8e6 Technologies R3000 User Manual
  1. Manuals
  2. Brands
  3. 8e6 Technologies Manuals
  4. Network Hardware
  5. Enterprise Filter Authentication R3000
  6. User manual

8e6 Technologies R3000 User Manual

Enterprise filter
Hide thumbs Also See for R3000:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual
8e6
R3000 Enterprise Filter
U
G
SER
UIDE
1.7
1.14
RELEASE
MANUAL VERSION

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the R3000 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for 8e6 Technologies R3000

Summary of Contents for 8e6 Technologies R3000

  • Page 1 R3000 Enterprise Filter UIDE • 1.14 RELEASE MANUAL VERSION...
  • Page 2 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 3 8e6 Technologies shall not be liable for any error or for incidental or consequential damages in connection with the furnishing, performance, or use of this manual or the exam- ples herein.
  • Page 4 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 5: Table Of Contents

    ONTENTS ..........1 NTRODUCTORY ECTION R3000 Enterprise Filter ............... 1 About this Manual ............... 1 How to Use this Manual .............. 3 Conventions ..................3 Terminology ..................4 Overview ..................9 Environment Requirements ............. 10 Workstation Requirements .............. 10 Network Requirements ..............10 Chapter 1: Filtering Operations ..........
  • Page 6 Block IM for a Specific Entity ........31 Block P2P for a Specific Entity ........32 Chapter 3: Synchronizing Multiple Units ........ 33 R3000 Synchronization ..............33 Synchronization Setup ..............35 Setting up a Source Server ............35 Setting up a Target Server ............35 Types of Synchronization Processes ..........
  • Page 7 Target(s) Filtering..............68 Disable Filtering on Target Servers ......68 Enable Filtering on Target Servers ....... 68 Block Page window ..............69 Block Page Authentication ..........69 Enter, Edit Block Page Options ........70 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 8 CPU usage................98 System performance ............99 Recent logins ..............99 View Log File window ............. 100 View Log Results .............. 101 Troubleshooting Mode window ..........102 Use the Troubleshooting Mode ......... 103 viii , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 9 Setup window ................. 115 Using Only One R3000 on the Network ......116 Using More than One R3000 on the Network ....116 Set up an R3000 to be a Source Server..... 116 Sync All Target Servers with the Same Settings ..119 Set up an R3000 to be a Target Server......
  • Page 10 X Strikes Blocking ................. 153 X Strikes Blocking window ............153 Configuration..............154 Set up Blocking Criteria ..........154 Reset All Workstations..........155 X Strikes Block Page ..........155 Overblocking or Underblocking........156 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 11 Global Group Profile window ..........177 Category Profile ..............178 Create, Edit a List of Selected Categories....178 Port..................179 Create, Edit a List of Service Ports......180 Default Redirect URL ............181 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 12 URL Lookup, Removal ............205 Search Engine Keyword Lookup, Removal....... 206 Reload the Library............. 206 CFM ....................207 CFM window ................207 Enable CFM ..............208 NNTP Newsgroup ................. 211 NNTP Newsgroup window ............211 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 13 View Transfer Activity to the ER ......... 230 Other Device ..............231 Enter or Edit Server Information ......... 231 View Transfer Activity to the Reporting Device... 233 Real Time Probe ................234 Real Time Probe window ............234 xiii , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 14 Remove an Override Account ........... 258 Add Sub Group ............... 259 Add an IP Sub Group ............259 Delete Group ................259 Delete an IP Group Profile ..........259 Paste Sub Group ..............260 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 15 URL Lookup, Removal ............284 Search Engine Keyword Lookup, Removal....... 285 Reload the Library............. 285 Custom Category ................286 Add Category ................287 Add a Custom Library Category........287 Refresh ................... 288 Refresh the Library............288 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 16 ECHNICAL UPPORT RODUCT ARRANTIES Technical Support ..............305 Hours ..................... 305 Contact Information ............... 305 Domestic (United States) ............305 International ................305 E-Mail ..................306 Address .................. 306 Support Procedures ..............306 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 17 PPENDICES ECTION Appendix A ................310 Configurations for ER Reporting ........... 310 Entries in the R3000 Administrator GUI ........310 Entries in the ER Administrator GUI ........312 Appendix B ................313 Filtering Profile Format and Rules ..........313 Rule Criteria ................313 Appendix C ................
  • Page 18 Show 8e6’s information in the block page (optional) .. 325 Implement the “further option” (optional) ....326 Customized block page examples ......326 Part III: Restart the R3000 ............326 Reference ................327 HTML ................327 CGI written in Perl ............. 329 Embed data in query string.........

  • Page 19: Introductory Section

    These administrators are referred to as “group administrators” throughout this manual. Additional information is provided for administrators of networks that use the R3000 with 8e6’s Enterprise Reporter (ER) for both filtering and reporting. , R3000 E...
  • Page 20 R3000 box—to create group administrator accounts, and to make configura- tions that will enable the R3000 to filter the entire network. • Group Administrator Section - This section includes...

  • Page 21: How To Use This Manual

    WARNING: The “warning” icon is followed by italicized text cautioning you about making entries in the application, executing certain processes or procedures, or the outcome of specified actions. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 22: Terminology

    One or more tree lists also can display in this panel. When an item in the tree list is double-clicked, the tree list opens to reveal items that can be selected. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 23 GUI, by changing the order of the columns. • list box - an area in a dialog box, window, or screen that accommo- dates and/or displays entries of items that can be added or removed. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 24 • screen - a main object of an appli- cation that displays across your monitor. A screen can contain panels, windows, frames, fields, tables, text boxes, list boxes, icons, buttons, and radio buttons. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 25: Control Panel

    By clicking the link for a topic, the window for that topic displays in the right panel of the screen, or a menu of sub-topics opens. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 26 Other types of windows include pop-up windows, login windows, or ones from the system such as the Save As or Choose file windows. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 27: Overview

    To help you become familiar with the R3000 and how it functions on the network, Chapter 1 of this section of the User Guide provides an overview on filtering. Chapter 2 gives insight into Web site access logging, and instant messaging and peer-to-peer setup procedures.

  • Page 28: Environment Requirements

    WIndows server 2003) • Internet Explorer (IE) 5.5 or later • JavaScript enabled • Java Virtual Machine • Java Plug-in (use the version specified for the R3000 software version) Network Requirements • High speed connection from the R3000 server to the client workstations •...

  • Page 29: Chapter 1: Filtering Operations

    HAPTER ILTERING PERATIONS Chapter 1: Filtering Operations Operational Modes Based on the setup of your network, the R3000 can be configured to use one of these operational modes for filtering the network: • invisible mode • router mode • firewall mode...

  • Page 30: Invisible Mode

    ILTERING PERATIONS Invisible Mode If the R3000 is set up in the invisible mode, the unit will filter all connections on the Ethernet between client PCs and the Internet, without stopping each IP packet on the same Ethernet segment. The unit will only intercept a session if an inappropriate request was submitted by a client.
  • Page 31 (4) is sent to the Internet server. An R3000 set up in the invisible mode can also work in the router mode. Figure 1:1-2 illustrates an example of a monitor mode setup, with the R3000 connected to the managed switching hub.

  • Page 32: Router Mode

    ILTERING PERATIONS Router Mode If the R3000 is set up in the router mode, the unit will act as an Ethernet router, filtering IP packets as they pass from one card to another. While all original packets from client PCs are allowed to pass, if the R3000 determines that a request is inappropriate, a block page is returned to the client to replace the actual requested Web page or service.

  • Page 33: Firewall Mode

    Firewall Mode The firewall mode is a modification of the router mode. With the R3000 set up in this mode, the unit will filter all requests. If the request is appropriate, the original packet will pass unchanged. If the request is inappropriate, the original packet will be blocked from being routed through.
  • Page 34 Figure 1:1-5 illustrates an example of a firewall mode setup in which requests are always sent to the caching server. In this scenario the R3000 will be affected if the caching proxy server contains unfiltered, “bad” cached pages. 8e6 recom- mends that cached content is cleared or expired after installing the R3000.

  • Page 35: Group Types

    NOTES: If authentication is enabled, the global administrator can also access the NT and LDAP branches of the tree. If multiple R3000 units are set up on the network and the synchro- nization feature is used, an R3000 that is set up to receive profile changes will only display the Global Group type in the tree list.

  • Page 36: Ip Groups

    The group administrator creates and maintains sub-groups and their filtering profiles. Fig. 1:1-6 IP diagram, with a sample group and its sub-groups , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 37: Filtering Profile Types

    A URL can be specified for use instead of the standard block page when users attempt to access material set up to be blocked. Various filter options can be enabled. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 38: Ip Sub-Group Filtering Profile

    If any user needs access to a specified URL that is set up to be blocked, the group administrator can create an override account for that user. This account grants the user access to areas set up to be blocked on the Internet. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 39: Filtering Profile Components

    (default) filtering profile • filter settings - used by service ports, filtering profiles, rules, and the minimum filtering level to indicate whether users should be granted or denied access to specified Internet content , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 40: Library Categories

    However, unlike 8e6 supplied categories, a custom cate- gory can be deleted. NOTE: 8e6 cannot provide updates to custom categories. Main- taining the list of URLs and keywords is the responsibility of the global or group administrator. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 41: Service Ports

    Service ports are used when setting up filter segments on the network (the range of IP addresses/netmasks to be detected by the R3000), the global (default) filtering profile, and the minimum filtering level. When setting up the range of IP addresses/netmasks to be detected, service ports can be set up to be open (ignored).

  • Page 42: Filter Settings

    • ignore - if the filter segment detected on the network has a service port set up to be ignored, that service port will be bypassed , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 43: Filtering Rules

    IP sub-groups. However, if an IP sub-group user has an override account, that user can override his/her IP profile and possibly the minimum filtering level—if the global administrator allows override accounts to bypass the minimum filtering level. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 44 1: F NTRODUCTORY ECTION HAPTER ILTERING PERATIONS Fig. 1:1-7 Sample filtering hierarchy diagram , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 45: Chapter 2: Logging And Blocking

    Chapter 2: Logging and Blocking Web Access Logging One of the primary functions of the R3000 is to log the activity of users on the Internet. Information captured in the log can be transferred to a reporting appliance, to be viewed on a PC monitor or output to a printer.

  • Page 46: Instant Messaging, Peer-To-Peer Blocking

    When the IM module is loaded on the server, the R3000 compares packets on the network with IM libraries stored on the R3000 server. If a match is found, the R3000 checks the user’s profile to see whether the user’s connection to the IM service should be blocked, and then performs the appro- priate action.

  • Page 47: P2P Blocking

    When the P2P module is loaded on the server, the R3000 compares packets on the network with the P2P library stored on the R3000 server. If a match is found, the R3000 checks the user’s profile to see whether the user’s connec- tion to the P2P service should be blocked, and then performs the appropriate action.

  • Page 48: Using Im And P2P

    • the global group profile must have both the INSTMS and CHAT library categories set up to be blocked • the minimum filtering level profile must have both the INSTMS and CHAT library categories set up to be blocked. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 49: Block P2P For All Users

    IM traffic with the Range to Detect feature is desired • the minimum filtering level profile should not have IM blocked, unless blocking all IM traffic with the Range to Detect feature is desired. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 50: Block P2P For A Specific Entity

    P2P traffic with the Range to Detect feature is desired • the minimum filtering level profile should not have P2P blocked, unless blocking all P2P traffic with the Range to Detect feature is desired. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 51: Chapter 3: Synchronizing Multiple Units

    Alone” mode, “Source” mode, or “Target” mode—based on the setup within your organization. In a multi-R3000 server environment, all R3000 units should be set up with the same user profile data, so that no matter which R3000 server a user’s PC accesses on the network, that user’s Internet usage is appropriately filtered and blocked.

