COMPREHENSIVE INTERNET SECURITY ™

SonicWALL Content Filtering Service - Premium

Administrator's Guide
SonicWALL,Inc.
1143 Borregas Avenue T: 408.745.9600 www.sonicwall.com
Sunnyvale,CA 94089-1306 F: 408.745.9300

© 2002 SonicWALL, Inc. SonicWALL is a registered trademark of SonicWALL, Inc. Other product and company names mentioned herein may be
trademarks and/ or registered trademarks of their respective companies. Specifications and descriptions subject to change with out notice.

P/ N 232- 000455- 00
Rev A 11/ 03
Table of Contents
Preface .......................................................................................... 1
Copyright Notice ........................................................................................ 1
Limited Warranty ....................................................................................... 1
SonicWALL Content Filtering Service - Premium ......................... 3
About this Guide ............................................................................ 3
Guide Conventions .................................................................................... 4
Icons Used in this Guide ...................................................................... 4
SonicWALL Technical Support .................................................................. 4
Activating SonicWALL CFS Premium ........................................... 5
mySonicWALL.com ................................................................................... 5
Activating CFS Premium ........................................................................... 5
Activating a CFS Premium FREE TRIAL .................................................. 6
Security Services>Content Filtering .............................................. 7
Content Filter Status .................................................................................. 7
Content Filter Type .................................................................................... 8
Restrict Web Features ............................................................................... 8
Trusted Domains ....................................................................................... 9
Message to Display when Blocking ........................................................... 9
Configuring SonicWALL CFS Premium ...................................... 10
CFS ......................................................................................................... 10
Settings .............................................................................................. 10
URL Cache ........................................................................................ 10
URL Rating Review ............................................................................ 12
Policy ....................................................................................................... 12
Creating a CFS Policy ........................................................................ 13
Custom List ............................................................................................. 15
Consent ................................................................................................... 16
Web Usage Consent .......................................................................... 16
Mandatory IP Filtering ........................................................................ 17
Enabling Default CFS Enforcement by Zones ............................ 18
Applying Custom CFS Policy Enforcement to Groups ................ 19

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 1

Content Filtering Service Premium Categories ........................... 20
1. Violence/Hate/Racism ......................................................................... 20
2. Intimate Apparel/Swimsuit ................................................................... 20
3. Nudism ................................................................................................ 20
4. Pornography ........................................................................................ 20
5. Weapons ............................................................................................. 21
6. Adult/Mature Content .......................................................................... 21
7. Cult/Occult ........................................................................................... 21
8. Drugs/Illegal Drugs .............................................................................. 21
9. Illegal Skills/Questionable Skills .......................................................... 21
10. Sex Education ................................................................................... 22
11. Gambling ........................................................................................... 22
12. Alcohol/Tobacco ................................................................................ 22
13. Chat/Instant Messaging (IM) ............................................................. 22
14. Arts/Entertainment ............................................................................. 23
15. Business and Economy ..................................................................... 23
16. Abortion/Advocacy Groups ................................................................ 23
17. Education .......................................................................................... 23
19. Cultural Institutions ............................................................................ 23
20. Online Banking .................................................................................. 24
21 Online Brokerage and Trading ........................................................... 24
22. Games ............................................................................................... 24
23. Government ....................................................................................... 24
24. Military ............................................................................................... 24
25. Political/Advocacy Groups ................................................................. 25
26. Health ................................................................................................ 25
27. Information Technology/Computers .................................................. 25
28. Hacking/Proxy Avoidance Systems ................................................... 25
29. Search Engines and Portals .............................................................. 26
30. E-Mail ................................................................................................ 26
31. Web Communications ....................................................................... 26
32. Job Search ........................................................................................ 26
33. News and Media ................................................................................ 26
34. Personals and Dating ........................................................................ 27
35. Usenet News Groups ........................................................................ 27
36. Reference .......................................................................................... 27
37. Religion ............................................................................................. 27
38. Shopping ........................................................................................... 27

Page 2 SonicWALL Content Filtering Service Premium Administrator’s Guide

39. Internet Auctions ............................................................................... 28
40. Real Estate ........................................................................................ 28
41. Society and LifeStyle ......................................................................... 28
42. Gay and Lesbian Issues .................................................................... 28
43. Restaurants and Dining ..................................................................... 28
44. Sports/Recreation .............................................................................. 29
45. Travel ................................................................................................ 29
46. Vehicles ............................................................................................. 29
47. Humor/Jokes ..................................................................................... 29
48. MP3/Streaming .................................................................................. 29
50. Freeware/Software Downloads ......................................................... 30
51. Pay to Surf Sites ................................................................................ 30
53. Kid Friendly ....................................................................................... 30
54. Advertisement ................................................................................... 30
55. Web Hosting ...................................................................................... 30
56. Other ................................................................................................. 30
64. Not Rated .......................................................................................... 30

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 3

Page 4 SonicWALL Content Filtering Service Premium Administrator’s Guide
Preface
Copyright Notice
©
2003 SonicWALL, Inc. All rights reserved.
Under the copyright laws, this manual or the software described within, can not be copied, in
whole or part, without the written consent of the manufacturer, except in the normal use of the
software to make a backup copy. The same proprietary and copyright notices must be affixed
to any permitted copies as were affixed to the original. This exception does not allow copies
to be made for others, whether or not sold, but all of the material purchased (with all backup
copies) can be sold, given, or loaned to another person. Under the law, copying includes
translating into another language or format.
SonicWALL is a registered trademark of SonicWALL, Inc.
Other product and company names mentioned herein can be trademarks and/or registered
trademarks of their respective companies.
Specifications and descriptions subject to change without notice.

