Web Filter 3

Web Filter 3 in 60 Minutes

Introduction

Your Lightspeed Systems Web Filter is the market-leading solution for content filtering in schools. It protects users and technology; ensures safe access without overblocking; reports on activity; and scales to meet your growing needs. Plus, it’s easy to use and manage, as you’re about to discover.

Prior to starting the Web Filter in 60 Minutes lesson, make sure that you have installed and configured your Lightspeed Rocket appliance. You can learn how to install and configure the Rocket here.

How does it work?

Content filtering is a primary feature of CIPA (Children’s Online Protection Act), as well as most school AUPs (Acceptable Use Policies) outlining web browsing behavior. A content filter allows schools to block content that is dangerous or inappropriate for minors. The Lightspeed Systems Web Filter ensures that users’ web browsing is in line with governmental requirements, including CIPA mandates, as well as Acceptable Use Policies–while they are on the network or when utilizing school computers off the network. Our education-specific database is comprehensive and accurate, ensuring that inappropriate sites are no longer a click away, but that valuable content remains available to users.

The Web Filter detects and/or blocks access to inappropriate material on the Internet based on our extensive, education-specific URL database with more than one billion entries, as well as your own custom allow and block lists. Our content filter groups sites into about 120 school-specific categories based on subject matter and age-appropriateness, providing easy review and administration.Our Web Filter is typically used with a Rocket appliance on site. When a user attempts to visit a site, the policy for the user is checked and the site is either blocked or allowed accordingly. We provide different methods for accomplishing this on mobile devices, depending on the platform.

Lightspeed Systems Content Database

Web Filter draws from Lightspeed’s Content Database, which consists of more than 1 billion domains, IPs, and URLs that are sorted into categories configured for education. The Web Filter blocks inappropriate traffic while allowing regular traffic through based on the categorization of sites within the Content Database. The Web Filter module uses Policies (known as Rule Sets) to control access to the Internet. These rule sets allow you to determine exactly which users get access to specific websites.

The Web Filter gives you full control over your users’ Internet browsing, including:

  • Ability to categorize all internet traffic
  • Ability to differentiate between the types of content teachers and students can access
  • Ability to sort web content into pre-set as well as custom categories
  • Ability to set schedules for rule sets
  • Ability to filter SSL traffic
  • Ability to run a variety of pre-set and custom reports on internet traffic and web usage by your users
  • And much more!

Policies

The Lightspeed Rocket Web Filter uses Policies (referred to as rule sets) to apply filter settings to devices, users, and groups in your organization. These Policies help ensure that your staff and students’ Internet use complies with government requirements, as well as your organization’s own Acceptable Use guidelines.

A Policy is made up of several elements, including:

  • Assignments, to identify the devices, users, and network segments to associate with a Rule Set
  • Rule Sets, to control how web filtering should be applied to assignees.
  • Content Categories, to identify categories of web sites and pages to allow or block
  • Referrers, to unblock embedded content served from trusted web sites
  • File Extensions, to identify potential malware and other “nuisance” files
  • Search Keywords, to identify inappropriate web searches
  • Override Users, to allow teachers to override the filter temporarily by logging into a student device
  • URL Patterns, to identify web pages that should be blocked or allowed outside the regular content categories
  • Schedules, to apply filter settings by day and time, including school holidays

 

We will go over every aspect of a policy in order to make sure that you are ready to dive into the Web Filter.

Logging in and Web Filter Basics

Before we dive right into the Web Filter, let’s review some Web Filter basiscs.

Logging In

Here is how to log into the Web Filter

  1. Open a web browser and navigate to the IP address of your Lightspeed Systems Rocket Appliance (for example, http://192.168.0.200).
  2. Log in as username admin, and the password you selected when you ran the setup wizard.
  3. If needed, select the tier and/or authentication source from the dropdown .
  4. Click Login.

Tip: Select (check) Remember Me to fill in your user name automatically.

Logging Out

Ready to leave? Remember to log out.

To end your current session, click the “key” icon at the bottom left corner of the page.

The Dashboard

After you log in, you will be taken to the Web Filter Dashboard.

dashboard

From the Dashboard, you can view current activity, including network traffic, system health, and a selection of summary reports.

Network Traffic

The Network Traffic graphs show activity for total throughput, and requests originating from within the network. These graphs show activity for the preceding ten minutes, and are refreshed automatically about every five seconds.

  • Hover the mouse over any point on the graphs to see a popup with more information.

r3networktraffic

  • Click the mouse on the time line at the bottom of the Requests graph to see a popup with links to relevant reports.

r3requests

Widgets

Adding Widgets to the Dashboard

You can add Widgets (Summary Reports) to the Dashboard to see aggregated information about activity on your Rocket Appliance.