  • Page 52: Source Mode

    R3000 appliances on the network. Whenever a filtering configuration change is made on the source R3000 unit, that change is sent to all target R3000 units that have been identified by the source unit via the Synchronization Setup window of the R3000 GUI. This means that all filtering configuration should be made on the source R3000 unit.

  • Page 53: Synchronization Setup

    This entry identifies the location of each target unit on the network. WARNING: If an R3000 server is set up in the Source mode with a Network Address Translation (NAT) device between the source and target server(s), be sure that ports 26262, 26268, and 88 are open on the source server.

  • Page 54: Types Of Synchronization Processes

    YNCHRONIZING ULTIPLE NITS WARNING: If an R3000 server is set up in the Target mode with a NAT device between the target and source server, be sure that ports 26262 and 26268 are open on the target server. This setup is required so that the target server can communicate with the source server.

  • Page 55: Library Synchronization Process

    Once locally applied on the source server, this update will be placed in a queue for submission to target R3000 servers. The source server will then send the information in the queue to all target servers.

  • Page 56: Delays In Synchronization

    The delay in activating a library change can take a little longer than in activating a filtering profile change. This is due to the fact that the library on the R3000 is loaded into the physical memory. When a change is made to the library, a new library must be loaded into memory with the changes.

  • Page 57: Synchronized, Non-Synchronized Items

    R3000s will read from the source R3000 upon load. These items will then be updated on an as needed basis from the source R3000. For purpose of differentiation, these items will be referred to as functionally synchronized for purposes of this manual.

  • Page 58: Non-Synchronized Items

    As can be seen by these lists, static configuration options— such as library changes—will be synchronized. All active options—such as profile changes—will be functionally synchronized. One time configuration options on the R3000—such as reporting configurations, or IP addresses—will not be synchronized. , R3000 E ECHNOLOGIES...

  • Page 59: Server Maintenance Procedures

    NITS Server Maintenance Procedures Source Server Failure Scenarios In the event that the source R3000 unit should fail, the target servers will continue to run using the last known configura- tion loaded from the source server. However, all dynamic authentication-based profiles will eventually time-out, since the source R3000 server can no longer verify user creden- tials.

  • Page 60: Use A Backup File To Set Up A Source Server

    5. Go to the Reboot window (accessible via System > Control) and reboot the server. 6. Once the R3000 is rebooted, reconnect to the GUI and access the Backup/Restore window. 7. Upload the last good configuration from the failed source server to the new source server.

  • Page 61: Set Up A Replacement Target Server

    Configure this R3000 so that the IP addresses are that of the target server which became the source server.

  • Page 62: Chapter 4: Getting Started

    IP address on your network. NOTE: If you do not have the R3000 Quick Start Guide, contact 8e6 Technologies immediately to have a copy sent to you.
  • Page 63 HAPTER ETTING TARTED Fig. 1:4-1 R3000 Introductory Window NOTE: The R3000 Introductory Window must be left open throughout your session. This window displays minimized when the Login dialog box opens. 4. When the Login dialog box opens, enter your Username and Password: Fig.
  • Page 64 5. Click OK to close the login dialog box and to access the welcome screen of the Administrator GUI: Fig. 1:4-3 Welcome screen On this screen, the R3000 Version Number displays in the Product frame, and dates for the Last Library Update and Last Patch Update display in the R3000 Enterprise Filter Status frame.

  • Page 65: Navigation Tips

    ECTION HAPTER ETTING TARTED If it has been more than seven days since the R3000 last received updates to library categories, the following message displays above the Product frame:”Libraries were last updated 7+ days ago. Please use the Weekly Update option.”...
  • Page 66 Internet activities. • Help - clicking this button displays the Help screen. This screen includes navigational tips and a link to this User Guide: Fig. 1:4-4 Help screen , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 67: Help Features

    1. Click a link to go to a specified topic. 2. To view Help Topics for another section, click the tab for that section. 3. Click Close Window to close the Help Topics window. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 68: Tooltips

    • Hover Display The yellow tooltip box displays when you hover over the icon with your mouse: Fig. 1:4-6 Tooltip mouseover effect To close the tooltip box, move the mouse away from the icon. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 69 HAPTER ETTING TARTED • Help pop-up box The Help pop-up box opens when you press the F1 key on your keyboard: Fig. 1:4-7 Help pop-up box Click OK to close the pop-up box. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 70: Screen And Window Navigation

    In System, Library, and Reporting screens, the control panel contains topic links. By clicking a topic link, the window for that topic displays in the right panel: Fig. 1:4-8 Selected topic and its corresponding window , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 71: Select Sub-Topics

    For these topics, clicking a topic link opens a menu of sub-topics: Fig. 1:4-9 Sub-topics menu When a sub-topic from this menu is selected, the window for that sub-topic displays in the right panel of the screen. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 72: Navigate A Tree List

    (+) sign, when that branch of the tree is collapsed. By double-clicking the entity, a minus (-) sign replaces the plus sign, and all branches within that branch of the tree display. An item in the tree is selected by clicking it. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 73: Tree List Topics And Sub-Topics

    When a tree list topic is selected and clicked, a menu of subtopics opens: Fig. 1:4-11 Tree list topics and sub-topics Clicking a sub-topic displays the corresponding window in the right panel, or opens a pop-up window or alert box, as appropriate. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 74: Navigate A Window With Tabs

    Entries made in a tab must be saved on that tab (except in the Time Profile window). NOTE: In the Time Profile window, entries can only be saved on the primary tab. Fig. 1:4-12 Window with tabs , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 75: Gui Tips And Shortcuts

    The navigation path displays at the top of each window: Fig. 1:4-13 Navigation path This path reminds you of your location in the GUI. The entire path shows the screen name, followed by the topic name, and sub-topic name if applicable. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 76: Refresh The Gui

    Refresh the GUI Press F5 on your keyboard to refresh the Administrator GUI. This feature is useful in the event that more than one browser window is open simultaneously for the same R3000 server. Select Multiple Items When moving several items from one list box to another, or when deleting several items, the Ctrl and Shift keys can be used to expedite this task.

  • Page 77: Calculate Ip Ranges Without Overlaps

    Note that the pop-up window displays the IP address, Netmask, Min Host, and Max Host. 2. After making a note of this information, click the “X” to close the IP Calculator. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 78: Log Off

    Fig. 1:4-15 Select an Option box 2. Click Yes to close the Administrator GUI. 3. Click the “X” in the upper right corner of the R3000 Intro- ductory Window to close it. WARNING: If you need to turn off the server, see the ShutDown window of the System screen in the Global Administrator Section.

  • Page 79: Global Administrator Section

    The Global Administrator Section of this manual is comprised of four chapters, based on the layout of the GUI. This section is used by the authorized global administrator of the R3000 for configuring and maintaining the R3000 server. The global administrator is responsible for integrating the...

  • Page 80: Chapter 1: System Screen

    Control settings, Network settings, Administrator account information, Diagnostics, Alert contacts, Patch, Synchroni- zation, operation Mode, Authentication settings (see the R3000 Authentication User Guide for information about this topic), NIC Mode, Backup/Restore operations, Reset settings, Radius Authentication Settings, SNMP, and X Strikes Blocking.

  • Page 81: Control

    ECTION HAPTER YSTEM SCREEN NOTE: If the synchronization feature is used, an R3000 set up in the Target mode will not include Authentication, Radius Authenti- cation Settings, and X Strikes Blocking menu items. Click your selection to choose a main topic from this list, or to view a menu of sub-topics, if applicable.

  • Page 82: Filter Window

    Blocking is used for specifying whether this server being configured will log and block Instant Messaging (IM) and/or Peer-to-Peer (P2P) services for users. HTTPS Filtering lets you set the level of filtering for HTTPS sites on R3000s set , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 83: Local Filtering

    The default setting has Local Filtering “On”. Disable Local Filtering If you have multiple R3000 servers on the network, you may wish to disable local filtering on the source server and use the server primarily for authenticating users who log on the network.

  • Page 84: Service Blocking

    Disable Options for IM, P2P To disable Instant Messaging and/or P2P logging and blocking, click the “Off” radio button for the selected option(s). NOTE: After making all entries in this window, click Apply. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 85: Https Filtering

    Specify your preference for filtering HTTPS sites in the HTTPS Filtering frame. Select from the following settings for the HTTPS Filtering Level: • “None” - if you do not want the R3000 to filter HTTPS sites • “Low” - if you want the R3000 to filter HTTPS sites...

  • Page 86: Target(S) Filtering

    ECTION HAPTER YSTEM SCREEN Target(s) Filtering The Target(s) Filtering frame only displays if the R3000 currently being configured is set up in the Source mode for synchronization. The default setting has All Target(s) Filtering “On”. Disable Filtering on Target Servers To disable All Target(s) Filtering, click the “Off”...

  • Page 87: Block Page Window

    Block Page Authentication Block Page Authentication displays by default and is used for entering criteria the R3000 server will use when vali- dating a user’s account. Information entered/selected in this tab is used by the block page that displays when an end user attempts to access a site or service that is set up to be blocked.

  • Page 88: Enter, Edit Block Page Options

    YSTEM SCREEN NOTES: See Appendix D: Create a Custom Block Page for infor- mation on how to create a customized block page. Refer to the R3000 Authentication User Guide for more informa- tion on authentication. Enter, Edit Block Page Options...
  • Page 89 Logon Script Path field, \\PDCSHARE\scripts displays by default. In this field, enter the path of the logon script that the R3000 will use when re-authenticating users on the network, in the event that a user's machine loses its connection with the server, or if the server is rebooted.

  • Page 90: Block Page

    • IP field - The user’s IP address displays. • Category field - The name of the library category that blocked the user’s access to the URL displays. If the content the user attempted to access is blocked by an , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 91: Optional Links

    • HELP - Clicking this link takes the user to 8e6’s Tech- nical Support page that explains why access to the site or service may have been denied. • 8e6 Technologies - Clicking this link takes the user to 8e6’s Web site. Optional Links...

  • Page 92: Options Page

    • BACK and HELP links • User/Machine frame contents The frame beneath the User/Machine frame includes infor- mation for options (1, 2, 3, and/or 4) based on settings made in the Block Page Authentication tab. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 93 Logon Script Path field. When the user clicks this link, a window opens: Fig. 2:1-7 Re-authentication option The user should click the logon.bat icon to run a script that will re-authenticate his/her profile on the network. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 94 Internet content. NOTE: See Appendix E: Override Pop-up Blockers for informa- tion on how a user with an override account can authenticate if a pop-up blocker is installed on his/her workstation. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 95 NOTE: See Appendix E: Override Pop-up Blockers for informa- tion on how a user can restore his/her profile and/or NET USE connection if a pop-up blocker is installed on his/her workstation. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 96: Block Page Customization

    TIP: An entry in any of the fields in this tab is optional, but if an entry is made in the Link Text field, a corresponding entry must also be made in the Link URL field. , R3000 E ECHNOLOGIES NTERPRISE...
  • Page 97 Enter the e- mail address of the recipient at your organization who should be contacted by users on the network, in the event that Internet content is incorrectly blocked. 3. Click Apply. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 98: Shutdown Window

    Fig. 2:1-10 ShutDown window Shut Down the Server In the ShutDown frame, click ShutDown to power off the server. To restart the server, the GUI needs to be reac- cessed. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 99: Reboot Window

    ECTION HAPTER YSTEM SCREEN Reboot window The Reboot window displays when Reboot is selected from the Control menu. This window is used for reconnecting the server on the network. Fig. 2:1-11 Reboot window , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 100: Reboot The Server

    Server Status message box, informing you that the server is now disconnected: Fig. 2:1-13 Server Status: disconnect message When the Server Status box closes, the R3000 Enter- prise Filter status message box opens and informs you that the server is rebooting itself, and how much time has elapsed since this process began: Fig.
  • Page 101 Fig. 2:1-16 Server connected alert box 3. Click OK to close the R3000 ready alert box. 4. Click OK to close the Server connected alert box. 5. You must now re-access the GUI.