Limited Warranty
SonicWALL, Inc. warrants that commencing from the delivery date to Customer (but in any
case commencing not more than ninety (90) days after the original shipment by SonicWALL),
and continuing for a period of twelve (12) months, that the product will be free from defects
in materials and workmanship under normal use. This Limited Warranty is not transferable
and applies only to the original end user of the product. SonicWALL and its suppliers' entire
liability and Customer's sole and exclusive remedy under this limited warranty will be
shipment of a replacement product. At SonicWALL's discretion the replacement product may
be of equal or greater functionality and may be of either new or like-new quality. SonicWALL's
obligations under this warranty are contingent upon the return of the defective product
according to the terms of SonicWALL's then-current Support Services policies.
This warranty does not apply if the product has been subjected to abnormal electrical stress,
damaged by accident, abuse, misuse or misapplication, or has been modified without the
written permission of SonicWALL.

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 1

 DISCLAIMER OF WARRANTY. EXCEPT AS SPECIFIED IN THIS WARRANTY, ALL
EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS, AND WARRANTIES
INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTY OR CONDITION OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT,
SATISFACTORY QUALITY OR ARISING FROM A COURSE OF DEALING, LAW, USAGE,
OR TRADE PRACTICE, ARE HEREBY EXCLUDED TO THE MAXIMUM EXTENT
ALLOWED BY APPLICABLE LAW. TO THE EXTENT AN IMPLIED WARRANTY CANNOT
BE EXCLUDED, SUCH WARRANTY IS LIMITED IN DURATION TO THE WARRANTY
PERIOD. BECAUSE SOME STATES OR JURISDICTIONS DO NOT ALLOW LIMITATIONS
ON HOW LONG AN IMPLIED WARRANTY LASTS, THE ABOVE LIMITATION MAY NOT
APPLY TO YOU. THIS WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS, AND YOU
MAY ALSO HAVE OTHER RIGHTS WHICH VARY FROM JURISDICTION TO
JURISDICTION. This disclaimer and exclusion shall apply even if the express warranty set
forth above fails of its essential purpose.
DISCLAIMER OF LIABILITY. SONICWALL'S SOLE LIABILITY IS THE SHIPMENT OF A
REPLACEMENT PRODUCT AS DESCRIBED IN THE ABOVE LIMITED WARRANTY. IN
NO EVENT SHALL SONICWALL OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES
WHATSOEVER, INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF
PROFITS, BUSINESS INTERRUPTION, LOSS OF INFORMATION, OR OTHER
PECUNIARY LOSS ARISING OUT OF THE USE OR INABILITY TO USE THE PRODUCT,
OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL, OR PUNITIVE
DAMAGES HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY
ARISING OUT OF THE USE OF OR INABILITY TO USE HARDWARE OR SOFTWARE
EVEN IF SONICWALL OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY
OF SUCH DAMAGES. In no event shall SonicWALL or its suppliers' liability to Customer,
whether in contract, tort (including negligence), or otherwise, exceed the price paid by
Customer. The foregoing limitations shall apply even if the above-stated warranty fails of its
essential purpose. BECAUSE SOME STATES OR JURISDICTIONS DO NOT ALLOW
LIMITATION OR EXCLUSION OF CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE
ABOVE LIMITATION MAY NOT APPLY TO YOU.

Page 2 SonicWALL Content Filtering Service Premium Administrator’s Guide

SonicWALL Content Filtering Service - Premium
SonicWALL Content Filtering Services Premium (CFS Premium) enforces protection and
productivity policies for businesses, schools and libraries to reduce legal and privacy risks
while minimizing administration overhead. SonicWALL CFS Premium provides network
administrators with greater control by automatically and transparently enforces acceptable
use policies.
SonicWALL CFS Premium utilizes a dynamic database of millions of URLs, IP addresses and
domains to block 56 categories of objectionable, inappropriate or unproductive Web content.
At the core of SonicWALL CFS Premium is an innovative rating architecture that cross
references all Web sites against the database at worldwide SonicWALL co-location facilities.
A rating is returned to the SonicWALL and then compared to the content filtering policy
established by the administrator. Almost instantaneously, the Web site request is either
allowed through or a Web page is generated by the SonicWALL informing the user that the
site has been blocked according to policy.
SonicWALL CFS Premium gives administrators the flexibility to enforce content filtering on
Zones as well as custom content filtering policies for groups of users on the network. For
example, a school can create one policy for teachers and another for students.
With SonicWALL CFS Premium, network administrators have a flexible tool to provide
comprehensive filtering based on keywords, time of day, trusted and forbidden domain
designations, and file types such as Cookies, Java™ and ActiveX® for privacy. SonicWALL
CFS Premium automatically updates the filters, making maintenance substantially simpler
and less time consuming.
SonicWALL CFS Premium can also be customized to add or remove specific URLs from the
blocked list and to block specific keywords. When a user attempts to access a site that is
blocked by the SonicWALL, a customized message is displayed on the user’s screen.
SonicWALL Internet Security Appliances can also be configured to log attempts to access
sites on the SonicWALL Content Filtering Service database, on a custom URL list, and on a
keyword list to monitor Internet usage before putting new usage restrictions in place.