To Add a Widget

  • 1. Navigate to the Dashboard (home page) of your Rocket Appliance.
  • 2. Scroll down and click Manage Widgets

  • 3. Select your widget from the list. Any report from the Web Filter: Summeries can be saved as a widget.

  • 4. Saving a widget is easy. Simply navigate to a Summary Report (ex. Top Allowed Categories), generate the report, and save it as a widget.  You will learn more about reports later in the course.

The following illustration shows an example of the Top Blocked Categories report.

r3dashboardsummary

  • Click an area of the graph for a popup with more information.
  • Click the Arrow (“V”) at the top right corner of the report for options

Note: For installations with multiple tiers, you can select the tier to view from this menu.

System Health

r3systemhealth

The System Health box provides a dynamic status report for the appliance.

  • A green “checkmark” indicates that the service is performing correctly.
  • A yellow “question mark” indicates a request for action, for example low disk space or memory, or an available software update. Click the name of the item to review the request.
  • A red “X” indicates that the service is in an error condition. Click the name of the item to navigate to a status page with additional information.

Notification Center

This page opens when you click the “Bell” icon in the top right area of the page. This page shows you a list of current “System Health” notifications, sorted from newest (top) to oldest (bottom). The Notifications page shows you system events that require your attention. Each entry in the list has a clickable link that takes you to page with more information on the event.

To dismiss items from the list, select (check) the checkbox next to the item, then click Mark as read.

When there are unread notifications in the Notification Center, a number will appear in the top navigation bar next to the “bell” icon. You should review and take action on these notifications promptly.

Tip: To receive email alerts, add your email address to your Profile, and select Log and Email Alerts in your Notification Settings.

Profile

This page opens when you click Profile in the top right area of the page. This page is where you view and edit your personal user settings: This page also lists current notifications and favorite reports.

User Settings

  • Authentication Source – When you log into the Rocket, your login credentials are verified with the authentication source indicated here. Note that you can only change the authentication source for user accounts account from Tier Management page for your tier (normally Root).
  • User name – This is the name you use to log into the .
  • Email – This is the email address to use for alerts and notifications generated by the software.
  • Description – This description appears under your Administrators account on the Tier Management page.
  • Language – Defaut language.

  • Role– Administrator roles are defined on the Tier Management page for your tier, and control access to specific administrative tasks on the Rocket. Note that you can only change the administrator role for user accounts account from the Tier Management page for your tier (normally Root).
  • Notifications – The Rocket can send you notifications of system activity and user actions. Choose Off, Log only, or Log and email alerts.
  • IP Ranges for reports – You can customize the scope for reports by entering IP ranges in this box. For example, if you always want to see reports for specific buildings or user types, enter each IP range on a separate line within the box.

Navigating Web Filter

Navigating the Web Filter is a breeze!

You can find the Web Filter within your Lightspeed Rocket Console. Log in to your Rocket and click on the Web Filter tab on the left-hand navigation menu in order to access the Web Filter.

This will pull up the Web Filter page. Similar to other Lightspeed Systems products, Web Filter utilizes a simple navigation mechanism, with a scroll-able menu on the left-hand side of the page. Clicking a category within the menu opens up the corresponding options in the larger right-hand window. The following image shows the Web Filter interface, with the navigation menu highlighted in red and the corresponding options window highlighted in green.

Clicking on each category within the right-hand navigation side opens up the corresponding options. The following screen shows the Authentication category selected in the left-hand menu with the corresponding options appearing in the right-hand window.

The right-side window will show the options for each category. You can scroll through the options using the right-side scroll bar. Options can be edited in a variety of ways within the Web Filter interface.

Certain options can simply be turned on and off by checking or unchecking the checkbox (4)

Ex.

5

Other options can be altered by adding or deleting. Click the green plus sign () to add to an option.

Ex.

Click the gray x (9) in order to delete an option.

Ex.

 

Other input options include basic text entry and drop down menu selection.

Ex.

 

Remember to click the green Save (12) button at the bottom right of the page to save your settings.

Important: New to Web Filter 3! You will now have to Deploy your settings.

The Deploy ( DEPLOYbutton pushes or “deploys” your Web Filter settings. You have to click the DEPLOYbutton in order for your settings to take effect within Web Filter.

The DEPLOYbutton is located on the top right navigational menu.

When you click the Deploy button, you will be prompted if you wish to deploy the changes. Click the blue Deploy button to confirm.

Take the quiz!

Database and Categorization

The Content Database is the core of the Web Filter module, and consists of millions of domains, IPs, and URLs combined, sorted into categories appropriate for education.

