOGIES, PROXYBLOCKER USER GUIDE 247 4. Click OK to add the group to the tree. Refresh Refresh IP Groups From the IP group menu, click Refresh whenever changes have been made in this branch of the tree. Chapter 3: Library screen Page Updates Configuration window Set a Time for Updates to be Retrieved Optional: Specify a Proxy Server Select the Log Level Manual Update window Specify the Type of On Demand Update Additional Language Support window Select Additional Languages Page Library Update Log window View the Library Update Process Download Log, View, Print Contents Download the Log View the Contents of the Log Page Page Save, Print the Log File Contents Emergency Update Log window View the Emergency Software Update Process Download the Software Update Log File Library Lookup Library Lookup window URL Lookup, Removal Perform a URL Check Remove a URL Submit an Email to the Administrator Search Engine Keyword Lookup, Removal Perform a Search Engine Keyword Check Remove a Search Engine Keyword Category Weight System Category Weight System window View the Current Selections Method for Weighting Library Categories Weighting Library Categories NNTP Newsgroup NNTP Newsgroup window Add a Newsgroup to the Library Remove a Newsgroup from the Library Category Groups Page Library Details window View Library Details URLs window View a List of URLs in the Library Category Add or Remove URLs, Reload the Library Add a URL to the Library Category Add a Wildcard URL to the Library Category Remove a URL from the Library Category Reload the Library URL Keywords window View a List of URL Keywords Add or Remove URL Keywords Add a URL Keyword to the Library Category Remove a URL Keyword from the Library Upload a List of URL Keywords to the Library Upload a List of URL Keyword Additions Upload a List of URL Keyword Deletions Search Engine Keywords window View a List of Search Engine Keywords Add or Remove Search Engine Keywords Add a Search Engine Keyword to the Library Remove a Search Engine Keyword from the Library Upload a List of Search Engine Keywords Upload a List of Search Engine Keyword Additions Upload a List of Search Engine Keyword Deletions Chapter 4: Reporting screen Report Configuration Report Configuration window Specify the Reporting Device 8e6 Enterprise Reporter Edit ER Server Information Execute Log Transfer Now View Transfer Activity to the ER Other Device Enter or Edit Server Information Page View Transfer Activity to the Reporting Device Real Time Probe Real Time Probe window Configuration Enable Real Time Probes Set up Real Time Probes Exclude an IP Address from Real Time Probing Remove IPs from the White List Report Recipients Specify Email File Criteria Set up Email Addresses to Receive Reports Remove Email Addresses Logon Accounts Set up Users Authorized to Create Probes Deactivate an Authorized Logon Account Delete a Logon Account Go to Real Time Probe Reports GUI Re-login window Real Time Probe Reports Create a Real Time Probe Page Page View Real Time Probe Details Page Page Page GROUP ADMINISTRATOR SECTION Introduction Chapter 1: Group screen GROUP ADMINISTRATOR SECTION CHAPTER 1: GROUP SCREEN 8E6 TECHNOLOGIES, PROXYBLOCKER USER GUIDE 313 IP Fig. 3:1-2 Group screen, IP menu Refresh Refresh the Master IP Group, Member Click Refresh whenever a change has been made to the master IP group or member level of the tree. Master IP Group Group Details window Change the Group Administrator Password Members window Add the IP Address of the Member Remove a Member from the Group Override Account window Add an Override Account Page Page Page Page Page Page Edit an Override Account Change the Password Modify an Override Account Delete an Override Account Group Profile window Category Profile Create, Edit a List of Selected Categories Page Redirect URL Create, Edit the Redirect URL Filter Options Create, Edit the Filter Options Page Page Page Block URL frame ByPass URL frame Apply Settings Add a Time Profile Page Page Page Page Page GROUP ADMINISTRATOR SECTION CHAPTER 1: GROUP SCREEN 8E6 TECHNOLOGIES, PROXYBLOCKER USER GUIDE 343 The Rule tab is used for creating the categories portion of the time profile. Fig. 3:1-17 Time Profile pop-up window, Rule tab GROUP ADMINISTRATOR SECTION CHAPTER 1: GROUP SCREEN 344 Fig. 3:1-18 Time Profile pop-up window, Redirect URL tab GROUP ADMINISTRATOR SECTION CHAPTER 1: GROUP SCREEN 8E6 TECHNOLOGIES, PROXYBLOCKER USER GUIDE 345 Fig. 3:1-19 Time Profile pop-up window, Filter Options tab Exception URL Page Modify a Time Profile Delete a Time Profile Upload/Download IP Profile window Upload IP Profiles Download Profile Add Sub Group Add an IP Sub Group From the group menu: 1. Click Add Sub Group to open the Create Sub Group dialog box: 2. Enter the Group Name for the sub-group. 