About this Guide

Welcome to the SonicWALL Content Filtering Service Premium Administrator’s Guide.
This manual provides the information you need to successfully activate, configure, and
administer SonicWALL CFS Premium Business Edition and the SonicWALL CFS Premium
Government/Education Edition on SonicWALL Internet Security Appliances running SonicOS
Enhanced 2.0.0.0 or higher.
The audience for this guide is administrators who are concerned with enforcement of
Acceptable Use Policies to improve protection and productivity policies to reduce legal and
privacy risks while minimizing administration overhead. You should be familiar with the
features, functions, and operating characteristics of SonicWALL Internet Security Appliances.

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 3

Guide Conventions
Conventions used in this guide are as follows:

Convention Use

Bold Highlights items you can select on the SonicWALL

Management Interface.

Italic Highlights a value to enter into a field. For example, “type

192.168.168.168 in the IP Address field.”

Menu Item>Menu Item Indicates a multiple step Management Interface menu

choice. For example, “Security Services>Content Filter
means select Security Services, then select Content Filter.

Icons Used in this Guide

These special messages refer to noteworthy information, and include a symbol for quick
identification:

Alert! Important information that cautions about features affecting firewall performance, security
features, or causing potential problems with your SonicWALL.

Tip! Useful information about security features and configurations on your SonicWALL.

Note: Important information on a feature that requires callout for special attention.

SonicWALL Technical Support

For timely resolution of technical support questions, visit SonicWALL on the Internet at <http:/
/www.sonicwall.com/services/support.html>. Resources are available to help you resolve
most technical issues or contact SonicWALL Technical Support.

Phone: (408) 745-9600

Fax: (408) 745-9300

Web: http://www.sonicwall.com

E-mail: sales@sonicwall.com

Page 4 SonicWALL Content Filtering Service Premium Administrator’s Guide

Activating SonicWALL CFS Premium
If you do not have SonicWALL CFS Premium activated on your SonicWALL, you must
purchase SonicWALL CFS Premium from a SonicWALL reseller or from your
mySonicWALL.com account (limited to customer in the USA and Canada).

mySonicWALL.com
mySonicWALL.com delivers a convenient, one-stop resource for registration, activation, and
management of your SonicWALL products and services. Your mySonicWALL.com account
provides a single profile to do the following:
• Register your SonicWALL Internet Security Appliances
• Purchase/Activate SonicWALL Security Services and Upgrades
• Receive SonicWALL firmware and security service updates and alerts
• Manage (change or delete) your SonicWALL security services
• Access SonicWALL Technical Support
Creating a mySonicWALL.com account is easy and free. Simply complete an online
registration form. Once your account is created, you can register SonicWALL Internet
Security Appliances and activate any SonicWALL Security Services associated with the
SonicWALL.
Your mySonicWALL.com account is accessible from any Internet connection with a Web
browser using the HTTPS (Hypertext Transfer Protocol Secure) protocol to protect your
sensitive information. You can also access mySonicWALL.com license and registration
services directly from the SonicWALL management interface for increased ease of use and
simplified services activation.
If you activated SonicWALL CFS Premium at mySonicWALL.com, the CFS Premium
activation is automatically enabled on your SonicWALL within 24-hours or you can click the
Synchronize button on the Security Services>Summary page to update your SonicWALL.

Activating CFS Premium

If you have an Activation Key for SonicWALL CFS Premium, follow these steps to activate
SonicWALL CFS Premium:
1. Click the SonicWALL Content Filtering Subscription link. The mySonicWALL.com
Login page is displayed.
2. Enter your mySonicWALL.com account username and password in the User Name and
Password fields, then click Submit. The System>Licenses page is displayed. If your
SonicWALL is already connected to your mySonicWALL.com account, the
System>Licenses page appears after you click the SonicWALL Content Filtering
Subscription link.
3. Click Activate or Renew in the Manage Service column in the Manage Services Online
table. Type in the Activation Key in the New License Key field and click Submit. Your
SonicWALL CFS Premium subscription is activated on your SonicWALL.

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 5

Activating a CFS Premium FREE TRIAL
You can try a FREE TRIAL of SonicWALL CFS Premium by following these steps:
1. Click the FREE TRIAL link. The mySonicWALL.com Login page is displayed.
2. Enter your mySonicWALL.com account username and password in the User Name and
Password fields, then click Submit. The System>Licenses page is displayed. If your
SonicWALL is already connected to your mySonicWALL.com account, the
System>Licenses page appears after you click the FREE TRIAL link.
3. Click FREE TRIAL in the Manage Service column in the Manage Services Online
table. Your SonicWALL CFS Premium trial subscription is activated on your SonicWALL.

Page 6 SonicWALL Content Filtering Service Premium Administrator’s Guide

Security Services>Content Filtering
Selecting Security Services>Content Filtering displays the Content Filtering page for
managing SonicWALL Content Filtering Service on the SonicWALL.

Content Filter Status

With SonicWALL CFS Premium activated, the Content Filter Status section displays
information about the status of the Content Filter Server, as well as the date and time that
your subscription expires. The expiration date and time is displayed in Universal Time Code
(UTC) format.
You can also access the SonicWALL CFS URL Rating Review Request form by clicking
on the here link in If you believe that a Web site is rated incorrectly or you wish to submit
a new URL, click here. See “URL Rating Review” on page 12 for more information.