Our database is education specific. This means that in almost all cases any website that is necessary for the classroom is already categorized properly for education so the need to allow unknown or unverified websites for day-to-day classwork is not necessary.

We use a variety of methods for categorization including:

  • Internet crawlers that are constantly scanning new and existing websites for malware and inappropriate content.
  • Human review team that not only verifies change requests from users but also validates the crawlers.
  • The worldwide education community. Feedback from classrooms all over the world is sent back to our database team and processed. These changes are shared with all customers, so we are working together to create the most complete and accurate database for schools.

With our dynamic database, we can update all of the Rocket Web Filters worldwide within minutes if necessary. This takes the burden of real-time scanning off your individual Rocket and moves it out to the cloud where our resources and shared customer base can all help each other.

Our database is completely transparent. Users can find out how any domain is categorized with our Dynamic Database Lookup.

Many customers can use Lightspeed Systems default blocked and allowed categories without modification. However, you can override the default categories by adding Domains, IPs, or URLs to the Local-allow and Local-block categories. You can also create your own local categories containing Domains, IPS, or URLs that should be handled differently.

Local Categories

The simplest way to manage local categories is to use the Review, Unknown URLs, and Mobile Filter Unknown URLs reports to categorize the sites your users are attempting to access.

You can also edit the local categories by clicking the category name, and then adding sites manually.

  • Localallow – The local-allow category allows you to unblock sites that would ordinarily be blocked by the Lightspeed Systems database
  • Localblock – The local-block allows you to block sites that are normally allowed by the Lightspeed Systems database

Adding a Local Category

  • 1. Click Web Filter, then click Categories.
  • 2. On the Categories page, scroll down to Local Categories.

  • 3. In the Local Categories grid, click the green “+” icon. This action opens the following page:

  • 4. In the Add Local Category form, edit the fields as needed.
  • 5. Click Save to apply your changes, or click Cancel to discard your changes and return to the previous page.

Configurable Fields on this Page

  • Name – Enter a name for this Local Category. This name will be listed on the Edit Rule Set
  • Description – Enter a brief description.
  • Redirect URL – When a user requests a site within a blocked category, the user’s browser will be redirected to the URL you enter here.
    • Enter the destination URL for sites in this category. For example, you can redirect requests for Google.com, Yahoo.com, and other search engines to a child-safe site such as RefSeek.
    • Leave this field blank to redirect to the Access Page when a user requests a blocked site within this category.
  • Set default behavior to block – Select (check) this check box to block all sites in this list. Instead of opening the requested page, the Web Filter will either redirect the request to the Redirect URL specified above, or to the Access Page.

 

Editing a Local Category

  • 1. Click Web Filter, then click Categories.
  • 2. On the Categories page, scroll down to Local Categories.

  • 3. Click the name to edit the item. This action opens the following page:

  • 4. In the Edit Category form, edit the fields as needed.
  • 5. Click Save to apply your changes, or click Cancel to discard your changes and return to the previous page.

Configurable Fields on this Page

  • Name – Enter a name for this Local Category. This name will be listed on the Edit Rule Set
  • Description – Enter a brief description.
  • Redirect URL – When a user requests a site within a blocked category, the user’s browser will be redirected to the URL you enter here.
    • Enter the destination URL for sites in this category. For example, you can redirect requests for Google.com, Yahoo.com, and other search engines to a child-safe site such as RefSeek.
    • Leave this field blank to redirect to the Access Page when a user requests a blocked site within this category.

 

Deleting a Local Category

  • To delete (permanently remove) an item, mouse over the item you wish to remove, then click the X on the right side of the row. You will be prompted to confirm the action.

Caution: Items deleted this way are permanently removed, and cannot be recovered.

 

Redirect Categories

In additional to creating Local Categories, you can also redirect any of the predefined blocked content categories to a URL of your choice. For example, you can redirect all sites in the category kids_and_teens.chat to a single chat site such as Kidzworld. Learn more about Redirect Categories here.

Adding a Redirect Category

  • 1. Click Web Filter, then click Categories.
  • 2. On the Categories page, scroll down to Redirected Categories.

  • 3. In the Redirected Categories grid, click the green “+” icon. This action opens the following page:

  • 4. In the Add Redirected Category form, edit the fields as needed.
  • 5. Click Save to apply your changes, or click Cancel to discard your changes and return to the previous page.

Configurable Fields on this Page

  • Category – Select a content category from the dropdown list.
  • Redirect URL – Enter the destination URL for sites in this category.

 

Locked Categories

You can also utilize locked categories. Locked categories are content categories that should always be blocked, even to users with rule sets that would otherwise allow access. These are useful when you want to block potentially harmful content from reaching all of your users, no matter who they are. Learn more about Locked Categories here.