  • Page 102: Network

    ECTION HAPTER YSTEM SCREEN Network Network includes options for configuring the R3000 server on the network. Click the Network link to view a menu of subtopics: LAN Settings, NTP Servers, Regional Setting, and Block Page Route Table. Fig. 2:1-17 System screen, Network menu...

  • Page 103: Lan Settings Window

    YSTEM SCREEN LAN Settings window The LAN Settings window displays when LAN Settings is selected from the Network menu. This window is used for configuring network connection settings for the R3000. Fig. 2:1-18 LAN Settings window , R3000 E ECHNOLOGIES...

  • Page 104: Enter, Edit Lan Settings

    HAPTER YSTEM SCREEN Enter, Edit LAN Settings 1. In the Host Name field, the default host name is R3000. Enter the name of the host for this server, such as R3000.LOGO.com. 2. Enter or edit the following information, as necessary: •...

  • Page 105: Ntp Servers Window

    IP addresses of servers running Network Time Protocol (NTP) software. NTP is a time synchronization system for computer clocks throughout the Internet. The R3000 will use the actual time from a clock at a specified IP address. Fig. 2:1-19 NTP Servers window...

  • Page 106: Specify Network Time Protocol Servers

    128.59.35.142, 142.3.100.15, and 129.132.98.11. NOTE: Any IP address following the first entry in the Servers list box is only used in the event that the R3000 cannot access the primary time NTP server specified. IP addresses are used in the order in which they display in the list box.

  • Page 107: Regional Setting Window

    Regional Setting window The Regional Setting window displays when Regional Setting is selected from the Network menu. This window is used for specifying the time zone to be used by the R3000. Fig. 2:1-20 Regional Setting window , R3000 E...

  • Page 108: Specify The Time Zone

    3. Click Apply to apply your settings. WARNING: If using the R3000 with an 8e6 Technologies Enter- prise Reporter unit, be sure each R3000 used by the ER is set up in the same time zone as the ER. These “like” settings ensure consistency when tracking the logging times of all users on the network.

  • Page 109: Block Page Route Table Window

    Fig. 2:1-21 Block Page Route Table window NOTE: See the Block Page window for information on setting up block pages. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 110: Add A Router

    5. Click Apply to apply your settings. Remove a Router To remove one or more routers from the IP/Mask list box: 1. Select the router(s) from the list box. 2. Click Delete. 3. Click Apply to apply your settings. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 111: Administrator

    TIP: The default Username is admin and the Password is user3. 8e6 recommends that you retain this default account in the event that the R3000 unit cannot be accessed. An authorized 8e6 Technologies technical representative may need to use this user- name and password when troubleshooting the unit.

  • Page 112: Add A Global Administrator Account

    4. Click Modify to apply your settings. Delete a Global Administrator Account To delete a global administrator account: 1. Select the username from the Current User list box. 2. Click Delete. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 113: Diagnostics

    Click the Diagnostics link to view a menu of sub-topics: System Command, View Log File, Troubleshooting Mode, Active Profile Lookup, and Admin Audit Trail. Fig. 2:1-23 System screen, Diagnostics menu , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 114: System Command Window

    Fig. 2:1-24 System Command window WARNING: Diagnostics tools utilize system resources, impacting the R3000’s performance. The following diagnostic tool options are available from the pull-down menu: ping(Ping), traceroute(Trace Route), ps(Process list), top(TOP CPU processes), ifconfig(NIC...

  • Page 115: Ping

    Ping The Ping diagnostic tool is used for verifying whether the R3000 can communicate with a machine at a given IP address within the network, and the speed of the network connection. Enter the IP address or host name of the specific Internet address to be contacted (pinged), and then click Execute to display results in the Result box below.

  • Page 116: Nic Configuration

    CPU usage The CPU Usage diagnostic tool shows information on disk usage. When Execute is clicked, the Results box shows the average CPU usage, as well as the usage by device and file system/partition. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 117: System Performance

    The Recent Logins diagnostic tool is used for showing infor- mation on administrator login activity. When Execute is clicked, the Result box displays a row of data for each time an administrator logged on the R3000 server. , R3000 E ECHNOLOGIES...

  • Page 118: View Log File Window

    The View Log File window displays when View Log File is selected from the Diagnostics menu. This window is used for viewing the most recent log file results of various activi- ties and for troubleshooting. Fig. 2:1-25 View Log File window , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 119: View Log Results

    NIC card. NOTE: For information about the “wbwatch Log (wbwatch.log)” and “Authentication Log (AuthenticationServer.log)” options, see the View log results section in the R3000 Authentication User Guide. • “Admin GUI Server Log (AdminGUIServer.log)” - used for viewing information on entries made by the admin- istrator in the GUI.

  • Page 120: Troubleshooting Mode Window

    Fig. 2:1-26 Troubleshooting Mode window WARNING: This tool utilizes system resources, impacting the R3000’s performance. When you click Enable the R3000 will stop filtering the network. After you finish making the necessary changes to the server, be sure to click Disable to terminate your Troubleshooting Mode session.

  • Page 121: Use The Troubleshooting Mode

    (TCP); Address Resolution Protocol (ARP); packets destined to a specified port (80, 443, 81); packets destined to the R3000; packets sent to or from port 20 or 21; or packets sent to the Virtual IP address’s port 137 or 139.

  • Page 122: Active Profile Lookup Window

    "source" R3000 server. Fig. 2:1-27 Active Profile Lookup window NOTE: In order to use this diagnostic tool, IP sub-groups must be set up in the Group section of the R3000, and each IP sub-group must have a filtering profile. , R3000 E...

  • Page 123: Verify Whether A Profile Is Active

    • Filter Options (optional) - filter options to be used in the user’s profile: “X Strikes Blocking”, “Google Safe Search”, “Search Engine Keyword Filter Control”, and/ or “URL Keyword Filter Control”. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 124: Admin Audit Trail Window

    FTP server. The log of changes made on the server can be viewed in this window. Admin Audit Trail The Admin Audit Trail tab displays by default: Fig. 2:1-28 Admin Audit Trail window , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 125: Specify Ftp Criteria

    5. Type in the Password to be used, and type it again in the Confirm Password field. 6. Click Apply to apply your settings. FTP the Log on Demand Click FTP Now to transfer the log on demand. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 126: View

    (Time), IP address of the machine used by the administrator, administrator's User- name, and a brief description of the Action performed on the server. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 127: Alert

    This window is used for setting up and main- taining e-mail addresses of contacts who will receive auto- mated notifications if problems on the network are detected during the R3000’s self-monitoring process. Fig. 2:1-30 Alert window , R3000 E...
  • Page 128 FTP server. Action should be taken to prevent the hard drive from reaching 100 percent utilization. • Log File Transmission - If the R3000 is unable to send log files as scheduled to an ER server or a third party...

  • Page 129: Enable The Alert Feature

    2. After all edits have been made, click Apply to apply your settings. Disable the Alert Feature 1. Click the “Disable” radio button. 2. Click Apply to apply your settings. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 130: Patch

    Fig. 2:1-31 Patch window NOTE: Available patches for the R3000 come from downloads made to the server via Traveler, 8e6’s executable program that can run on demand or be set to run at a scheduled time.

  • Page 131: Read Information About An Applied Patch

    NOTE: Patches must be applied to the server in sequential order. TIP: Click the link (“here”) at the bottom of the window to go to the Web page at 8e6 Technologies’ public site (http:// www.8e6.com/products/R3000/patches/r3000_patches.htm) where release notes about patches can be obtained.

  • Page 132: Synchronization

    Synchronization By default, the Synchronization pop-up menu includes the Setup option that lets you specify the R3000 server’s func- tion on the network: whether it will be a stand alone box, or whether it will send profile changes to—or receive profile changes from—another R3000.

  • Page 133: Setup Window

    The Setup window displays when Setup is selected from the Synchronization menu. This window is used for establishing the function of the R3000, especially if there is more than one R3000 on the network. When there are multiple R3000 servers, it is important to set up one as a "source" server and others as "targets,"...

  • Page 134: Using Only One R3000 On The Network

    An R3000 configured to be a “source” server will send profile changes to other R3000 (“target”) servers. WARNING: If an R3000 server is set up in the Source mode with a Network Address Translation (NAT) device between the source and target server(s), be sure that ports 26262, 26268, and 88 are open on the source server.
  • Page 135 3. In the Target IPs frame, enter the Target IP address of the R3000 server that will receive profile changes from this server being configured. NOTE: If a target server is set up with a NAT device, the NAT IP address must be used instead of the target server’s own IP...
  • Page 136 NOTE: This test only verifies whether this server can contact the target server(s). In order for synchronization to be operable on the network, the target server(s) must also be able to contact this source server being configured. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 137: Sync All Target Servers With The Same Settings

    Two scenarios in which this feature might be used involve restoring backup data to the R3000 server: • In the first scenario, library configurations from a previous date in time are restored to the source server, and each target server needs to have these same library configurations as well.

  • Page 138: Set Up An R3000 To Be A Target Server

    An R3000 configured to be a target server will receive profile changes from the source server only. WARNING: If an R3000 server is set up in the Target mode with a NAT device between the target and source server, be sure that ports 26262 and 26268 are open on the target server.
  • Page 139 NOTE: This test only verifies whether this server can contact the source server. In order for synchronization to be operable on the network, the source server must also be able to contact this target server being configured. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 140: Status Window

    Fig. 2:1-36 Status window, Source mode If set up in the Target mode, this window is used for verifying that profile updates are being received from the source server. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 141: View The Sync Status Of Targets From The Source

    YSTEM SCREEN View the Sync Status of Targets from the Source If the server is set up in the Source mode, the R3000 System Time displays at the top of the Target(s) Status frame. This is the current date and time from the R3000 server—using the YYYY/MM/DD and HH:MM:SS format—...

  • Page 142: View Items In The Queue

    1. In the Current Queue column for that server, click Details to open the Queue of Target pop-up window: Fig. 2:1-37 Queue of Target pop-up window 2. Click Close to close the pop-up window. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 143: View Items Previously Synced To The Server

    Fig. 2:1-38 History of Target pop-up window 4. Click Close to close the pop-up window. Place Items in Queue for Syncing To place new sync items in queue for the target server(s), click Test Sync. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 144: View The Sync Status Of The Target Server

    YSTEM SCREEN View the Sync Status of the Target Server If the server is set up in the Target mode, the R3000 System Time displays above the Target Sync Status frame. This is the current date and time from the R3000 server—using the YYYY/MM/DD and HH:MM:SS format—and includes the...

