en-US
search-icon

Content Filtering Client 3.1 Getting Started Guide

Basic Administration

The administration tool for the Content Filtering Service is EPRS (Enforced Policy & Reporting System). It provides a common interface to manage the Content Filtering Client policies for clients on the network. The client pulls its policies from one of the registered policy servers that make up the solution.

This chapter describes how to use some of the EPRS features so you can get started. For more detailed information regarding administration with EPRS, refer to Enforced Client Policy & Reporting Server Administration Guide or browse https://support.sonicwall.com/product-support-forums.

Topics:

Accessing EPRS

The easiest way to access EPRS is to login to your MySonicWall account. You can also access it through links in the SonicOS interface, but that path also leads to MySonicWall.

Topics

Using MySonicWall

To access EPRS from MySonicWall:
1
Go to MySonicWall: https://www.mysonicwall.com/.
2
Login in using your account information.
3
Navigate to My Products > CFC Management.

4
On the next screen, select the network security appliance and administer it as needed.

Using SonicOS Interface

To access EPRS from the SonicOS interface:
1
Log into your firewall using administrator privileges.
2
Navigate to the Security Services > Client CF Enforcement page.
3
Follow the link to Create client policies and generate reporting using the Policy & Reporting Service by clicking here.

4
Login to EPRS using either your MySonicWall account or your firewall Authentication Code, which can be found on the System > Status page.

Viewing Status

Under the Policies tab, the System > Status page displays the status information for the appliance from which you accessed EPRS. Status information similar to the following displays:

General—Displays the appliance serial number.
Services—Displays the services licenced to the appliance including:
Name of the service
License status (Current or Expired)
Expiration date of the license
Nodes or client machines currently in use with the installed service
Total number of nodes available to be licenced
LDAP Settings—Identifies the LDAP Domain Alias, if available.

You can also synchronize the client license of the unit with the license manager on this page by clicking Synchronize with mySonicWALL.com.

Schedules

Select System > Schedules to view or change schedule groups.

Topics:

Viewing Schedules

The System > Schedules page allows you to view and edit schedule objects configured in EPRS. Click on the arrowhead to expand a specific schedule group for more details. Click on the edit icon of a particular schedule to change the values of the schedule object.

Adding a Schedule Group

You can create a Schedule Group with various times in which the schedule is enforced.

To add a Schedule Group:
1
Navigate to the System > Schedules page.
2
Click the Add Schedule Group link.

3
Enter the Name of the Schedule Group.
4
Select the Day(s) for the schedule to be enforced.
5
Specify the Start Time for the schedule to begin. Use a 24-hour format.
6
Specify the Stop Time for the schedule to end. Use a 24-hour format.
7
Click Add. This saves the newly created schedule, displaying the Day(s) and Time, in the text field. You can continue to create other schedules for this group by specifying the parameters, then clicking Add.

You can also delete a schedule in the text field by selecting the schedule and clicking Delete, or clicking Delete All to delete all schedules listed.

8
Click OK to save a Schedule Group.

Cloning a New Enforcement Policy

EPRS uses policies to define what content to block and what content to allow. SonicWall provides two default policies that can be used immediately: one for desktops and one for mobile devices. If you wish to develop a customized policy, SonicWall recommends cloning one of the default policies and then editing it to meet your needs.

 
* 
NOTE: The default policies cannot be edited or deleted.
To clone and edit a policy:
1
Navigate to the Enforcement > Policies page.
2
Click the clone icon for the policy that you want to clone.

3
On the Add Policy window, edit the Name and Comment fields.
 
* 
NOTE: For a cloned policy, the fields are already populated with text, but these fields are editable.

4
On the Agent Version Settings section, select the desired Agent Version from the drop-down list. This allows the policy to be configured for a specific Agent version. You can select General Release, Early Release, Alpha, Beta or a specific version of the release.
5
Navigate to the Content Filter tab.

6
Select the Default Local Policy from the drop-down list.
7
Select a Scheduled Local Policy from the drop-down list. This value determines when the policy is enforced.
8
Click OK.
* 
NOTE: For more information regarding Policies, refer to Enforced Client Policy & Reporting Server Administration Guide.

Adding a New Client Group

You can configure client groups on the Enforcement > Client Groups page. You can create new client groups or edit existing client groups. The Default Client Group can be edited, but not deleted. All clients requesting a policy for the first time are automatically added to the Default Client Group and are served with the policy defined for the group. The administrator can move a client to a different client group after initially being added.

To add a new client group:
1
Navigate to the Enforcement > Client Groups page on the Polices tab.
2
On the Enforcement > Client Groups page, click Add New Client Group.

3
Type a descriptive name into the Group Name field.

4
In the Comment field, enter a descriptive comment.
5
Select a policy for the group from the Desktop Policy drop-down list. All existing policies are available for selection.
6
Select a policy for the group from the Mobile Policy drop-down list. All existing polices are available for selection.
7
Click OK to complete.

Content Filtering Client Reports

The report section of the Content Filtering Client provides different reports summarizing the various events being tracked. The following illustrations are example of what they can show.

This report shows the different categories that were blocked by the CFC installed on the client systems.

This report shows the actual web sites that were blocked by the CFC under various categories.

This report shows the various systems, as well as the users logged into those systems, that are generating the blocked events.

These reports shows the detailed view of Blocked Events, which contains listing of Categories, Initiators, and Sites that generated Blocked events.