Adding a Locked Category

  • 1. Click Web Filter, then click Categories.
  • 2. On the Categories page, scroll down to Locked Categories.

  • 3. In the Locked Categories grid, click the green “+” icon. This action opens the following page:

  • 4. In the New Locked Category form, edit the fields as needed.
  • 5. Click Save to apply your changes, or click Cancel to discard your changes and return to the previous page.

Configurable Fields on this Page

  • Category – Select a content category from the dropdown list.

 

You can learn more about our database here.

Take the quiz!

Rule Sets

Rule Sets govern the Web Filter. Rule Sets determine exactly which users can access which internet content and in what way. Built-in and custom Rule Sets do not take effect until you assign the Rule Set to users, groups, organizational units, or devices on your network (with the exception of the Default Rule Set.) You will learn about Assignments in the next lesson.

Rule Sets

Rule Sets are lists of web site categories, keywords, and actions that control how users can access the Internet.

Built-in Rule Sets

First, let’s go over our built-in rule sets.

The Lightspeed Systems Web Filter module comes with three built-in rule sets:

  • Default – CIPA-compliant filtered access to Internet content. Content categories such as Adult and Forums, and sites in the Security category are blocked, while most other categories are allowed. The Lightspeed Systems Web Filter module applies this Rule Set to anyone who is not assigned to any other Rule Set.
  • Allow All – Unfiltered access to all Internet content, including Adult, Forums, and Security category, with the exemption of Unknown URLs and Sealed Categories.
  • Block All – No Internet access. All categories are blocked.

You can create local exceptions to define different content for your users. For example, you may want to allow access to Webmail sites for teachers, but not students. You would create two different Content Filter Property Sets:

  • One for teachers with Forums.Mail category allowed
  • One for Students with Forums.Mail blocked.

To simplify the process, you can use the three predefined Rule Sets as a starting point for your custom Rule Sets.

Now, let’s learn how to add, edit, and delete custom rule sets.

Adding a Rule Set

Important: Rule Sets do not take effect until you assign them.

  • 1. Click Web Filter, then open the Policy Management menu and click Rule Sets.
  • 2. In the Rule Sets grid, click the green “+” icon. This action opens the following page:

  • 3. In the New Rule Set form, edit the fields as needed.
  • 4. Click Save to apply your changes, or click Cancel to discard your changes and return to the previous page.

Configurable Fields on this Page

  • Name – Enter a name for this Rule Set.
  • Description – Enter a brief description for this Rule Set.
  • Copy Settings From – Select an existing rule set from the dropdown list to use as a template for your new rule set. This action populates your new rule set with allowed and blocked categories from the rule set you selected.

 

Editing a Rule Set

  • 1. Click Web Filter, then open the Policy Management menu and click Rule Sets.
  • 2. Click the name to edit the item. This action opens the following page:

  • 3. In the Edit Rule Set form, edit the fields as needed.
  • 4. Click Save to apply your changes, or click Cancel to discard your changes and return to the previous page.

Note: The built-in Rule Sets Allow All, Block All, and Default, are read-only and cannot be modified. To create an editable version of these Rule Sets, create a new Rule Set and select one of the built-in Rule Sets to use as a template.

Configurable Fields on this Page

 

Deleting a Rule Set

  • To delete (permanently remove) an item, mouse over the item you wish to remove, then click the X on the right side of the row. You will be prompted to confirm the action.

Caution: Items deleted this way are permanently removed, and cannot be recovered.

 

Rule Sets allow for a wealth of customization. Click on the following links to learn more about various Rule Set options:

You can learn more about Rule Sets here.

Take the quiz!

Assignments

Assignments are used to identify the devices, users, and network segments to associate with Rule Sets. Your Rule Sets will not work unless they are assigned to specific devices, users, or network segments.

First, let’s learn how to add, edit, and delete assignments.

Adding an Assignment

  • 1. Click Web Filter, open the Policy Management menu, then select Assignments.
  • 2. In the Assignments grid, click the green “+” icon. This action opens the following page:

  • 3. In the Add Assignment form, edit the fields as needed.
  • 4. Click Save to apply your changes, or click Cancel to discard your changes and return to the previous page.

Configurable Fields on this Page

  • Type – Select the assignment type from the dropdown list (User Name / OU, Computer Name / OU, IP Address / Range, MAC Address, or User Group)
  • Authentication Source – (for users, computers, or groups) Select the authentication source for this Assignee
  • Name – (for users, computers, or groups) Populated automatically when you select the computer, user, group, or OU from the Search results
    • Search field – (for users, computers, or groups) Type the name of the user, group, or OU, then click the Search icon to locate and select the name to use.
  • IP Address – Enter a single IPv4 or IPv6 address
  • IP Range / Mask – Enter a range of IPv4 or IPv6 addresses

Enter an IP address or range in the following format.

