Mettle Knowledge
Search:     Advanced search
Browse by category:
Contact Us
Mettle Knowledge / Mettle SE / Fine Tuning The Content Scanner

Fine Tuning The Content Scanner
Print
Email to friend
Add comment
Views: 1605
Votes: 2
Comments: 0
Posted: 01 Jul, 2008
by: Knowledge M.
Updated: 31 May, 2010
by: Knowledge M.
After general setup of content filters have been done it is necessary to fine tune them to achieve better performance and speed during Internet usage.

Fine tuning content filter means that there should be a fair understanding of what kind of Internet traffic to let through to LAN and what needs to be blocked. There are some very useful features inside Content Scanner that would help to fine tune traffic. 'Web Usage' analysis can come in handy to analyse the nature of traffic requested by hosts in LAN.

It is possible to fine tune content scanning for a particular group of users or for the entire LAN. Separate user groups should be defined to apply different set of rules for different users in LAN.

Fine tuning:
'Web Category Lists' is the basic level of tuning in which checking & un-checking different categories listed block websites coming under the respective category. You can block categories like Ads, Adult, Porn etc.. It is a blanket blocking method and you will not be able to specify specific URLs or domains to block or to let through.

To allow or block specific URLs/domains/server IP addresses; use 'Black List', 'Grey List' & 'White List' feature.

Black List
Black List is used to list URLs and domains that is to be unconditionally blocked. If a website/domain/ip address is Black Listed then that site will not be made available to Internet users.

Grey List
Sometimes it happens that if you block a category like 'Ads' then couple of useful sites will also get blocked. You can conditionally unblock these websites by using Greylist.

If a useful webresource is getting blocked due to the category block you can conditionally unblock it using Greylist. Grey List will allow a website/domain/ip address to be made available to Internet users after content and virus scanning has been completed and if the content is found to be within the limits. Grey List supersedes Black List.

White List
White List is allow all list and this list supersedes other two. If a website/domain/ip address is listed in White List, content scanning is not done and that website would be made available without scanning. This is useful to allow know resources to be passed through without any checks and as fast as possible.For eg: Banking websites, websites of educational institutions, own websites etc. White List supersedes Grey List and Black List.

For best performance you should analyse Traffic, speak to users on host machines, speak to department heads, take into account the institutional policy and devise a plan for efficient content filtering. Instead of using a blanket block on a certain categories, other than obvious ones like 'Porn' or 'Hacking', it is best to manually allow or disallow certain websites which are often requested by Internet user.
Also read
document Initial Configuration: Setting up Mettle SE in a Local Area Network with Internet Connection.
document Blocking GTalk in the LAN
document Blocking Yahoo! IM from the LAN

Others in this Category
document Initial Configuration: Setting up Mettle SE in a Local Area Network with Internet Connection.
document Default IP Address & Admin Password (And How To Change It?)
document Configuring DHCP Server
document Enabling The LAN Hosts To Use The Internet Connection (NATing)
document Adding A Second (Or More) Internet Connection To Mettle SE & Setting Up Failover/Load Balancing
document Monitoring The Internet Usage
document How To Turn On/Off The Content Filter & Gateway Antivirus Service
document Setting Up PPTP VPN accounts
document OpenVPN: Setting Up SSL-VPN accounts
document Setting Up IPsec VPN Accounts
document Deploying A Second LAN With Mettle SE.
document Choosing a VPN Technology
document Adding Firewall Rules
document Setting Up Mettle SE Stack for Active/Passive Fail-Over (CARP)
document Connecting & Securing a Leased Line Connection to Mettle SE
document Port Forwarding (PAT)
document Creating a DNS Entry/Record for the LAN
document Blocking GTalk in the LAN
document Blocking Yahoo! IM from the LAN
document OpenVPN: If VPN Clients Want to Access a Subnet other than "Local network"
document Setting up IPSec Tunnel
document Open VPN Troubleshooting
document PPTP VPN Troubleshooting
document NTP Client/Server
document Setting Up an IPSec VPN Client: Example Given Using Shrewsoft VPN Client
document Firewall: Alias
document Captive Portal
document Virtual IP Address
document OpenVPN: Setting Up a SSL-VPN Client in Windows
document Creating Tagged VLANs
document Cloning Firewall Rules
document IPsec VPN Troubleshooting
document Wake On LAN
document Inbound Loadbalancing
document OpenVPN: Setting up Certification Authority & Generating Certificates
document Changing default webGUI Port and Protocol
document Using Packet Capture
document Using Traceroute
document Package Updates
document OpenVPN: To make OpenVPN client use VPN as the Default Gateway
document OpenVPN: To exclude some Network from using VPN gateway when VPN is set as default gateway for VPN client
document Adding a Static DHCP Lease
document Schedule Based Firewall Rules
document RRD Graphs
document Server Load Balancing
document Firewall Logs
document Backup and Restore Mettle SE Running Configuration
document Event Logging To Remote Syslog Server
document Split DNS
document NAT Reflection/NAT Loopback
document Dynamic DNS


RSS
Powered by KBPublisher (Knowledge base software)