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 7

Content Filter Type
There are three types of content filtering available on the SonicWALL.
• SonicWALL CFS - Selecting SonicWALL CFS as the Content Filter Type allows you
to use the SonicWALL Content Filtering Service that is available as an upgrade as well
as customize features such as allowed and forbidden domains as well as content filtering
using keywords.
• N2H2 - N2H2 is a third party content filter software package supported by SonicWALL.
You can obtain more information on N2H2 at <http://www.n2h2.com>.
• Websense Enterprise - Websense Enterprise is also a third party content filter list
supported by SonicWALL. You can obtain more information on Websense Enterprise at
<http://www.websense.com>.

Restrict Web Features

Restrict Web Features enhances your network security by blocking potentially harmful Web
applications from entering your network. Select any of the following applications to block:
• ActiveX
ActiveX is a programming language that embeds scripts in Web pages. Malicious
programmers can use ActiveX to delete files or compromise security. Select the ActiveX
check box to block ActiveX controls.
• Java
Java is used to download and run small programs, called applets, on Web sites. It is safer
than ActiveX since it has built-in security mechanisms. Select the Java check box to
block Java applets from the network.
• Cookies
Cookies are used by Web servers to track Web usage and remember user identity.
Cookies can also compromise users' privacy by tracking Web activities. Select the
Cookies check box to disable Cookies.
• Access to HTTP Proxy Servers
When a proxy server is located on the WAN, LAN users can circumvent content filtering
by pointing their computer to the proxy server. Check this box to prevent LAN users from
accessing proxy servers on the WAN.
• Known Fraudulent Certificates
Digital certificates help verify that Web content and files originated from an authorized
party. Enabling this feature protects users on the LAN from downloading malicious
programs warranted by these fraudulent certificates. If digital certificates are proven
fraudulent, then the SonicWALL blocks the Web content and the files that use these
fraudulent certificates.
Known fraudulent certificates blocked by SonicWALL include two certificates issued on
January 29 and 30, 2001 by VeriSign to an impostor masquerading as a Microsoft
employee.

Page 8 SonicWALL Content Filtering Service Premium Administrator’s Guide

Trusted Domains
Trusted Domains can be added to enable content from specific domains to be exempt from
Restrict Web Features. If you trust content on specific domains and want them exempt from
Restrict Web Features, follow these step to add them:
1. Select Don’t block Java/ActiveX/Cookies to Trusted Domains.
2. Click Add. The Add Trusted Domain Entry window is displayed.
3. Enter the trusted domain name in the Domain Name field.
4. Click OK. The trusted domain entry is added to the Trusted Domain table.
To keep the trusted domain entries but enable Restrict Web Features, uncheck Don’t block
Java/ActiveX/Cookies to Trusted Domains.
To delete an individual trusted domain, click on the Trashcan icon for the entry.
To delete all trusted domains, click Delete All.
To edit a trusted domain entry, click the Notepad icon.

Message to Display when Blocking

Enter your customized text to display to the user when access to a blocked site is attempted.
The default message is This site is blocked by the SonicWALL Content Filter Service.
Any message, including embedded HTML, up to 255 characters long, can be entered in this
field.

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 9

Configuring SonicWALL CFS Premium
Log into the SonicWALL using your administrator name and password. Click Security
Services and then Content Filter. Select SonicWALL CFS from the Content Filter Type
menu, and click Configure. The SonicWALL Filter Properties window is displayed.

Alert! You must enable SonicWALL CFS Premium enforcement on each Zone in the
Network>Zones page. See “Enabling Default CFS Enforcement by Zones” on page 18 for
more information.

CFS
Settings
• If Server is unavailable for (seconds) - Sets the amount of time after the content filter
server is unavailable before the SonicWALL takes action to either block access to all Web
sites or allow traffic to continue to all Web sites.
Block traffic to all Web sites - Select this feature if you want the SonicWALL to block
all Web site access until the content filter server is available.
Allow traffic to all Web sites - Select this feature if you want to allow access to all web
sites when the content filter server is unavailable. However, Forbidden Domains and
Keywords, if enabled, are still blocked.
• If URL marked as blocked - If you have enabled blocking by Categories and the URL is
blocked by the server, there are two options available.
Block Access to URL - Selecting this option prevents the browser from displaying the
requested URL to the user.
Log Access to URL - Selecting this option records the requested URL in the log file.
URL Cache
Configures the URL Cache size on the SonicWALL.

Page 10 SonicWALL Content Filtering Service Premium Administrator’s Guide

Tip! A larger URL Cache size can provide noticeable improvements in Internet browsing
response times.

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 11

URL Rating Review
If you believe that a Web site is rated incorrectly or you wish to submit a new URL, you can
click the here link to display the SonicWALL CFS URL Rating Review Request form for
submitting the request.

Policy
SonicWALL CFS Premium with the blocking of all 56 categories is activated by default for all
users on the network. The Policy tab allows you to customize CFS Premium policies, which
you can then apply to specific user groups in the Users>Local Groups page. A custom CFS
Premium policy allows you to modify the default CFS Premium configuration to tailor your
content filtering policies for particular user groups on your network.