192.168.1.0 single IP address
192.168.1.0-192.168.1.254 range of IP addresses
192.168.1.0/24 CIDR notation for same range as above
  • Description – Enter a brief description
  • Web Filter Rules – Select a Web Filter Rule Set from the dropdown list.

Editing an Assignment

  • 1. Click Web Filter, open the Policy Management menu, then select Assignments.
  • 2. In the Assignments grid, click on any assigment to edit it. The following form will open.

  • 3. In the Assignments form, edit the fields as needed.
  • 4. Click Save to apply your changes, or click Cancel to discard your changes and return to the previous page.

 

Deleting an Assignment

  • To delete (permanently remove) an item, mouse over the item you wish to remove, then click the X on the right side of the row. You will be prompted to confirm the action.

Caution: Items deleted this way are permanently removed, and cannot be recovered.

 

Assignment Priorities

Policy Assignments are evaluated in order from top to bottom. The first one that matches the user’s authentication credentials will be used to apply the associated Rule Set. If no matches are found, the Default rule set will be applied.

Note: Policy Assignments configured for user names should be placed at the top so they will be evaluated first.

To change the evaluation order:

  • 1. Click Web Filter, open the Policy Management menu, then select Assignments.

r3-00877

  • 2. Left-click the mouse to select the item to move, then hold down the left mouse button and drag the item up or down in the list.
  • 3. Release the mouse button to apply your changes.

 

Assigning a Rule Set

If you have not already done so, create the custom Rule Set.

  • Click the dropdown list on the right side of the row to apply a different rule set to the assignee.

 

You can also assign Schedules. You will learn more about Schedules in the next lesson. Learn more about assigning a Schedule here.

 

You can learn more about Assignments here.

Take the quiz!

Schedules

Schedules control access to resources by time. These rules allow you to choose specific times of day, and days of the week to apply Rule Sets. For example, you may want to apply the Default rule set during work/school hours, and then switch to a custom rule set for evenings and weekends.

First, let’s learn how to add, edtit, and delete a schedule and schedule rules.

Adding a Schedule

If you have not already done so, create the Schedule.

  • Click the dropdown list on the right side of the row to apply a schedule to the assignee.

 

Deleting a Schedule

  • To delete (permanently remove) an item, mouse over the item you wish to remove, then click the X on the right side of the row. You will be prompted to confirm the action.

Caution: Items deleted this way are permanently removed, and cannot be recovered.

 

Adding a Rule Set to a Schedule

  • 1. Click Web Filter, then open the Policy Management menu and click Schedules.
  • 2. Click the name of the schedule to view the schedule.
  • 3. On the View Schedule page, click the green “+” icon. This action opens the following page:

  • 4. In the Add New Rule form, edit the fields as needed.
  • 5. Click Save to apply your changes, or click Cancel to discard your changes and return to the previous page.

Note: You can add multiple rules to a schedule.

Configurable Fields on this Page

  • Rule Set – Select a rule set to apply to this rule.
  • Description – Enter a brief description.
  • Days – Select (check) the checkboxes for the days to apply this rule, or click All, None, Weekdays, Weekends, or School Out.
  • Time – Select All Day, or select Specified time range and choose the start and end times.

 

Editing a Rule Set in a Schedule

  • 1. Click Web Filter, then open the Policy Management menu and click Schedules.
  • 2. Click the name to edit the item. This action opens the following page:
  • 3. Click on the Rule Set to edit the Rule Set. The following will open. From here you can change the Rule Set and add a description.
  • 4. Click on the schedule name to edit the schedule. The following will open.
  • 4. In the Schedule Rule Sets form, edit the fields as needed.
  • 5. Click Save to apply your changes, or click Cancel to discard your changes and return to the previous page.

Configurable Fields on this Page

  • Rule Set – Select a rule set to apply to this rule.
  • Description – Enter a brief description.
  • Days – Select (check) the checkboxes for the days to apply this rule, or click All, None, Weekdays, Weekends, or School Out.
  • Time – Select All Day, or select Specified time range and choose the start and end times.

 

Deleting a Rule Set from a Schedule

  • To delete (permanently remove) an item, mouse over the item you wish to remove, then click the X on the right side of the row. You will be prompted to confirm the action.

Caution: Items deleted this way are permanently removed, and cannot be recovered.

 

You can learn more about Schedules here.

Take the quiz!

Allowed Referrers

If users access an allowed website that incorporates content from blocked websites the content from those websites will be blocked.