  • Page 145: Mode

    Synced to the Server in this section for information on accessing and viewing the contents of this window. Mode Mode includes options for configuring the R3000 to filter the network. Click the Mode link to view a menu of sub-topics: Operation Mode and Proxy Environment Settings.

  • Page 146: Operation Mode Window

    Mode is selected from the Mode menu. This window is used for specifying the operational mode in which the R3000 will filter the network, and the settings the R3000 will use for “listening to” traffic and sending traffic. Fig. 2:1-41 Operation Mode window Set the Operation Mode The default Mode setting is “Invisible”.

  • Page 147: Specify The Listening Device

    PCs. 2. If a change was made at this field, click Apply to apply your settings. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 148: Specify The Block Page Delivery Method

    Address Resolution Protocol method to find the best possible destination MAC address of a specified host, usually the R3000 gateway. • “Send Block to Specified Host MAC Address” - using this preferred method, the block page will always be sent to the MAC address of a specified host, usually the R3000 gateway.

  • Page 149: Proxy Environment Settings Window

    Proxy Environment Settings is selected from the Mode menu. This window is used for specifying whether the R3000 is in a proxy environment, and if the default Web server port number 80 will be enabled. Fig. 2:1-42 Proxy Environment Settings window...

  • Page 150: Use A Local Proxy Server

    1. Click the “On” radio button. This selection indicates that the R3000 will perform a reverse lookup on packets to detect the source address and origin of packets. 2. Click Apply to apply your setting.

  • Page 151: Authentication

    ECTION HAPTER YSTEM SCREEN Authentication Authentication includes options for configuring the R3000 to authenticate and re-authenticate users on the network. Click the Authentication link to view a menu of sub-topics: Enable/Disable Authentication, Authentication Settings, Authentication SSL Certificate, and Authentication Form Customization.

  • Page 152: Nic Mode

    The NIC Mode window displays when NIC Mode is selected from the control panel. This window lets you specify the speed for the R3000’s Network Interface Card settings so that the R3000 can communicate with the network switch or hub. Fig. 2:1-44 NIC Mode window By default the NIC mode for Ethernet 0 and Ethernet 1 is set to “Auto”.

  • Page 153: View The Nic Negotiation

    NIC. Modify the NIC Mode Setting WARNING: If changing the NIC mode, be sure the hub/switch to which the R3000 is connected will support the selected NIC mode. An incorrect setting may prevent you from accessing the R3000 GUI.

  • Page 154: Nic Mode Speeds Chart

    For an Interface with an “Up” status, the Link status (Up or Down) displays to the right of the Interface status. NIC Mode Speeds Chart Below is a chart of NIC speeds for various R3000 models: Model LAN 1 (eth0) LAN 2 (eth1)

  • Page 155: Backup/Restore

    Fig. 2:1-46 Backup/Restore window WARNING: A backup should be created and downloaded off the R3000 server whenever a change is made to filtering settings on the R3000 server. , R3000 E ECHNOLOGIES...

  • Page 156: Backup Procedures

    These backup files can be uploaded to a new server, eliminating the need to re- enter the same settings from the old R3000 in the GUI of the new R3000. NOTE: See Server Maintenance Procedures from the Introduc- tory Section’s Chapter 3: Synchronizing Multiple Units, for an...

  • Page 157: Perform A Backup

    To back up configuration and/or library modifications: 1. In the Backup frame, click the Configuration and/or Library checkbox(es) as appropriate. 2. Click Backup to open the R3000 Backup dialog box: Fig. 2:1-47 R3000 Backup dialog box 3. Type in the Filename for the backup file.

  • Page 158: Download A File

    “.gz” file: Fig. 2:1-48 Save file alert box 3. Click OK to close the alert box and to open the File Download dialog box: Fig. 2:1-49 File Download dialog box , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 159 Down- load to display field: Fig. 2:1-51 Download complete dialog box You can now open this file, open the folder where the file was saved, or close this dialog box. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 160: Perform A Restoration

    WARNING: Be sure the file you are restoring uses the same version of the software currently used by the R3000 Administrator GUI. Refer to the Patch window for available updates to the R3000’s software. (See the Patch window for more information about software updates.)

  • Page 161: Restore Configurations To The Server

    Backup Configurations grid. Restore Configurations to the Server To restore configurations or library modifications from a previous backup: 1. Select the file from the Backup Configurations grid. 2. Click Restore to overwrite the current settings. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 162: Remove A Backup File

    1. Select the file. 2. Click Delete. View Backup and Restoration Details To view details on backup and/or restoration activities: 1. Click Log to open the Backup/Restore Log pop-up box: Fig. 2:1-54 Backup/Restore pop-up box , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 163 The following information displays for each row: the date and time a process was attempted to be executed, and a Message indicating whether that process succeeded or failed. 2. Click OK to close the pop-up box. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 164: Reset

    Fig. 2:1-55 Reset window WARNING: When Reset is clicked, all settings made on the R3000 server will be removed and the box will be restored to its original state. Any patches applied to the server subsequent to receiving this box will need to be reapplied.

  • Page 165: Radius Authentication Settings

    The Radius feature uses a Radius accounting server that determines which accounts will be filtered and how they will be filtered. The user profile in the Radius accounting server holds the filter definition for the user. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 166: Enable Radius

    Order to transfer the most significant byte first. • Click the radio button corresponding to Host Byte Order to use the byte order stored in the server (big endian or little endian order). , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 167: Forward Mode Option

    The NAS will forward accounting request packets to the Radius accounting server. 2. Check the box for Use R3000 IP as Source IP, if the IP address of the R3000 server (eth0 or eth1) should be used when forwarding packets instead of the IP address of the NAS.

  • Page 168: Apply Settings

    ECTION HAPTER YSTEM SCREEN Apply Settings Click Apply to save your settings. Disable Radius To disable the Radius feature: 1. At the Radius Mode field, click the “Off” radio button. 2. Click Apply. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 169: Snmp

    R3000's filtering on a network. Fig. 2:1-57 SNMP window The following aspects of the R3000 are monitored by SNMP: data traffic sent/received by a NIC, CPU load average at a given time interval, amount of free disk space for each disk partition, time elapse since the box was last rebooted, and the amount of memory currently in usage.

  • Page 170: Enable Snmp

    1. To remove one or more IP addresses from the list, select each IP address from the Access control list, using the Ctrl key for multiple selections. 2. Click Delete. 3. Click Save Changes. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 171: Strikes Blocking

    NOTE: X Strikes Blocking settings are effective only for filtering profiles with the X Strikes Blocking filter option enabled. (See Filter Options in the Group screen section for information on setting up the X Strikes Blocking filter option.) , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 172: Configuration

    Choose either “Unlimited”, or “Defined”. If “Defined” is selected, enter the number of minutes in the text box. The default setting is 5. 5. Click Save to save your configuration settings. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 173: Reset All Workstations

    Internet privileges were temporarily suspended for a total of ‘X’ (amount of time),” in which ‘X’ represents the number of minutes/hours the user will be locked out from Internet usage on that workstation. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 174: Overblocking Or Underblocking

    0 seconds, the second at 4 seconds, the third at 8 seconds, the fourth at 12 seconds, and the fifth at 16 seconds. If the configuration settings for this example overblock too many users too frequently: , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 175: Email Alert

    • the maximum number of strikes may need to be reduced Email Alert Click the Email Alert tab to display Email Alert: Fig. 2:1-60 X Strikes Blocking window, Email Alert tab , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 176: Set Up Email Alert Criteria

    The Daily Schedule pop-up window that shows the alert time schedule in the (HH:MM:SS) format: Fig. 2:1-61 The Daily Schedule pop-up window Click Close to close the pop-up window. 3. Click Save to save the field entries. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 177: Set Up Email Alert Recipients

    Remove Email Alert Recipients 1. Select the email address(es) from the Current Email Alerts list box. 2. Click Delete to remove the email address(es) from list. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 178: Logon Accounts

    NOTE: When an authorized staff member is added to this list, that user’s User ID is automatically added to the Current Un- Accessible Users list box in the Logon Accounts tab of the Real Time Probe window. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 179: Deactivate An Authorized Logon Account

    (See Chapter 4: Reporting screen, Real Time Probe for information on setting up and using real time probes.) , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 180: Categories

    “No Strike” Categories list box. 3. Click Apply to apply your settings. NOTE: Library categories in the “Strike” Categories list box will only be effective for filtering profiles with the X Strikes Blocking Filter Option enabled. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 181: Go To X Strikes Unlock Workstation Gui

    The Re-login window opens if the user’s session needs to be validated: Fig. 2:1-64 Re-login window 1. Enter your Username. 2. Enter your Password. 3. Click OK to close the Re-login window and to re-access the GUI. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 182: Strikes Unlock Workstation

    NOTE: An authorized staff member can click a link in an email alert, or type in http://x.x.x.x:88/XStrike.jsp in the address field of a browser window—in which “x.x.x.x” is the IP address of the R3000—to view locked workstation criteria. Unlock a Workstation To unlock a specified workstation: 1.

  • Page 183: Set Up An Email Address To Receive Alerts

    1. Enter the email address in the Email Address to be Subscribed/Unsubscribed text box. 2. Click Unsubscribe. Close the Pop-up Window Click the “X” in the upper right corner of the pop-up window to close the window. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 184: Chapter 2: Group Screen

    For the NT and LDAP domain options, the global adminis- trator must first set up authentication in order to enable NT/ LDAP options. The administrator then sets up and main- tains groups, and creates filtering profiles for groups and users. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 185 Information on creating filtering profiles for IP sub-groups can be found in the Group Administrator Section of this manual. If using the synchronization feature, if the R3000 server being configured is set up in the Target mode, the only branch that displays in the tree is Global Group.

  • Page 186: Global Group

    Upload/Download IP Profiles, Minimum Filtering Level, and Refresh All. Fig. 2:2-2 Group screen, Global Group menu NOTE: If the synchronization feature is used and this R3000 being configured is set up in the Target mode, the only sub-topic that displays is Range to Detect.

  • Page 187: Range To Detect Window

    Detect is selected from the Global Group menu. This window is used for defining segments of network traffic to be detected by the R3000. Service ports that should be open— ignored by the R3000—are also defined in this window. Fig. 2:2-3 Range to Detect window NOTE: Segments of network traffic should not be defined if using the firewall mode.

  • Page 188: Add A Segment To The Network

    1. Enter the IP address and netmask in the Include IP fields. These entries specify the range of IP addresses that will be detected by the R3000. 2. If an IP address in this specified range should be excluded, enter that IP address and netmask in the Exclude IP fields.

  • Page 189: Optional: Add Destination Ip Ranges

    NOTE: By making entries in Destination IP fields, traffic will be restricted to the range specified in the Source IP and Destination IP frames. This reduces the load on the R3000, thus enabling it to handle more traffic. If a destination IP address range will be used: 1.