Note: Custom CFS policies are applied to user groups in the User>Local Groups page. See
“Applying Custom CFS Policy Enforcement to Groups” on page 19 for more information.

Page 12 SonicWALL Content Filtering Service Premium Administrator’s Guide

 The Policy tab allows you to create unique CFS policies.

• To create new policy, click Add to display the Add CFS Policy window.
• To edit an existing policy, click the NotePad icon in the Policies table for the entry.
• To delete a policy, click the Trashcan icon in the Policies table for the entry.
• To delete all policies in the Policies table, click the Delete All button.
Creating a CFS Policy
1. Click Add to display the Add CFS Policy window.

2. In the Policy tab, enter a name for the policy in the Name field.

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 13

 3. Click the URL List tab.

4. Uncheck any category you want to pass through SonicWALL Content Filtering Service in
the Select Forbidden Categories list. Move your mouse point over the Down or Up
button to automatically scroll through the list of CFS categories. Select the Select all
categories check box if you want to block all of these categories.
5. Click the Settings tab.

6. In Custom List Settings section, select any of the following settings:

Disable Allowed Domains - select this setting to disable Allowed Domains from the
Custom List tab in the SonicWALL Filter Properties window.
Enable Forbidden Domains - select this setting to enable Forbidden Domains from
the Custom List tab in the SonicWALL Filter Properties window.
Enable Keyword Blocking - select this setting to enable Keyword Blocking from the
Custom List tab in the SonicWALL Filter Properties window.
7. To configure times when Content Filtering is enforced, select
Always - When selected, Content Filtering is enforced at all times.
From/To - When selected, Content Filtering is enforced during the time and days
specified. Enter the time period, in 24-hour format, and select the starting and ending
day of the week that Content Filtering is enforced.
8. Click OK.

Page 14 SonicWALL Content Filtering Service Premium Administrator’s Guide

Tip! Time of Day restrictions only apply to the Content Filter List, Customized blocking and
Keyword blocking. Consent and Restrict Web Features are not affected.

Custom List
On the Custom List tab, you can customize your URL list to include Allowed Domains and
Forbidden Domains that are applied globally to all policies. By customizing your URL list,
you can include specific domains to be allowed (accessed), forbidden (blocked), and include
specific keywords to be used to block sites.

To allow access to a Web site that is blocked by the Content Filtering Service, click Add, and
enter the host name, such as “www.ok-site.com”, into the Allowed Domains fields. 256 entries
can be added to the Allowed Domains list.
To block a Web site that is not blocked by the Content Filtering Service, click Add, and enter
the host name, such as “www.bad-site.com” into the Forbidden Domains field. 256 entries
can be added to the Forbidden Domains list.

Alert! Do not include the prefix “http://” in either the Allowed Domains or Forbidden Domains
fields. All subdomains are affected. For example, entering “yahoo.com” applies to
“mail.yahoo.com” and “my.yahoo.com”.
To remove a trusted or forbidden domain, select it from the appropriate list, and click Delete
Domain. Once the domain has been deleted, the Status bar displays Ready.
To enable blocking using keywords, click Add to display the Add Keyword Entry window.
Enter the keyword to block in the Keyword field, and click OK. To remove a keyword, select
it from the list and click Delete. Once the keyword has been removed, the Status bar displays
Ready.

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 15

Consent
The Consent tab allows you to enforce content filtering on designated computers and provide
optional filtering on other computers. Consent can be configured to require the user to agree
to the terms outlined in an Acceptable Use Policy window before Web browsing is allowed.

Web Usage Consent

• Maximum Web usage - In an environment where there are more users than computers,
such as a classroom or library, time limits are often imposed. The SonicWALL can be
used to remind users when their time has expired by displaying the page defined in the
Consent page URL field. Enter the time limit, in minutes, in the Maximum Web usage
field. When the default value of zero (0) is entered, this feature is disabled.
• User Idle Timeout is 5 minutes - After a period of Web browser inactivity, the Son-
icWALL requires the user to agree to the terms outlined in the Consent page before ac-
cessing the Internet again. To configure the value, follow the link to the Users window
and enter the desired value in the User Idle Timeout section.
• Consent page URL (Optional Filtering) - When a user opens a Web browser on a com-
puter requiring consent, they are shown a consent page and given the option to access
the Internet with or without content filtering. This page must reside on a Web server and
be accessible as a URL by users on the network. It can contain the text from, or links to
an Acceptable Use Policy (AUP).
This page must contain links to two pages contained in the SonicWALL, which, when
selected, tell the SonicWALL if the user wishes to have filtered or unfiltered access. The
link for unfiltered access must be <192.168.168.168/iAccept.html> and the link for filtered
access must be <192.168.168.168/iAcceptFilter.html>, where the SonicWALL LAN IP
Address is used instead of 192.168.168.168.
• Consent Accepted URL (Filtering Off) - When a user accepts the terms outlined in the
Consent page and chooses to access the Internet without the protection of
Content Filtering, they are shown a Web page confirming their selection. Enter the URL
of this page in the Consent Accepted (Filtering Off) field. This page must reside on a
Web server and be accessible as a URL by users on the network.