You can use the Allowed Referrers page to create lists of domains that can load content from websites that are normally blocked.

For example, many school sites utilize content from outside sites that are normally blocked. If you add www.myschooldomain.edu as an allowed referrer, it would allow outside content when being referred from that domain. This, however, would not extend to the actual content itself should a user attempt to load such content directly.

First, let’s learn how to add, edit, and delete Allowed Referrers. Then, let’s explore how to assign an Allowed Referrer List to a rule set.

Adding an Allowed Referrers List

Note: Allowed Referrers Lists do not take effect until you assign them to a Rule Set.

  • 1. Click Web Filter, then click Allowed Referrers.
  • 2. In the Allowed Referrers grid, click the green “+” icon. This action opens the following page:

  • 3. In the New Allowed Referrers List form, edit the fields as needed.
  • 4. Click Save to apply your changes, or click Cancel to discard your changes and return to the previous page.

Note: HTTPS traffic is not affected by referrers.

Configurable Fields on this Page

  • Name – Enter a name for this Allowed Referrers List. This name will be listed in the Allowed Referrers grid on the Edit Rule Set page.

  • Description – Enter a brief description for this Allowed Referrers List.
  • Referrer List – Add domains that can be trusted as referrers for embedded content and links. URLs (web links) must be in the proper format. Do not include “http://” or “https://” in the URL.

Note that you can use wildcards (placeholders) to allow or block all pages matching the wildcard. The wildcard character is an asterisk (*) which means “any number or combination of letters”.

Note also that you can specify IP addresses as well as URLs in the list.

Examples

Type Entry Explanation
Domain sample.com Allow or block everything on the sample.com domain
Site *.domain.com/directory/* Allow or block everything in a certain directory
Top Level Domain *.info/* or *.ru/* Allow or block an entire top-level domain name
Proxies */nph-*.cgi/*/http/* Block unknown proxy servers
Text within a URL *text* Allow or block any URL containing “text” within the string.
IP address 66.17.63.1 A complete single valid routable internet IP address. No wildcards (e.g., *) allowed.Note: You should only use IP addresses that show up in the URL of a request. URL patterns do not look at the destination IP address.

Note: Sites in the porn and security categories will always be blocked.

 

Editing an Allowed Referrers List

Note: Allowed Referrers Lists do not take effect until you assign them to a Rule Set.

  • 1. Click Web Filter, then click Allowed Referrers.
  • 2. On the Allowed Referrers page, click the name to edit the item. This action opens the following page:

  • 3. In the Edit Allowed Referrers List form, edit the fields as needed.
  • 4. Click Save to apply your changes, or click Cancel to discard your changes and return to the previous page.

Configurable Fields on this Page

  • Name – Enter a name for this Allowed Referrers List. This name will be listed in the Search Engines grid on the Edit Rule Set page.

  • Description – Enter a brief description for this Allowed Referrers List.
  • Referrer List – Add domains that can be trusted as referrers for embedded content and links. URLs (web links) must be in the proper format. Do not include “http://” or “https://” in the URL.

Note that you can use wildcards (placeholders) to allow or block all pages matching the wildcard. The wildcard character is an asterisk (*) which means “any number or combination of letters”.

Note also that you can specify IP addresses as well as URLs in the list.

Examples

Type Entry Explanation
Domain sample.com Allow or block everything on the sample.com domain
Site *.domain.com/directory/* Allow or block everything in a certain directory
Top Level Domain *.info/* or *.ru/* Allow or block an entire top-level domain name
Proxies */nph-*.cgi/*/http/* Block unknown proxy servers
Text within a URL *text* Allow or block any URL containing “text” within the string.
IP address 66.17.63.1 A complete single valid routable internet IP address. No wildcards (e.g., *) allowed.Note: You should only use IP addresses that show up in the URL of a request. URL patterns do not look at the destination IP address.

Note: Sites in the porn and security categories will always be blocked.

 

Deleting an Allowed Referrers List

Note: You cannot delete an Allowed Referrers List if it has been assigned to a rule set.

  • To delete (permanently remove) an item, mouse over the item you wish to remove, then click the X on the right side of the row. You will be prompted to confirm the action.

Deleting Allowed Referrer List

Caution: Items deleted this way are permanently removed, and cannot be recovered.

The following video briefly demonstrates how to delete an Allowed Referrers List

Assigning an Allowed Referrers List to a Rule Set

If you have not already done so, create the Allowed Referrers List.

  • 1. Click Web Filter, then open the Policy Management menu and click Rule Sets.

Rule Sets2

  • 2. Click the name to edit the Rule Set.
  • 3. On the Rule Set page, scroll down to Search Engines.

r3-00842

  • 4. Select (check) each allowed referrer to assign to this Rule Set.
  • 5. Click Save to apply your changes, or click Cancel to discard your changes and return to the previous page.

