Restrict Web Features - SonicWALL SonicOS Enhanced 2.2 Administrator's Manual

Restrict Web Features

Restrict Web Features enhances your network security by blocking potentially harmful Web applications
from entering your network.
Restrict Web Features are included with SonicOS. Select any of the following applications to block:
• ActiveX - ActiveX is a programming language that embeds scripts in Web pages. Malicious program-
mers can use ActiveX to delete files or compromise security. Select the ActiveX check box to block
ActiveX controls.
• Java - Java is used to download and run small programs, called applets, on Web sites. It is safer than
ActiveX since it has built-in security mechanisms. Select the Java check box to block Java applets
from the network.
• Cookies - Cookies are used by Web servers to track Web usage and remember user identity. Cook-
ies can also compromise users' privacy by tracking Web activities. Select the Cookies check box to
disable Cookies.
• Access to HTTP Proxy Servers - When a proxy server is located on the WAN, LAN users can cir-
cumvent content filtering by pointing their computer to the proxy server. Check this box to prevent
LAN users from accessing proxy servers on the WAN.
• Known Fraudulent Certificates - Digital certificates help verify that Web content and files originated
from an authorized party. Enabling this feature protects users on the LAN from downloading malicious
programs warranted by these fraudulent certificates. If digital certificates are proven fraudulent, then
the SonicWALL blocks the Web content and the files that use these fraudulent certificates. Known
fraudulent certificates blocked by SonicWALL include two certificates issued on January 29 and 30,
2001 by VeriSign to an impostor masquerading as a Microsoft employee.
Trusted Domains
Trusted Domains can be added to enable content from specific domains to be exempt from Restrict Web
Features.
If you trust content on specific domains and want them exempt from Restrict Web Features, follow these
steps to add them:
1. Select Don't block Java/ActiveX/Cookies to Trusted Domains.
2. Click Add. The Add Trusted Domain Entry window is displayed.
3. Enter the trusted domain name in the Domain Name field.
4. Click OK. The trusted domain entry is added to the Trusted Domain table.
To keep the trusted domain entries but enable Restrict Web Features, uncheck Don't block Java/
ActiveX/Cookies to Trusted Domains.
To delete an individual trusted domain, click on the Trashcan icon for the entry.
To delete all trusted domains, click Delete All.
Page 148 SonicWALL SonicOS Standard Administrator's Guide