Page 16 SonicWALL Content Filtering Service Premium Administrator’s Guide

 • Consent Accepted URL (Filtering On) - When a user accepts the terms outlined in the
Consent page and chooses to access the Internet with the protection of Content Filter-
ing, they are shown a Web page confirming their selection. Enter the URL of this page in
the Consent Accepted (Filtering On) field. This page must reside on a Web server and
be accessible as a URL by users on the network.
Mandatory IP Filtering
• Consent page URL (Mandatory Filtering) - When a user opens a Web browser on a
computer using mandatory content filtering, a consent page is displayed. You must cre-
ate the Web page that appears when the Web browser is opened. It can contain text from
an Acceptable Use Policy, and notification that violations are logged or blocked.
This Web page must reside on a Web server and be accessible as a URL by users on
the network. This page must also contain a link to a page contained in the SonicWALL
that tells the SonicWALL that the user agrees to have filtering enabled. The link must be
<192.168.168.168/iAcceptFilter.html>, where the SonicWALL LAN IP Address is used
instead of 192.168.168.168.
Type the URL of this page in the Consent page URL (Mandatory Filtering) field and
click OK. Once the SonicWALL has been updated, a message confirming the update is
displayed at the bottom of the Web browser window.
• Adding a New Address - The SonicWALL can be configured to enforce content filtering
for certain computers on the LAN. Click Add and enter the IP address of the computer in
the IP Address field and click OK button. Up to 128 IP addresses can be entered. To
remove a computer from the list of computers to be filtered, highlight the IP address in
the Mandatory Filtered IP Addresses list and click Delete Address.

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 17

Enabling Default CFS Enforcement by Zones
If your SonicWALL is running SonicOS Enhanced with multiple interfaces, the Default
SonicWALL CFS Premium policy can be enabled or disabled for each Zone separately.

Note: Only the default CFS Premium policy can be enabled or disabled for Zones.
To enabled CFS Premium for a particular Zone, follow these steps:
1. Select the Network>Zone page.
2. Click the Notepad icon in the Configure column for the Zone you want in the Zone
Settings table. The Edit Zone window is displayed.
3. To enable CFS Premium enforcement for the Zone, check Enforce Content Filtering
Service.
4. Click OK. A checkmark appears under Content Filtering for the Zone in the Zone
Settings table.
To disable CFS Premium enforcement for a Zone, uncheck the Enforce Content Filtering
Service setting in the Edit Zone window.

Page 18 SonicWALL Content Filtering Service Premium Administrator’s Guide

Applying Custom CFS Policy Enforcement to Groups
The Default CFS Premium policy is enforced for every network user group defined in the
Users>Local Groups page. You can customize the enforcement of custom CFS Premium
policies you created by applying them to specified network user groups defined in the
Users>Local Groups page.
To add a custom CFS policy to a local group, follow these steps:
1. Select the Users>Local Groups page.
2. Click the Notepad icon in the Configure column for the group you want in the Local
Groups table. The Edit Group window is displayed.
3. Click on the CFS Policy tab.

4. Select the custom CFS policy from the Policy menu. The policies in the Policy menu
include the Default policy and any other custom policies you created in the SonicWALL
Filter Properties window.
5. Click OK. The Caption icon appears in the CFS Policy column of the Local Groups
table. Moving your pointer of the icon displays the CFS policy applied to the group.

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 19

Content Filtering Service Premium Categories
The following provides a detailed description of the criteria used to define the Content
Filtering Service Premium categories.

1. Violence/Hate/Racism
Sites that depict extreme physical harm to people or property, or that advocate or provide
instructions on to cause such harm. Also includes sites that advocate, depict hostility or
aggression toward, or denigrate an individual or group on the basis of race, religion, gender,
nationality, ethnic origin, or other involuntary characteristics.
Category Examples:
www.rotten.com
www.whitepower.com
www.bumfights.com
www.deathnet.com

2. Intimate Apparel/Swimsuit
Sites that contain images or offer the sale of swimsuits or intimate apparel or other types of
suggestive clothing. Does not include sites selling undergarments as a subsection of other
products offered.
Category Examples:
www.victoriassecret.com
www.fredericks.com

3. Nudism
Sites containing nude or semi-nude depictions of the human body. These depictions are not
necessary sexual in intent or effect, but may include sites containing nude paintings or photo
galleries of artistic nature. This category also includes nudist or naturist sites that contain
pictures of nude individuals.
Category Examples:
www.danheller.com
www.bodyscapes.com
www.nudistnews.com

4. Pornography
Sites that contain sexually explicit material for the purpose of arousing a sexual or prurient
interest.
Category Examples:
www.playboy.com
www.whitehouse.com

Page 20 SonicWALL Content Filtering Service Premium Administrator’s Guide

5. Weapons
Sites that sell, review, or describe weapons such as guns, knives or martial arts devices, or
provide information on their use, accessories, or other modifications. Does not include sites
that promote collecting weapons, or groups that either support or oppose weapons use.
Category Examples:
www.browning.com
www.weapons.com
www.shooters.com

6. Adult/Mature Content
Sites that contain material of adult nature that does not necessarily contain excessive
violence, sexual content, or nudity. These sites include profane or vulgar content and sites
that are not appropriate for children.
Category Examples:
www.humanbomb.org
www.steakandcheese.com
www.punchbaby.com

7. Cult/Occult
Sites that promote or offer methods, means of instruction, or other resources to affect or
influence real events through the use of spells, curses, magic powers, satanic or supernatural
beings.
Category Examples:
www.satannet.com
www.churchofsatan.com