  • Page 190: Modify A Segment Of The Network

    1. In the Destination Port frame, verify that the number of the service port displays in the Ignore Port(s) display field. 2. Enter this service port number in the Port field. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 191: Save And Apply Modifications

    Remove a Segment from the Network To remove an IP address range from being detected on the network: 1. Select the item from the Current Ranges list box. 2. Click Remove. 3. Click Apply to apply your settings. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 192: Rules Window

    “Rule 2 BLOCK PORN”, and “Rule 3 Block IM and Porn”. By default, “Rule 1” displays in the Rule # field”, “BYPASS” displays in the Rule Description field, and Uncategorized Sites are allowed to Pass. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 193: Add A Rule

    4. Click the “Pass” or “Block” radio button to specify whether all Uncategorized Sites should pass or be blocked. 5. Click Add Rule to include your rule to the list that displays in the pull-down menu. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 194: Modify A Rule

    1. Select the rule from the Current Rules pull-down menu. 2. Make your modifications. 3. Click Modify Rule. Remove a Rule To delete a rule: 1. Select the rule from the Current Rules pull-down menu. 2. Click Delete Rule. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 195: Global Group Profile Window

    Category, Port, Default Redirect URL, and Filter Options. Entries in these tabs comprise the profile string for the global group. Fig. 2:2-5 Global Group Profile window, Category tab , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 196: Category Profile

    Ctrl key on your keyboard. Blocks of cate- gories can be selected by clicking the first category, and then pressing the Shift key on your keyboard while clicking the last category. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 197: Port

    4. Click Apply to apply your settings at the global level. Port Port displays when the Port tab is clicked. This tab is used for blocking access to specified ports for the global filtering profile. Fig. 2:2-6 Global Group Profile window, Port tab , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 198: Create, Edit A List Of Service Ports

    3. Click Apply to apply your settings at the global level. To remove a port number from the list box: 1. Select the port number. 2. Click Remove. 3. Click Apply to apply your settings at the global level. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 199: Default Redirect Url

    If “Custom URL” is selected, enter the redirect URL in the corresponding text box. Users will be redirected to the designated page at this URL instead of the block page. 2. Click Apply to apply your settings. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 200: Filter Options

    1. Click the checkbox(es) corresponding to the option(s) to be applied to the global group filtering profile: “X Strikes Blocking”, “Google Safe Search”, “Search Engine Keyword Filter Control”, “URL Keyword Filter Control”. 2. Click Apply to apply your settings. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 201 Search Engine Keywords window of 8e6 Supplied library categories and custom library categories. NOTES: Search engine keyword filtering relies on an exact keyword match. For example, if the word “sex” is set up to be , R3000 E ECHNOLOGIES NTERPRISE ILTER...
  • Page 202 URLs that are not even within blocked catego- ries. For example, if all URL keywords containing “sex” are blocked, users will not be able to access a non-pornographic site such as “http://www.essex.com”. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 203: Upload Ip Profiles Window

    NOTE: For examples of entries to include in a profile file, go to http://www.8e6.com/r3000help/files/2group_ipprofiles.html. WARNING: Any existing profiles will be overwritten by the contents of the uploaded file. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 204 Fig. 2:2-11 Upload IP Profiles pop-up confirmation window 5. Click the “X” in the upper right corner of the pop-up box to close it. 6. Click Reload Now to reload the new profiles. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 205: Download Profile

    8e6 supplied library categories and service ports. These settings can be bypassed if a user in an IP subgroup has an override account. (See the Override Account window for more information.) , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 206: Minimum Filtering Categories

    Fig. 2:2-13 Minimum Filtering Level window, Min. Filtering Categories By default, “Child Porn” and “General Pornography” display in the Blocked Categories list box, and the Pass Categories list box contains all other active library categories. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 207: Create, Edit Minimum Filtering Categories

    Shift key on your keyboard while clicking the last category. 3. Click Apply to apply your settings for the minimum filtering level. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 208: Port

    1. Enter the port number in the Port field. 2. Click Add. Each port number you add displays in the Block Port(s) list box. 3. Click Apply to apply your settings at the minimum filtering level. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 209: Minimum Filtering Bypass Options

    IP sub-group will be allowed to bypass the minimum filtering level with an override account or an exception URL. Fig. 2:2-15 Minimum Filtering Level window, Min. Filter Bypass tab , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 210: Specify Minimum Filtering Bypass Options

    2. Click Save to apply your settings. (See the Exception URL window in the Group Administrator Section for more information.) , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 211: Refresh All

    If authentication is enabled, when Refresh All is clicked, the NT and LDAP branches of the tree display. When authenti- cation is disabled, when Refresh All is clicked only the IP branch of the tree displays. , R3000 E ECHNOLOGIES NTERPRISE ILTER...
  • Page 212 IP includes options for adding an IP group and to refresh the tree list. Click the IP link to view a menu of sub-topics: Add Group, and Refresh. Fig. 2:2-16 Group screen, IP menu , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 213: Add Group

    Group Administrator Section of this manual. Refresh Refresh IP Groups From the IP group menu, click Refresh whenever changes have been made in this branch of the tree. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 214: Chapter 3: Library Screen

    Main topics in this section include the following: Updates, Library Lookup, CFM, NNTP Newsgroup, 8e6 Supplied Categories, and Custom Category. NOTE: If the synchronization feature is used, an R3000 set up in the Target mode will only display the Updates and Library Lookup topics.
  • Page 215 See Appendix C for information on messages that display in the Library Update Log window. The 8e6 Supplied Categories Instant Messaging (IM) library cate- gory only includes Library Details and URLs sub-topics. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 216: Updates

    Updates includes options for making configurations for library category activities. Click the Updates link to view a menu of sub-topics: Configuration, Manual Update, and Library Update Log. Fig. 2:3-2 Library screen, Updates menu , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 217: Configuration Window

    Configuration window The Configuration window displays when Configuration is selected from the Updates menu. This window is used for making settings to allow the R3000 to receive 8e6 supplied library category updates on a daily basis. Fig. 2:3-3 Configuration window Set a Time for Updates to be Retrieved 1.

  • Page 218: Optional: Specify A Proxy Server

    1. In the Transfer Type frame, by default “Passive” is selected, indicating that transfers will be made via unre- stricted outgoing network connections. Click “Active” if transfers will be initiated by the server. 2. Click Apply to apply your settings. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 219: Manual Update Window

    This window is used for updating specified 8e6 supplied library categories on demand from the update server, if the R3000 has not received daily updates due to an occurrence such as a power outage. Fig. 2:3-4 Manual Update window NOTE: The Configuration window should be used for scheduling the R3000 to automatically download libraries on a daily basis.

  • Page 220: Specify The Type Of On Demand Update

    • Patch Update - Select this option to download new patches for the R3000, if available. Any patches that are downloaded can be found in the System section of the GUI, in the Patch window. Using that window, a patch can be selected and applied.

  • Page 221: Library Update Log Window

    The Library Update Log window displays when Library Update Log is selected from the Updates menu. This window is used for viewing transfer activity from the update server to your R3000. Fig. 2:3-5 Library Update Log window , R3000 E...

  • Page 222: View The Library Update Process

    Keep clicking this button to continue viewing log file data. NOTE: See Appendix C: Library Update Log Messages for infor- mation about messages that display in the log file. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 223: Library Lookup

    To see if a URL has been included in the library: 1. In the URL Lookup frame, enter the URL. For example, in the URL field enter http://www.beer.com, or use a wild- card by entering *.beer.com or *beer.com. A wildcard , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 224: Search Engine Keyword Lookup, Removal

    After all changes have been made to library windows, click Reload Library to refresh. NOTE: Since reloading the library utilizes system resources that impact the performance of the R3000, 8e6 recommends clicking Reload Library only after modifications to all library windows have been made.

  • Page 225: Cfm

    This window is used for enabling the Customer Feedback Module feature, in which the most frequently visited non-categorized URLs in your R3000's filter log will be FTPed to 8e6 on a daily basis. The URLs collected by 8e6 will be reviewed and added to 8e6's stan- dard library categories, as appropriate, so they can be blocked.

  • Page 226: Enable Cfm

    Web request data or Internet usage information to 8e6 Technologies’ server for statistical analysis. 8e6 Technologies may gather information relating to types of sites requested by end users at your choice by enabling the CFM on 8e6 Technologies’ prod- ucts. , R3000 E ECHNOLOGIES...
  • Page 227 However, it is possible that some personal infor- mation may be contained in the URLs collected by the CFM and sent to 8e6 Technologies. At no time will any personal information collected be released publicly, nor will the Web request data be used for any purpose other...
  • Page 228 LOBAL DMINISTRATOR ECTION HAPTER IBRARY SCREEN Fig. 2:3-9 Note dialog box 6. If you do not have a firewall, or if you agree to open your firewall to cfm.8e6.com, click Accept to proceed. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 229: Nntp Newsgroup

    To add a newsgroup to the library: 1. In the Newsgroup frame, enter the Newsgroup address. 2. Click Add. If the newsgroup already exists, an alert box will open to inform you that it exists. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 230: Remove A Newsgroup From The Library

    After all changes have been made to library windows, click Reload Library to refresh. NOTE: Since reloading the library utilizes system resources that impact the performance of the R3000, 8e6 recommends clicking Reload Library only after modifications to all library windows have been made.

  • Page 231: 8E6 Supplied Categories

    Administrator Section for information on setting up customized library categories. WARNING: The maximum number of library categories that can be saved is 250. This figure includes both 8e6 supplied catego- ries and custom categories. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 232: Library Details Window

    This window is a view only window. Fig. 2:3-12 Library Details window View Library Details This window displays the Description and Short Name of the 8e6 supplied library category. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 233: Urls Window

    Fig. 2:3-13 URLs window, Action tab NOTE: For the Instant Messaging library category, the IP field replaces the URL field on the Action tab. The IP address must be entered in order to block the instant messaging service. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 234: View A List Of Urls In The Library Category

    View tab, and make a selection from the pull-down menu for “Addition List”, or “Deletion List”. Click View List to display the specified items in the Select List list box: Fig. 2:3-14 URLs window, View tab , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 235: Add Or Remove Urls, Reload The Library

    TIP: Multiple URLs can be selected by clicking each URL while pressing the Ctrl key on your keyboard. Blocks of URLs can be selected by clicking the first URL, and then pressing the Shift key on your keyboard while clicking the last URL. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 236: Remove A Url From The Library Category

    After all changes have been made to library windows, click Reload Library to refresh. NOTE: Since reloading the library utilizes system resources that impact the performance of the R3000, 8e6 recommends clicking Reload Library only after modifications to all library windows have been made.

  • Page 237: Url Keywords Window

    URL keyword filtering.) WARNING: Use extreme caution when setting up URL keywords for filtering. If a keyword contains the same consecutive charac- ters as a keyword set up to be blocked, users will be denied , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 238: View A List Of Url Keywords

    Upload URL Keyword File frame, specify whether the contents of this file will add to the current file, or overwrite the current file on the server, by clicking the “Append” or “Overwrite” radio button. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 239: Upload A List Of Url Keyword Additions

    4. Click Upload File to upload this file to the server. NOTE: A URL keyword text file must contain one URL keyword per line. WARNING: The text file uploaded to the server will overwrite the current file. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 240: Upload A List Of Url Keyword Deletions

    After all changes have been made to library windows, click Reload to refresh. NOTE: Since reloading the library utilizes system resources that impact the performance of the R3000, 8e6 recommends clicking Reload only after modifications to all library windows have been made.

  • Page 241: Search Engine Keywords Window

    NOTE: Master lists cannot be uploaded to any 8e6 supplied library category. See the Custom Category sub-section of the Group Administrator Section of this manual for information on uploading a master list to the server. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 242: View A List Of Search Engine Keywords

    To add a search engine keyword to the library category: 1. Enter the Search Keyword in the Edit Search Keyword List frame. 2. Click Add to display the keyword in the Select List list box below. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 243: Remove A Search Engine Keyword From The Library

    3. Click Upload File to upload this file to the server. NOTE: A search engine keywords text file must contain one keyword per line. WARNING: The text file uploaded to the server will overwrite the current file. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 244: Upload A List Of Search Engine Keyword Deletions

    After all changes have been made to library windows, click Reload to refresh. NOTE: Since reloading the library utilizes system resources that impact the performance of the R3000, 8e6 recommends clicking Reload only after modifications to all library windows have been made.