The following video briefly demonstrates how to assign an Allowed Referrer to a Rule Set

 

Learn more about Allowed Referrers on our Community Site. 

Take the quiz!

Additional Policies

There are a variety of additional helpful Web Filter policy categories. This lesson will briefly go over these categories.

Blocked File Extensions

In addition to blocking access to content by IP addresses and websites, you can block access to file downloads by file extension. The Blocked File Extensions page is where you define File Extension lists to filter. A File Extension list contains extensions the Web module should block when a user attempts to download content matching the list.

The Lightspeed Systems Web Filter includes four predefined File Extension lists: Audio, Compressed, Executable, and Video. Each list contains file extensions for the most common file types in each category. You can add file extensions to each list, or you can create your own lists.

Here are some examples of when you should block file extensions:

  • If you do not want users on your network to download and apply OS updates that have not yet been tested by your local IT administrators, you’ll want to block executables from sites like Microsoft Update. To do so, you’ll assign the Executable Files list to teacher and student rule sets by category (see video below.)
  • If you want to limit streaming media to conserve bandwidth and still allow access to news on sites like CNN, use the Video Files list.

You can also create your own lists of blocked file extensions, to block file types not included in the four built-in lists, such as file types that sometimes contain executable code, including macro-enabled document templates (dotm), installer files (msi), script files (vbs, pl, py and others), Windows help files (hlp and chm), registry entries (reg), and so on.

Check out the Blocked File Extensions documentation on the Community Site to learn how to learn more about blocked file extensions.

Blocked Search Keywords

You can also block what users can search for based on a keywords list. The Blocked Search Keywords page is where you define words the Web Filter module should block when a user attempts to search for web sites to visit. If a user’s search text matches an entry in a blocked keyword list, the search query is blocked, as the following image illustrates.

imageno

Use this page to add and update lists of inappropriate search keywords.

Check out the Blocked Search Keywords documentation on the Community Site to learn how to learn more about blocked file extensions.

Custom Access Pages

This page lists Custom Access Pages and Assignments. From this page, you can add or edit your Custom Access Pages.

The Access Page appears when a user tries to visit a web page that has been blocked by the user’s Policy. The Access Page shows the site name and reason for blocking. Depending on how you configured the user’s Rule Set, the Access Page can prompt the user to authenticate, override, or submit the blocked site for review.

Each Rule Set can have its own Custom Access Page. Use this page to create Access Pages (block pages) with your own images and text.

Check out the Custom Access Pages documentation on the Community Site to learn how to learn more about blocked file extensions.

Override Users

You can use this page to configure lists of users, user OUs, or user groups who can override the web filter when they attempt to visit a page that is blocked by their Rule Set.

Check out the Override Users documentation on the Community Site to learn how to learn more about blocked file extensions.

URL Patterns

URL Patterns are lists of domains, pages, IP addresses, or text within URLs that can override the “allow” or “block” settings for a Database Category in a Rule Set.

Use URL patterns to create “exceptions” for URLs that should be handled differently from the category settings for the domain. For example:

  • Allow individual videos from a video site that would otherwise be blocked.
  • Temporarily allow or block sites or pages without having to recategorize them.
  • Block an entire top level domain such as “.info”, which is a popular location for proxies.

Caution: Sites that match a URL Pattern will override “Force safe search” in the rule set where the URL Pattern is assigned. For example, adding google.com or youtube.com to a URL pattern will effectively disable Safe Search.

Note: For most applications, categorization is the preferred method for allowing and blocking URLs. URL patterns, especially those with wildcards, can impact performance if used to excess.

Note: A URL pattern is not active until you assign it to a rule set.

Check out the URL Patterns documentation on the Community Site to learn how to learn more about blocked file extensions.

Take the quiz!

Mobile Devices

Your mobile devices can be filtered both on and off the network. Use the Mobile Devices page to configure how the Web Filter manages Internet access on mobile devices.

Mobile Filter

Mobile filtering is a feature of our Web Filter that provides for cross-platform filtering on Mac, iOS, Windows, Android, and Linux operating systems.

Mobile filtering is delivered in several ways:

  • With a Rocket on your network, any mobile devices that connect to the Internet through your school network are filtered.
  • Off-network filtering is provided through mobile filter agents, kernel-level filters, browser replacements, and the global proxy option.

Mobile filtering works with Mac, iOS, Windows, Android, and Linux operating systems.

In order to use the Mobile Filter, you will need to authenticate your mobile devices. Let’s look at that next.