8. Drugs/Illegal Drugs
Sites that promote, offer, sell, supply, encourage or otherwise advocate the illegal use,
cultivation, manufacture, or distribution of drugs, pharmaceuticals, intoxicating plants or
chemicals and their related paraphernalia.
Category Examples:
www.marijuana.org
www.hightimes.com

9. Illegal Skills/Questionable Skills

Sites that advocate or give advice on performing illegal acts such as service theft, evading
law enforcement, fraud, burglary techniques and plagiarism. Also includes sites that provide
or sell questionable educational materials, such as term papers.
Category Examples:
www.oppapers.com
www.antiessays.com

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 21

10. Sex Education
Sites that provide graphic information on reproduction, sexual development, safe sex
practices, sexuality, birth control, and sexual development. Also includes sites that offer tips
for better sex as well as products used for sexual enhancement.
Category Examples:
www.scarleteen.com
www.viagra.com
www.sexed.com
www.sexuality.org

11. Gambling
Sites where a user can place a bet or participate in a betting pool (including lotteries) online.
Also includes sites that provide information, assistance, recommendations, or training on
placing bets or participating in games of chance. Does not include sites that sell gambling
related products or machines. Also does not include sites for off-line casinos and hotels as
long as those sites do not meet one of the previous requirements.
Category Examples:
www.gambling.com
www.casino.com
www.sportsbook.com

12. Alcohol/Tobacco
Sites that promote or offer alcohol/tobacco products for sale, or provide the means to create
them. Also includes sites that glorify, tout, or otherwise encourage the consumption of
alcohol/tobacco. Does not include sites that sell alcohol or tobacco as a subset of other
products.
Category Examples:
www.budweiser.com
www.cigar.com
www.coors.com

13. Chat/Instant Messaging (IM)

Sites that provide chat and instant messaging capabilities or client downloads.
Category Examples:
www.web.icq.com/icqchat/
www.aim.com
www.messenger.msn.com

Page 22 SonicWALL Content Filtering Service Premium Administrator’s Guide

14. Arts/Entertainment
Sites that promote and provide information about motion pictures, videos, television, music
and programming guides, books, comics, movie theatres, galleries, artists or reviews on
entertainment.
Category Examples:
www.imdb.com
www.eonline.com
www.moviephone.com

15. Business and Economy

Sites devoted to business firms, business information, economics, marketing, business
management and entrepreneurship. This does not include sites that perform services that are
defined in another category, such as Information Technology companies or travel services.
Category Examples:
www.ge.com
www.sunbeam.com

16. Abortion/Advocacy Groups

Sites that provide information or arguments in favor of or against abortion, describe abortion
procedures, offer help in obtaining or avoiding abortion, or provide information on the effects,
or lack thereof, of abortion.
Category Examples:
www.gynpages.com
www.abortionfacts.com

17. Education
Sites that offer educational information, distance learning and trade school information or
programs. Also includes sites that are sponsored by schools, educational facilities, faculty, or
alumni groups.
Category Examples:
www.education-world.com
www.ed.gov
www.nyu.edu

19. Cultural Institutions

Sites sponsored by cultural institutions, or provide information about museums, galleries,
theatres (not movie theatres). Includes groups such as 4H and the Boy Scouts of America.
Category Examples:
www.childmuseum.org
www.scouting.org
www.4h.org

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 23

20. Online Banking
Sites that provide or advertise banking services (online or off-line) or other types of financial
information, such as loans. Does not include sites that offer market information, brokerage or
trading services.
Category Examples:
www.americafirst.com
www.paypal.com

21 Online Brokerage and Trading

Sites that provide or advertise trading of securities and management of investment assets
(online or off-line). Also includes insurance sites, as well as sites that offer financial
investment strategies, quotes, and news.
Category Examples:
www.progressive.com
www.etrade.com
www.datek.com

22. Games
Sites that provide information and support game playing or downloading, video games,
computer games, electronic games, tips, and advice on games or how to obtain cheat codes.
Also includes sites dedicated to selling board games as well as journals and magazines
dedicated to game playing. Includes sites that support or host online sweepstakes and
giveaways.
Category Examples:
www.nintendo.com
www.gamespot.com
www.gamesdomain.com

23. Government
Sites sponsored by or which provide information on government, government agencies and
government services such as taxation and emergency services. Also includes sites that
discuss or explain laws of various governmental entities.
Category Examples:
www.whitehouse.gov
www.federalreserve.gov

24. Military
Sites that promote or provide information on military branches or armed services.
Category Examples:
www.army.mil
www.navy.mil
www.af.mil

Page 24 SonicWALL Content Filtering Service Premium Administrator’s Guide

25. Political/Advocacy Groups
Sites sponsored by or which provide information on political parties, special interest groups,
or any organization that promotes change or reform in public policy, public opinion, social
practice, or economic activities.
Category Examples:
www.texasgop.org
www.aclu.org
www.rnc.org
www.dnc.org

26. Health
Sites that provide advice and information on general health such as fitness and well-being,
personal health or medical services, drugs, alternative and complimentary therapies, medical
information about ailments, dentistry, optometry, general psychiatry, self-help, and support
organizations dedicated to a disease or condition.
Category Examples:
www.cvs.com
www.webmd.com

27. Information Technology/Computers

Sites that sponsor or provide information on computers, technology, the Internet and
technology-related organizations and companies.
Category Examples:
www.dell.com
www.microsoft.com
www.javaworld.com