3. Click OK to close the dialog box and to add the sub- group to the master IP group tree. Add Individual IP Add an Individual IP Member From the group menu: 1. Click Add Individual IP to open the Create Individual IP dialog box: 2. Enter the Member Name for the Individual IP address. Delete Group Delete a Master IP Group Profile Paste Sub Group Paste a Copied IP Sub Group Sub Group Sub Group (IP Group) window View IP Sub-Group Details Add IP Sub-Group Details Members window Modify Sub-Group Members Sub Group Profile window Delete Sub Group Delete an IP Sub-Group Copy Sub Group Copy an IP Sub-Group Individual IP Member window Enter the IP Address of the Member Individual IP Profile window GROUP ADMINISTRATOR SECTION CHAPTER 1: GROUP SCREEN 366 Delete Individual IP Delete an Individual IP Member Chapter 2: Library screen GROUP ADMINISTRATOR SECTION CHAPTER 2: LIBRARY SCREEN 368 Library Lookup Library Lookup window Fig. 3:2-2 Library Lookup window Look up a URL Look up a Search Engine Keyword Custom Categories Library Details window View, Edit Library Details URLs window View a List of URLs in the Library Category Add or Remove URLs or Wildcard URLs Add a URL to the Library Category Add a Wildcard URL to the Library Category Remove a URL from the Library Category Upload a Master List to the Library Upload a Master List of URLs Page Upload a Master List of Wildcard URLs Page If the file contains valid wildcard URLs, click Upload to open the Upload Successful pop-up window. After all changes have been made to library windows, click Reload Library to refresh. URL Keywords window View a List of URL Keywords Add or Remove URL Keywords Add a URL Keyword to the Library Category Remove a URL Keyword from the Library Upload a List of URL Keywords to the Library Search Engine Keywords window View a List of Search Engine Keywords Add or Remove Search Engine Keywords Add a Search Engine Keyword to the Library Remove a Search Engine Keyword Upload a Master List of Search Engine Keywords Delete Category Delete a Custom Category T W Technical Support Hours Contact Information Domestic (United States) Office Locations and Phone Numbers 8e6 Corporate Headquarters (USA) 8e6 Taiwan Support Procedures Product Warranties Standard Warranty Technical Support and Service Extended Warranty (optional) Extended Technical Support and Service APPENDICES SECTION Appendix A Filtering Profile Format and Rules Rule Criteria Page Page Appendix B Traveler Log Messages General Activity Startup, Finish Command Executed More than Once System Command Execution Temp Files Library Download Process Customer Feedback Module Option Library Update Process Printstack Trace Error Messages Weekly Update (7 Days Library) Summary Messages Full URL Library Update (URLs, URL Keywords) All Library Updates (includes all other msgs.) IM and P2P Pattern File Update Newsgroup Library Update (News) Search Engine Keywords Library Update Patch Update Emergency Update Appendix C Create a Custom Block Page Part I: Modify the ProxyBlocker 1. Enable block page redirection Option 1: Modify the back end 2. Exclude filtering <server for block page> IP Part II: Customize the Block Page 1. Set up a Web server 2. Create a customized block page Show 8e6s information in the block page (optional) Implement the further option (optional) Part III: Restart the ProxyBlocker 412 Reference HTML Page 414 CGI written in Perl Embed data in query string Use Java Script to post form data 416 CGI written in C 418 Page 420 Page 422 Appendix D Override Pop-up Blockers Yahoo! Toolbar Pop-up Blocker Page Google Toolbar Pop-up Blocker AdwareSafe Pop-up Blocker Temporarily Disable Pop-up Blocking Mozilla Firefox Pop-up Blocker Windows XP SP2 Pop-up Blocker Set up Pop-up Blocking Use the Internet Options dialog box Use the IE Toolbar Temporarily Disable Pop-up Blocking Use the IE Toolbar Use the Information Bar Set up the Information Bar Access your Override Account Page Appendix E Configure ProxyBlocker for ER Reporting Entries in the ProxyBlocker Admin console Page Entries in the ER Administrator console Appendix F RAID Maintenance Part 1: Hardware Components Part 2: Server Interface LED indicators in SL units LED Indicator Chart Below is a chart of LED indicators in the SL unit: LED Indicator Color Condition Description Front control panels on SL units Page Part 3: Troubleshooting Hard drive failure Step 1: Review the notification email Step 2: Verify the failed drive in the Admin console Step 3: Replace the failed hard drive Step 4: Rebuild the hard drive Step 5: Contact Technical Support Power supply failure Step 1: Identify the failed power supply Step 2: Unplug the power cord Step 3: Replace the failed power supply Step 4: Contact Technical Support Fan failure Identify a fan failure Appendix H Glossary Page Page Page Page Page Page I Numerics A B C D E F G H I J K L Page M N O P Q R S T U V W X