  • Page 245: Chapter 4: Reporting Screen

    Internet activities of specified users in real time. NOTE: Information on configuring the Enterprise Reporter (ER) to work with the R3000 can be found in Appendix A of the Appen- dices Section. WARNING: A version of the Enterprise Reporter prior to 3 should not be configured to work with the R3000.

  • Page 246: Report Configuration Window

    Specify the Reporting Device By default, no option is selected at the Export field. If R3000 logs will be exported to a reporting application: 1. Click the checkbox corresponding to the reporter to be used for transferring logs: “8e6 Enterprise Reporter”, or “Other Device”.

  • Page 247: 8E6 Enterprise Reporter

    If “8e6 Enterprise Reporter” was selected, the 8e6 Enter- prise Reporter tab displays by default. On this tab, you need to specify criteria for the ER server that will receive logs from the R3000. Fig. 2:4-3 Report Configuration window, 8e6 ER option, ER tab Edit ER Server Information In the Log File Transfer Configuration frame, by default the IP address 1.2.3.6 displays in the Remote Server list box.

  • Page 248: View Transfer Activity To The Er

    2. Click Remove. View Transfer Activity to the ER After the ER has been configured and logs have been trans- ferred from the R3000 to the ER, you can view transfer activity. Fig. 2:4-4 Report Configuration window, 8e6 ER option, Log tab 1.

  • Page 249: Other Device

    If “Other Device” was selected, the Other Device tab displays by default. On this tab, you need to specify criteria for the reporter that will receive logs from the R3000. Fig. 2:4-5 Report Configuration window, Other Device option and tab...
  • Page 250 8 = updates occur every eight hours, at these intervals of time: 8, 16, 24. 12 = updates occur every 12 hours, at these intervals of time: 12, and 24. 24 = updates occur every 24 hours. 2. Click Save. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 251: View Transfer Activity To The Reporting Device

    HAPTER EPORTING SCREEN View Transfer Activity to the Reporting Device After logs have been transferred from the R3000 to the reporting device, the Log tab can be clicked to view transfer activity. On this tab, click View Log to view up to the last 300 lines of transfer activity in the View Log frame.

  • Page 252: Real Time Probe

    Probe is selected from the control panel. This feature lets the probe administrator monitor a user's Internet usage in real time to see if that user is using the Internet appropri- ately. Fig. 2:4-6 Real Time Probe window, Configuration tab , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 253: Configuration

    Exclude an IP Address from Real Time Probing 1. Enter the Excluded IP Address of a machine to be bypassed from real time probing. 2. Click Add to add the IP address in the Current White list of IPs. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 254: Remove Ips From The White List

    EPORTING SCREEN Remove IPs from the White List 1. Select the IP address(es) from the Current White list of IPs list box. 2. Click Delete to remove the IP address(es) from the white list. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 255: Report Recipients

    Format to be used for the file: “Plain Text” or “HTML”. By default, “HTML” is selected. 2. Enter the Maximum File Size of an Email Report (MB) that can be sent. The default is 5 MB. 3. Click Save. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 256: Set Up Email Addresses To Receive Reports

    Remove Email Addresses 1. Select the email address(es) from the Current List of Completed Reports to be Emailed list box. 2. Click Delete to remove the email address(es) from list. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 257: Logon Accounts

    NOTE: When an authorized staff member is added to this list, that user’s User ID is automatically added to the Current Un- Accessible Users list box in the Logon Accounts tab of the X Strikes Blocking window. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 258: Deactivate An Authorized Logon Account

    (See Chapter 1: System screen, X Strikes Blocking for information on reseting strikes and unlocking workstations.) , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 259: Go To Real Time Probe Reports Gui

    The Re-login window opens if the user’s session needs to be validated: Fig. 2:4-9 Re-login window 1. Enter your Username. 2. Enter your Password. 3. Click OK to close the Re-login window and to re-access the GUI. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 260: Real Time Probe Reports

    “x.x.x.x” is the IP address of the R3000—to only see probes he/she created. Create a Real Time Probe Click the Create tab to enter and specify criteria for the report you wish to generate: Fig.
  • Page 261 This selection generates a report with data for all URLs containing the consecutive characters you specified. In this example, if mail is entered, “http:// www.hotmail.com” and “http://loginnet.passport.com/ login.srf?id=2&svc=mail&cbid=24325&msppjph=1&tw =0&fs=1&fsa=1&fsat=1296000&lc=1033&_lang=EN” would be included in the report. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 262 “Schedule at” and select the date and time from the pull-down menus. The maximum 6. Enter the Total Run Time in Minutes. 7. Click Apply. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 263: View Real Time Probe Details

    Fig. 2:4-11 Real Time Probe Reports, View tab The Display Name shows the name assigned to the probe on the Create tab. The Status of the probe displays: Completed, In Progress, or Scheduled. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 264 This box displays the number of minutes left for the probe to run (Run Time Left), and user access details for each item in the grid: Date & Time (in the YYYY/MM/DD HH:MM:SS format); IP Address; User Name; Library Category; and URL. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 265 Display Name; Email Address to Mail the Completed Report; Search Option criteria; Start Date & Time; Run Time; and User ID of the creator of the probe (Created by). Click Close to close this box. , R3000 E ECHNOLOGIES NTERPRISE ILTER...
  • Page 266 Clicking Email opens the Email Address box: Fig. 2:4-15 Email Address box Enter the Email Address to Mail the Completed Report and click Send to send the completed report to the desig- nated email address. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 267: Roup Dministrator Ection

    • creates override accounts for IP group users who are authorized to access Internet content blocked at the global level • creates and maintains customized library categories • uses the lookup tool to remove URLs or search engine keywords from customized libraries , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 268: Chapter 1: Group Screen

    The only items that display are Global Group and IP. NOTE: If the synchronization feature is used, a server set up in the Target mode will not have branches of the tree accessible. , R3000 E ECHNOLOGIES NTERPRISE ILTER...
  • Page 269 If sub-groups were added, these display when the IP group is double-clicked. Click an entity in the tree list to view a menu of topics or actions that can be performed for that entity. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 270: Ip Group

    ROUP SCREEN IP Group Refresh Refresh the IP Group, Sub Group Click Refresh whenever a change has been made to the group or sub-group level of the tree. Fig. 3:1-2 Group screen, IP menu , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 271: Group

    Click the group’s link to view a menu of subtopics: Group Details, Members, Override Account, Add Sub Group, Delete Group, and Paste Sub Group. Fig. 3:1-3 Group screen, group menu , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 272: Group Window

    In the Group Administrator frame, the Group Name displays. To change the password for this group: 1. Enter the password in the Password and Confirm Pass- word fields. 2. Click Apply to apply your settings. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 273: Members Window

    If using the invisible or router mode: 1. Enter the IP address and netmask in the Source IP fields. 2. Click Add to include the IP address/netmask in the Current Members list box. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 274: Remove The Ip Address Of The Group

    Calculate to display results in the Min Host and Max Host fields. Remove the IP Address of the Group To remove an entry from the Current Members list box: 1. Select the IP address from the list box. 2. Click Remove. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 275: Override Account Window

    In order for a user with an override account to access cate- gories and ports set up to be blocked at the sub-group level, the global administrator must first activate the option to allow an over- ride account to bypass minimum filtering level settings. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 276: Add An Override Account

    3. Click Add to include the Override Account in the Current Account list box. Remove an Override Account To remove an override account: 1. Select the account name from the Current Account list box. 2. Click Remove. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 277: Add Sub Group

    The minimum filtering level is established by the global administrator. Delete Group Delete an IP Group Profile To delete a group profile, choose Delete Group from the group menu. This action removes the group from the tree. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 278: Paste Sub Group

    Fig. 3:1-8 Paste Sub Group dialog box 2. In the Input sub group name field, enter the name of the sub-group. 3. Click OK to add the sub-group to the group tree. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 279: Sub Group

    Click the sub-group’s link to view a menu of sub-topics: Sub Group Details, Members, Sub Group Profile, Exception URL, Time Profile, Delete Sub Group, and Copy Sub Group. Fig. 3:1-9 Group screen, Sub Group menu , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 280: Sub Group (Ip Group) Window

    The IP Range, and Member IP address and netmask display, if this information was previously added in this window and applied. The IP Range and Member IP address can be entered or edited in these fields, as neces- sary. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 281: Members Window

    Members window The Members window displays when Members is selected from the menu. This window is used for modifying the subgroup’s Member IP address, for the invisible and router modes. Fig. 3:1-11 Members window , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 282: Enter The Ip Address Of The Sub-Group

    Profile is selected from the sub-group menu. This window is used for viewing/creating the sub-group’s filtering profile. Click the following tabs in this window: Category, Redirect URL, and Filter Options. Entries in these tabs comprise the profile string for the sub-group. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 283: Category Profile

    By default, “Rule 0 Minimum Filtering Level” displays in the Available Filter Levels pull-down menu, and the Minimum Filtering Level box displays “Child Porn” and “General Pornography”. By default, Uncategorized Sites are allowed to Pass. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 284: Create, Edit A List Of Selected Categories

    Shift key on your keyboard while clicking the last category. 2. Click the “Pass” or “Block” radio button to specify whether all Uncategorized Sites should pass or be blocked. 3. Click Apply to apply your settings at the IP sub-group level. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 285: Redirect Url

    If “Custom URL” is selected, enter the redirect URL in the corresponding text box. Users will be redirected to the designated page at this URL instead of the block page. 2. Click Apply to apply your settings. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 286: Filter Options

    1. Click the checkbox(es) corresponding to the option(s) to be applied to the sub-group filtering profile: “X Strikes Blocking”, “Google Safe Search”, “Search Engine Keyword Filter Control”, “URL Keyword Filter Control”. 2. Click Apply to apply your settings. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 287 Search Engine Keywords window of custom library categories. NOTES: Search engine keyword filtering relies on an exact keyword match. For example, if the word “sex” is set up to be , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 288 URLs that are not even within blocked catego- ries. For example, if all URL keywords containing “sex” are blocked, users will not be able to access a non-pornographic site such as “http://www.essex.com”. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 289: Exception Url Window

    (See the Override Account window in this section for informa- tion on setting up an override account to allow a user to bypass sub-group settings and minimum filtering level settings, if allowed.) , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 290: Block Url Frame

    To block the sub-group’s access to the URL again: 1. Select the URL from the ByPass URLs list box. 2. Click Remove. Apply Settings Click Apply to apply your settings after adding or removing a URL. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 291: Time Profile Window

    (1:00 a.m. to 12:59 a.m., or 1st hour to 24th hour) and minutes (zero to 59). 2. Click Add to include this time range in the Current Time Profiles list box. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 292: Category Profile

    The time profile will be activated for the IP sub-group at the specified time. Category Profile The Rule tab is used for creating the categories portion of the time profile. Fig. 3:1-17 Time Profile window, Rule tab , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 293 Shift key on your keyboard while clicking the last category. 2. Click the “Pass” or “Block” radio button to specify whether all Uncategorized Sites should pass or be blocked. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 294: Redirect Url