Adding a Mobile Device Authentication Source

If you have not already done so, add an Authentication Source in your Lightspeed Rocket settings.

  • 1. Click Web Filter, then click Mobile Devices.
  • 2. On the Mobile Devices page, scroll down to Authentication Sources.

  • 3. In the Authentication Sources grid, click the green “+” icon. This action opens the following page:

  • 4. In the Add Authentication Source form, check the box next to the authentication sources you want to add.
  • 5. Click OK to apply your changes.

 

Deleting a Mobile Device Authentication Source

  • To delete (permanently remove) an item, mouse over the item you wish to remove, then click the X on the right side of the row. You will be prompted to confirm the action.

Caution: Items deleted this way are permanently removed, and cannot be recovered.

 

Changing the Evaluation Order of a Mobile Authentication Source

Authentication Sources are evaluated in order from top to bottom. The first one that matches the user’s authentication credentials will be used to apply the associated Rule Set and Assignment. If no matches are found, the Default rule set will be applied.

To change the evaluation order:

  • 1. Click Web Filter, then click Mobile Devices.
  • 2. On the Authentication page, scroll down to Authentication Sources.

r3-00833

  • 3. Left-click the mouse to select the item to move, then hold down the left mouse button and drag the item up or down in the list.
  • 4. Release the mouse button, then click Save to apply your changes.

The following video briefly demonstrates how to change the evaluation order of a Mobile Device Authentication Source

 

You can learn more about Mobile Devices here. 

Take the quiz!

Web Filter Reports

Introduction

The Web Filter Module provides a variety of pre-installed reports, as well as the ability to create your own custom reports. Reporting helps you maximize the effectiveness of the Web Filter and identify potential issues and their causes, such as:

  • What searches and sites have been blocked?
  • Which sites are users visiting on mobile devices?
  • Which users are being locked out by the filter for multiple inappropriate searches and website requests?
  • Which uncategorized URLs are your users visiting?

Reports can be run in real time as well as scheduled for the future. Reporting truly allows you to maximize the effectiveness of the Web Filter as well as to identify potential issues and their causes.

Selecting the Time and Date

To change the reporting period, open the dropdown menu beside the report title. To select a standard date range, or select Custom range to specify start and end dates for the report.

Selecting Columns

  • Click the gear button [gear] to select columns to view in the current report.

Selecting Filters

Filters allow you to limit the report to include only the information you want to see.

There are two ways to filter reports:

  • Click the Data Options button [Clip 009] in the upper right corner to open the Data Options sidebar.

  • The following will open. Click any filter to apply that filter to the report.

  • Select whether you want to filter for the filter (ex. Action) by choosing Is or Is Not in the first drop down menu. Choose your desired filter attribute (ex. Allowed) in the second drop down menu. Click the green + sign to add the filter. Click Generate Report to apply all your filters to the report.

Find something suspicious in a report? Maybe a keyword search that includes “bomb”, ‘how to kill myself’ or “homemade bong’? You can click on that keyword, choose Quick Filter, and quickly see how many times it’s been searched for and by whom. Or click a username and Quick Filter to refine the report to just that user and see what else they’ve been searching for or visiting.

Then, you can click another item in the report grid and select Add to filter to automatically add that item to the Data Options pane. Click Apply to display the filtered results.

Exporting or Printing a Report

  • 1. Click the Send [r3-00246] button to export and email the current report as a CSV or PDF file.

This action opens the following box:

  • 2. Enter the recipients’ email addresses, then click Ok. (Separate multiple email addresses with commas.) Once generated, users will receive an email message with a link to download the report.

Exporting or Prinitng a Report2

Note: Scheduled reports will be available to download for 7 days.

Sorting a Report

  • Click any column heading to sort in ascending order. Click again to sort in descending order.
  • Some report types, for example Activity Logs, open a dropdown menu when you click a column heading.
    • Summarize – Create a Summary Report based on the selected column
    • Sort ASC – Sort the column in ascending order (A to Z)
    • Sort DESC – Sort the column in descending order (Z to A)

Scheduling a Report

Scheduled reports are built-in or custom reports that are emailed to one or more users either daily, or once a week. Scheduled reports are listed under the Scheduled category for easy access.

Learn more about scheduling a report at the following links:

Types of Reports

The Web Filter has a large variety of highly useful reports.

Click on the following to learn more about each kind of report.

We suggest that you browse through the various report types within your Web Filter interface and determine which are the best for you. You can then save your favorites by clicking the “star” icon to the left of the report title. These will then display in the left-hand navigation menu under a new subheader, Favorites.

Take the quiz!

Troubleshooting

You are now ready to start using Lightspeed Systems’ Web Filter!

Check out these additional resources for more information and solutions: