-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
Steps taken by CFS engine for web traffic
05/28/2020 
4 People found this article helpful
476,125 Views
Description
The SonicWall Content Filtering Service (CFS) delivers content filtering enforcement for educational institutions, businesses, libraries, and government agencies. With Content Filter policies and objects, you can control the websites students and employees can access using their IT-issued computers while behind the organization’s firewall.
To be able to configure it right and understand the best way to set it up, the flow of events taking place within CFS engine is essential.
Resolution
CFS must be licensed and enabled before you can use it.
An outline of how CFS works is as follows:
- A packet arrives and is examined by CFS.
- CFS checks it against the CFS Exclusion addresses configured on the MANAGE | Security Services | Content Filter page and allows it through if a match is found, meaning that the source/destination address is excluded from content filtering.
- CFS checks its policies to find the first policy that matches these conditions in the packet:
Source zone
Destination zone
Included Source Address object/group, but not matching the Excluded Source Address object/group
Included User/Group, but not matching the Excluded User/Group
Schedule
Enabled state
The CFS policies are arranged based on priority. Once a policy matches, all subsequent policies are not checked.
- Once the matching policy is found, it checks if the URL requested is already in the allowed or forbidden URL list/group for that policy and takes the necessary action. The order in which the lists are checked is also configurable on the CFS profile itself.
- It checks if the URL is added to any custom category on the firewall and takes action for that category based on the profile.
- If it is in neither of them, it determines the category of the website by contacting the CFS web server and takes the action listed for that specific category. Also, if a URL belongs to multiple categories and even one of them is allowed, the website will be allowed.
NOTE: If no policy is matched, the packet is passed through without any action by CFS.
CFS uses the CFS Profile defined in the matching policy to do the filtering and returns the corresponding action for this packet.- CFS performs the action defined in the CFS Action Object for the matching policy.
Related Articles
- How to Block Google QUIC Protocol on SonicOSX 7.0?
- How to block certain Keywords on SonicOSX 7.0?
- How internal Interfaces can obtain Global IPv6 Addresses using DHCPv6 Prefix Delegation
YES
NO