    Page”, “Authentication Request Form”, or “Custom URL”. If “Custom URL” is selected, enter the redirect URL in the corresponding text box. Users will be redirected to the designated page at this URL instead of the block page. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 295: Exception Url

    (See the Override Account window in this section for informa- tion on setting up an override account to allow a user to bypass sub-group settings and minimum filtering level settings, if allowed.) , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 296 2. Click Add to include the URL in the ByPass URLs list box. To block the sub-group’s access to the URL again: 1. Select the URL from the ByPass URLs list box. 2. Click Remove. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 297: Filter Options

    NOTE: See the X Strikes Blocking window in Chapter 1: System screen for information on setting up the X Strikes Blocking feature. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 298 URL keywords are entered in the URL Keywords window of custom library categories. NOTE: To set up URL keywords in a URL Keywords window for a Custom Category, see Chapter 2: Library screen, URL Keywords window. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 299: Modify A Time Profile

    3. Click Apply Add on the TimeSlot tab to save your edits. Delete a Time Profile To delete a time profile, on the TimeSlot tab: 1. Select the time range from the Current Time Profiles list box. 2. Click Remove. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 300: Delete Sub Group

    2. Select the group from the tree and choose Paste Sub Group from the group menu to paste the sub-group to the group. (See Paste Sub Group dialog box in the Group section of this chapter.) , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 301: Chapter 2: Library Screen

    Main topics in this section include the following: Library Lookup and Custom Category. NOTE: If the synchronization feature is used, a server set up in the Target mode will only have the Library Lookup window avail- able. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 302: Library Lookup

    To see if a URL has been included in the library: 1. In the URL Lookup frame, enter the URL. For example, in the URL field enter http://www.beer.com, or use a wild- card by entering *.beer.com or *beer.com. A wildcard , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 303: Search Engine Keyword Lookup, Removal

    After all changes have been made to library windows, click Reload Library to refresh. NOTE: Since reloading the library utilizes system resources that impact the performance of the R3000, 8e6 recommends clicking Reload Library only after modifications to all library windows have been made.

  • Page 304: Custom Category

    Maintaining the list of URLs and keywords is the responsibility of the global or group administrator. WARNING: The maximum number of categories that can be saved is 250. This figure includes both 8e6 supplied categories and custom categories. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 305: Add Category

    TIP: If this is the first custom category you are adding, you may need to double-click “Custom Category” to open the tree list. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 306: Refresh

    NOTE: The category must have URLs, URL keywords, and/ or search keywords added to its profile in order for it to be effective. Refresh Refresh the Library Click Refresh after uploading a file to a customized library category. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 307: Custom Library Category

    Fig. 3:2-5 Library screen, custom library category menu NOTE: Since custom categories are not created by 8e6, updates cannot be provided. Maintaining the list of URLs and keywords is the responsibility of the global or group administrator. , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 308: Library Details Window

    View, Edit Library Details 1. The long Description name displays. This name can be edited. The Short Name for the library category displays and cannot be edited. 2. Click Apply to save your entry. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 309: Urls Window

    (*) symbol can be used by entering text in a format such as *.playboy.com or *playboy.com. A URL is used in a filtering profile for blocking a user’s access to a specified site or service. Fig. 3:2-7 URLs window, Action tab , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 310: View A List Of Urls In The Library Category

    2. Make a selection from the pull-down menu for “Master List”, “Addition List”, or “Deletion List”. 3. Click View List to display the specified items in the Select List list box: Fig. 3:2-8 URLs window, View tab , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 311: Add/Remove Urls, Upload Master File, Reload

    1. Enter the URL in the Edit URL List frame. 2. Click Remove to display the associated URLs in the list box below. 3. Select the URL(s) that you wish to remove from the cate- gory. 4. Click Apply Action. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 312: Upload A Master List Of Urls To The Library

    TIP: A URL text file must contain one URL per line. WARNING: The text file uploaded to the server will overwrite the current file. NOTE: Before the file is uploaded to the server, it will first be vali- dated , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 313 If the file contains valid URLs: a. Go to the IP Lookup Options section and click the radio button corresponding to the option to be used when uploading the file: , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 314: Reload The Library

    After all changes have been made to library windows, click Reload Library to refresh. NOTE: Since reloading the library utilizes system resources that impact the performance of the R3000, 8e6 recommends clicking Reload Library only after modifications to all library windows have been made.

  • Page 315: Url Keywords Window

    URL keyword filtering.) WARNING: Use extreme caution when setting up URL keywords for filtering. If a keyword contains the same consecutive charac- ters as a keyword set up to be blocked, users will be denied , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 316: View A List Of Url Keywords

    Upload a List of URL Keywords to the Library Before uploading a text file with URL keyword additions or deletions, in the Upload URL Keyword File frame, specify whether the contents of this file will add to the current file, or , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 317: Upload A List Of Url Keyword Additions

    4. Click Upload File to upload this file to the server. NOTE: A URL keywords text file must contain one URL keyword per line. WARNING: The text file uploaded to the server will overwrite the current file. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 318: Upload A List Of Url Keyword Deletions

    After all changes have been made to library windows, click Reload to refresh. NOTE: Since reloading the library utilizes system resources that impact the performance of the R3000, 8e6 recommends clicking Reload only after modifications to all library windows have been made.

  • Page 319: Search Engine Keywords Window

    (See the Filter Options tab in the Group screen section for information about enabling search engine keyword filtering.) , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 320: View A List Of Search Engine Keywords

    2. Click Add to display the keyword in the Select List list box below. Remove a Search Engine Keyword To remove a search engine keyword from a library category: 1. Enter the Search Keyword. 2. Click Remove. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 321: Upload A List Of Search Engine Keywords

    1. Click Upload To Deletion File to open the Upload Keyword pop-up window. 2. Click Browse to open the Choose file window. 3. Select the file to be uploaded. 4. Click Upload File to upload this file to the server. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 322: Reload The Library

    After all changes have been made to library windows, click Reload to refresh. NOTE: Since reloading the library utilizes system resources that impact the performance of the R3000, 8e6 recommends clicking Reload only after modifications to all library windows have been made.

  • Page 323: Echnical Upport Roduct Arranties

    UPPORT ECHNICAL UPPORT RODUCT ARRANTIES Technical Support For technical support, visit 8e6 Technologies’s Technical Support Web page at http://www.8e6technologies.com/ support/index.htm, or contact us by phone, by e-mail, or in writing. Hours Regular office hours are from Monday through Friday, 8 a.m.

  • Page 324: E-Mail

    • Your trouble ticket will not be closed until your permission is confirmed. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 325: Product Warranties

    ARRANTIES Product Warranties Standard Warranty 8e6 Technologies warrants the medium on which the 8e6 product is provided to be free from defects in material and workmanship under normal use for period of one year (the “Warranty Period”) from the date of delivery. 8e6 Technolo- gies’...

  • Page 326: Technical Support And Service

    RODUCT ARRANTIES Technical Support and Service 8e6 Technologies will provide initial installation support and technical support for up to 90 days following installation. 8e6 Technologies provides after-hour emergency support to 8e6 server customers. An after hours technician can be reached by voice line.

  • Page 327: Extended Warranty (Optional)

    If parts are discontinued from production during the Warranty Period, immediate replacement product(s) or hardware parts will be available for exchange with defective parts from 8e6 Technologies’ local reseller or distributor. Extended Technical Support and Service Extended technical support is available to customers under a Technical Support Agreement.

  • Page 328: Ppendices Ection

    ECTION Appendix A Configurations for ER Reporting When configuring the R3000 to be used with an ER unit, the following procedures must be completed in order for the ER to receive logs from the R3000. Entries in the R3000 Administrator GUI 1.
  • Page 329 Remove. 4. After the ER has been configured, and logs have been transferred from the R3000 to the ER, click the Log tab to view transfer activity. 5. On the Log tab, click View Log to view up to the last 300 lines of transfer activity in the View Log frame.

  • Page 330: Entries In The Er Administrator Gui

    IMPORTING: shadow.log.machine1. Once you see an entry, reporting information will be available one hour after the timestamp of the import listing. NOTE: Transfers occur each hour. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 331: Filtering Profile Format And Rules

    • Port command codes: Filter all ports Filter the defined port number(s) Open all ports Open the defined port number(s) Block all ports Block the defined port number(s) , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 332: Category Codes

    Block the defined category/categories • Category Codes: ALCO Alcohol AUTO Automobile BANNER Banner Books & Literature CHAT Chat COMICS Comics COMORG Community Organizations CULTS Cults DATE Personals DRUGS Drugs DUBIUS Unsavory/Dubious EDUCAT Education EDUCHT Education Cheating , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 333 Internet Service Provider KDPORN Child Porn LCOMM Local Community LEGAL Legal LIFE Lifestyle MALCOD Spyware/Phishing/Malicious Code MESBRD Message Boards MILAPP Military Appreciation MILOFL Military Official MOVTEL Movies & Television MUSAPP Music Appreciation OBSC Obscene/Tasteless , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 334 For the most up-to- date list of 8e6 supplied library categories, refer to the contents of the Help Topics file at http://www.8e6.com/r3000help/files/ 2group_textfile_cat.html#cat For an explanations and examples of category items, go to http://www.8e6.com/products/datab/ pd_86db_categories.htm , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 335: Filter Option Codes

    To disable all filter codes for an IP profile, enter 0x1 at the end of the profile string. See http://www.8e6.com/r3000help/files/ 2group_ipprofiles.html for examples of filtering profile entries. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 336: Library Update Log Messages

    Your R3000 receives 8e6 supplied library category updates via Traveler, 8e6’s executable program for updating the R3000 server. You can run Traveler on demand via the Manual Update to 8e6 Supplied Categories window, or schedule Traveler to launch at a specified time via the Configuration window.

  • Page 337: General Activity

    • Create tmp file. • getpid(). • Write pid to tmp file. • Traveler failed to create the tmp file: <ServerConstants.TRAVELER_TEMP> • Temp file deleted. • Fail to rename <szFileUrlTemp> to final <szFileUrl> , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 338: Library Update Process

    • PrintstackTrace - Fail to back up file for <FileUrl> • PrintStackTrace - <java error message> • PrintstackTrace - Fail to back up file for <category>.sew • PrintstackTrace - Fail to copy file for merging , R3000 E ECHNOLOGIES NTERPRISE ILTER...

  • Page 339: Weekly Update (7 Days Library)

    • Download keyword library: • Fail to download <category> keyword library due to connection fail! • Successfully downloaded <category> • Fail to download <category> • Search Engine Keyword Library Update has successfully completed. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 340: All Category Update (Includes All Other Msgs.)

    • Failed to download <patch> • Patch Update has successfully completed. IM and P2P Pattern File Update • Successfully downloaded <pattern> • Failed to download <pattern> • IM and P2P Update has successfully completed. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 341: Create A Custom Block Page

    Block page, not the Options page. Part I: Modify the R3000 1. Enable block page redirection Select either of the following options to modify the R3000. Option 1 lets you modify the back end, and Option 2 lets you modify the GUI.

  • Page 342: Option 2: Modify The Gui

    2. Set the redirect URL to: http://<server for block_page>[:<port for block page>]/<blockpage> NOTE: As of R3000 Version 1.1.6 or earlier, the GUI does not accept the URL with a port setting (:<port for block page>), so to get around this the block page must be placed at the default HTTP port, which is 80.

  • Page 343: Part Ii: Customize The Block Page

    Blocked URL: From the query string of the block page URL IP that accessed the blocked URL: (see URL) Category of the blocked URL: (see URL) USER User Name that accessed the blocked URL: (see URL) , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 344: Implement The "Further Option" (Optional)

    3. CGI written in C See the Reference portion of this appendix for coding details. NOTE: Don’t forget to replace <R3000 IP> with the real IP in the HTML/CGI before using these samples. Part III: Restart the R3000 You must restart the R3000 to make your changes effective.

  • Page 345: Reference

    PPENDICES ECTION PPENDIX Reference HTML <!-- Description: Sample HTML for R3000 customized block page --> <!-- Replace <R3000 IP> with real IP before using --> <!-- Revision: 1 --> <!-- Date: 03/08/2004 --> <html> <head> <script language=javascript> function parseData(str, start, end) result = "";...
  • Page 346 <input type=hidden name="URL" value=""> <input type=hidden name="IP" value=""> <input type=hidden name="CAT" value=""> <input type=hidden name="USER" value=""> <input type=hidden name="STEP" value="STEP2"> </form> <br>R3000 Customized Block Page (HTML using Java Script to parse and post form data)<br> <script language=javascript> getData(); showData(); </script>...

  • Page 347: Cgi Written In Perl

    # File Type: # Description: Sample Perl script for R3000 customized block page # Replace the <R3000 IP> with the real IP before using. # This script provide data to the options CGI through query string # Revision: # Date: 03/08/2004 $method = $ENV{'REQUEST_METHOD'};...

  • Page 348: Use Java Script To Post Form Data

    # File Type: # Description: Sample Perl script for R3000 customized block page # Replace the <R3000 IP> with the real IP before using. # This script uses Java Script to post form data to # options CGI # Revision: # Date: 03/08/2004 $method = $ENV{'REQUEST_METHOD'};...
  • Page 349 "<input type=hidden name=\"URL\" value=\"$url\">\n"; print "<input type=hidden name=\"CAT\" value=\"$cat\">\n"; print "<input type=hidden name=\"USER\" value=\"$user\">\n"; print "<input type=hidden name=\"STEP\" value=\"STEP2\">\n"; print "<br>R3000 Customized Block Page (CGI written with Perl using Java Script to post form data)<br>\n"; print "URL: $url<br>\n"; print "IP: $ip<br>\n";...

  • Page 350: Cgi Written In C

    PPENDIX CGI written in C * cusc_block.c * Description: sample C source code of CGI for customized block page * Replace <R3000 IP> with real IP and recompile before using * Revision: 1 * Date: 03/08/2004 #include <stdio.h> struct { char *name;...
  • Page 351 (strcmp(entries[index].name, "IP") == 0) strcpy(szIP, entries[index].val); else if (strcmp(entries[index].name, "URL") == 0) strcpy(szURL, entries[index].val); else if (strcmp(entries[index].name, "CAT") == 0) strcpy(szCategory, entries[index].val); else if (strcmp(entries[index].name, "USER") == 0) strcpy(szUserName, entries[index].val); printhtml(); void printhtml() , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 352 Customized Block Page (CGI written with C using Java Script to post form data)<br>\n"); printf("URL: %s<br>\n", szURL); printf("IP: %s<br>\n", szIP); printf("CAT: %s<br>\n", szCategory); printf("USER: %s<br>\n", szUserName);...
  • Page 353 = '\0'; if(line[x]) ++x; y=0; while(line[y++] = line[x++]); return word; void plustospace(char *str) register int x; for(x=0;str[x];x++) if(str[x] == '+') str[x] = ' '; char *fmakeword(FILE *f, char stop, int *cl) int wsize; , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 354 * Change the string to upper case int to_upper(char *string) int len; int i; char *tmp=NULL; if (string && strlen(string)) if (!(tmp=(char*)strdup(string))) return 0; len=strlen(string); for (i=0; i<len; i++) string[i]=toupper(tmp[i]); free(tmp); return 1; , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 355 PPENDICES ECTION PPENDIX void getquery(char *paramd, char **paramv) if (paramd == NULL) *paramv = NULL; else *paramv = (char *)strtok(paramd, "&"); void getnextquery(char **paramv) *paramv = (char *)strtok(NULL, "&"); , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 356: Override Pop-Up Blockers

    This appendix provides instructions on how to use an over- ride account if typical pop-up blocking software is installed, as in the following products: Yahoo! Toolbar, Google Toolbar, AdwareSafe, Mozilla Firefox, and Windows XP Service Pack 2 (SP2). , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 357: Yahoo! Toolbar Pop-Up Blocker

    1. Go to the Yahoo! Toolbar and click the pop-up icon to open the pop-up menu: Fig. 4:5-2 Select menu option Always Allow Pop-Ups From 2. Choose Always Allow Pop-Ups From to open the Yahoo! Pop-Up Blocker dialog box: , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 358 Pop-Ups list box to activate the Allow button. 4. Click Allow to move the selected source to the Always Allow Pop-Ups From These Sources list box. 5. Click Close to save your changes and to close the dialog box. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 359: Google Toolbar Pop-Up Blocker

    # blocked icon: Fig. 4:5-4 # blocked icon enabled Clicking this icon toggles to the Site pop-ups allowed icon, adding the override account window to your white list: Fig. 4:5-5 Site pop-ups allowed icon enabled , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 360: Adwaresafe Pop-Up Blocker

    3. Click the Override button to open the override account pop-up window. 4. Go back to the SearchSafe toolbar and click the icon for Popup protection off to toggle back to # popups blocked. This action turns on pop-up blocking again. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 361: Mozilla Firefox Pop-Up Blocker

    3. With the “Block unrequested popup windows” checkbox checked, click Allowed Sites and enter the URL to allow the override account window to pass. 4. Click OK to save your changes and to close the dialog box. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 362: Windows Xp Sp2 Pop-Up Blocker

    Internet Options to open the Internet Options dialog box. 2. Click the Privacy tab: Fig. 4:5-7 Enable pop-up blocking 3. In the Pop-up Blocker frame, check “Block pop-ups”. 4. Click Apply and then click OK to close the dialog box. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 363: Temporarily Disable Pop-Up Blocking

    1. In the Options page (see Fig. 4:5-1), enter your User- name and Password. 2. Press and hold the Ctrl key on your keyboard while simultaneously clicking the Override button—this action opens the override account pop-up window. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 364: Use The Ie Toolbar

    3. In the Options page (see Fig. 4:5-1), enter your User- name and Password. 4. Click the Override button to open the override account pop-up window. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 365: Set Up The Information Bar

    2. Click the Override button. This action displays the following message in the Information Bar: “Pop-up blocked. To see this pop-up or additional options click here...”: Fig. 4:5-10 Information Bar showing blocked pop-up status , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 366 NOTE: To view your white list, go to the Pop-up Blocker Settings dialog box (see Fig. 4:5-9) and see the entries in the Allowed sites list box. 6. Go back to the Options page and click Override to open the override account window. , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

  • Page 367: Glossary

    (block or open settings) to determine whether users should be denied or allowed access to that port. firewall mode - An R3000 set up in the firewall mode will filter all requests. If the request is appropriate, the original packet will pass unchanged.
  • Page 368 IM services specified in the library category. invisible mode - An R3000 set up in the invisible mode will filter all connections on the Ethernet between client PCs and the Internet, without stopping each IP packet on the same Ethernet segment.
  • Page 369 - A process that occurs when the R3000 attempts to resolve the IP address of the authentication server with the machine name of that server. This contin- uous and regulated automated procedure ensures the connection between the two servers is maintained.
  • Page 370 The user profile in the Radius accounting server holds the filter definition for the user. Real Time Probe - On the R3000, this tool is used for moni- toring the Internet activity of specified users in real time. The report generated by the probe lets the administrator know whether end users are using the Internet appropriately.
  • Page 371 PPENDICES ECTION PPENDIX router mode - An R3000 set up in the router mode will act as an Ethernet router, filtering IP packets as they pass from one card to another. While all original packets from client PCs are allowed to pass, if the R3000 determines that a request is inappropriate, a block page is returned to the client to replace the actual requested Web page or service.
  • Page 372 ECTION PPENDIX Traveler - 8e6’s executable program that downloads updates to your R3000 on demand or at a scheduled time. URL - An abbreviation for Uniform Resource Locator, the global address of Web pages and other resources on the Internet. A URL is comprised of two parts. The first part of the address specifies which protocol to use (such as "http").

  • Page 373: Index

    91 Block Page Authentication 69 Block Page Customization 78 Block Page Device 129 Block Page Route Table window 91 Block Page window 69 block setting 24 definition 349 button, terminology 4 calculator 59 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 374 22 definition 349 delete 304 menu 289 Custom Category menu 286 Diagnostics menu 95 dialog box, terminology 5 Enterprise Reporter 90 environment requirements 10 exception URL time profile 277 Exception URL window 271 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 375 200 report configuration 232 global administrator 1 add account 93 definition 349 global filtering profile 19 global group 17 category profile 178 default redirect URL 181 menu 168 port profile 179 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 376 64 update 202 instant messaging 28 definition 350 Internet Explorer 10 invisible mode 12 definition 350 diagram 12 diagram with port monitoring 13 IP group 18 create 195 diagram 18 Java Plug-in 10 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 377 URL keywords, 8e6 supplied category 219 URL keywords, custom category 297 URLs, 8e6 supplied category 215 URLs, custom category 291 weekly update 202 library categories 22 8e6 supplied 213 category codes list 314 custom 286 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 378 Library Update Log window 203 list box, terminology 5 Listening Device 129 backup/restore 144 ER 311 library update 203 library update message 318 R3000 log transfer 228 realtime traffic, usage 101 log off Administrator GUI 60 log on Administrator GUI 44 logon script path...
  • Page 379 351 Google Toolbar popup blocking 341 Mozilla Firefox popup blocking 343 override popup blockers 338 profile type 20 Windows XP SP2 popup blocking 344 Yahoo! Toolbar popup blocking 339 Override Account window 257 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 380 187 sub-group 264 time-based 273 profile string definition 352 elements 313 protocol, definition 352 Proxy Environment Settings window 131 proxy server 131 definition 352 pull-down menu, terminology 6 Quick Start Guide 44 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 381 NDEX R2000 1 R3000 Enterprise Filter 1 radio button, terminology 6 Radius definition 352 Radius Authentication Settings menu 147 Radius Authentication Settings window 147 Range to Detect window 169 Real Time Probe 352 Real Time Probe window 234 realtime traffic logs 101...
  • Page 382 166 category profile 265 copy 282 definition 353 delete 282 filter options 268 override account 257 paste 260 redirect URL 267 sub-topic 53 terminology 7 synchronization 114 backup procedures 41 definition 353 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 383 Time Profile window 273 time-based profile 70 TimeSlot tab 273 tolerance timer 156 tooltips 50 TOP CPU processes diagnostic tool 97 topic 52 terminology 7 Trace Route 97 Traveler 2 definition 354 tree 54 terminology 8 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 384 View Log File window 100 virtual IP address, definition 354 Web access logging 27 Web-based authentication block page authentication 70 white list, definition 354 wildcard 205 window, terminology 8 workstation requirements 10 X Strikes Blocking , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 385 NDEX global group filter option 183 sub-group filter option 269 X Strikes Blocking window 153 , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...
  • Page 386 NDEX , R3000 E ECHNOLOGIES NTERPRISE ILTER UIDE...

Table of Contents