28. Hacking/Proxy Avoidance Systems

Sites providing information on illegal or questionable access to or the use of communications
equipment/software, or provide information on how to bypass proxy server features or gain
access to URLs in any way that bypasses the proxy server.
Category Examples:
images.google.com
www.anonymizer.com
astalavista.box.sk
www.happyhacker.org
www.phreak.com

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 25

29. Search Engines and Portals
Sites that support searching the Internet, indices and directories.
Category Examples:
www.google.com
www.yahoo.com

30. E-Mail
Sites offering Web-based e-mail services, such as online e-mail reading, e-cards, and mailing
list services.
Category Examples:
www.email.com
www.hotmail.com

31. Web Communications

Sites that allow or offer Web-based communication via e-mail, chat, instant messaging,
message boards, etc.
Category Examples:
www.hotmail.com
www.aim.com

32. Job Search

Sites that provide assistance in finding employment, and tools for locating prospective
employers.
Category Examples:
www.hotjobs.com
www.flipdog.com
www.monster.com

33. News and Media

Sites that primarily report information or comments on current events or contemporary issues
of the day. Also includes radio stations and magazines. Does not include sites that can be
rated in other categories.
Category Examples:
www.cnn.com
www.foxnews.com
www.msnbc.com

Page 26 SonicWALL Content Filtering Service Premium Administrator’s Guide

34. Personals and Dating
Sites that promote interpersonal relationships.
Category Examples:
www.singlelinks.com
www.lovesites.com
www.dating.com

35. Usenet News Groups

Sites that offer access to Usenet news groups or other messaging or bulletin board systems.
Category Examples:
www.slashdot.org
www.newsville.com/news/groups

36. Reference
Sites containing personal, professional, or educational reference, including online
dictionaries, maps, census, almanacs, library catalogues, genealogy-related sites and
scientific information.
Category Examples:
www.dictionary.com
www.encarta.com
www.familysearch.org

37. Religion
Sites that promote and provide information on conventional or unconventional religious or
quasi-religious subjects, as well as churches, synagogues, or other houses of worship. Does
not include sites containing alternative religions such as Wicca or witchcraft (Cult/Occult) or
atheist beliefs (Political/Advocacy Groups).
Category Examples:
www.catholic.net
www.gospel.com
www.lds.org

38. Shopping
Sites that provide or advertise the means to obtain goods or services. Does not include sites
that can be classified in other categories such as vehicles or weapons.
Category Examples:
www.amazon.com
www.tigerdirect.com

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 27

39. Internet Auctions
Sites that support the offering and purchasing of goods between individuals. Does not include
classified advertisements.
Category Examples:
www.bidfind.com
www.ebay.com

40. Real Estate

Sites that provide information on renting, buying, or selling real estate or properties.
Category Examples:
www.centruy21.com
www.realtor.com
www.hud.org

41. Society and LifeStyle

Sites providing information on matters of daily life. This does not include sites relating to
entertainment, sports, jobs, sex or sites promoting alternative lifestyles such as
homosexuality. Also, personal home pages fall within this category if they cannot be classified
in another category.
Category Examples:
www.sheafox.com
www.style.com

42. Gay and Lesbian Issues

Sites that provide information, promote, or cater to gay and lesbian lifestyles. Does not
include sites that are sexually oriented.
Category Examples:
www.gay.com
www.waf.org

43. Restaurants and Dining

Sites that list, review, discuss, advertise, and promote food, catering, dining services, cooking
and recipes.
Category Examples:
www.foodtv.com
www.zagats.com

Page 28 SonicWALL Content Filtering Service Premium Administrator’s Guide

44. Sports/Recreation
Sites that promote or provide information about spectator sports, recreational activities, or
hobbies. Includes sites that discuss or promote camping, gardening, and collecting.
Category Examples:
www.espn.com
www.nba.com
www.snoweb.com

45. Travel
Sites that promote or provide opportunity for travel planning, including finding and making
travel reservations, vehicle rentals, descriptions of travel destinations, or promotions for
hotels or casinos.
Category Examples:
www.travelocity.com
www.luxor.com
www.orbitz.com
www.hertz.com

46. Vehicles
Sites that provide information on or promote vehicles, boats, or aircraft, including sites that
support online purchase of vehicles or parts.
Category Examples:
www.autotrader.com
www.boattrader.com

47. Humor/Jokes
Sites that primarily focus on comedy, jokes, fun, etc. May include sites containing jokes of
adult or mature nature. Sites containing humorous adult content also have an Adult/Mature
Content rating.
Category Examples:
www.ahajokes.com
www.comedycentral.com
www.the-jokes.com

48. MP3/Streaming
Sites that sell, deliver, or stream music or video content in any format, including sites that
provide downloads for such viewers.
Category Examples:
www.mp3.com
www.windowsmedia.com
www.musiccity.com

SonicWALL Content Filtering Service Premium Administrator’s Guide Page 29

50. Freeware/Software Downloads
Sites that are dedicated to the electronic downloading of software, whether for payment or at
no charge.
Category Examples:
www.download.com
www.tucows.com

51. Pay to Surf Sites

Sites that pay users in the form of cash or prizes for clicking on or reading specific links,
e-mail or Web pages.
Category Examples:
www.bestfreemoneyonline.com
www.mypoints.com

53. Kid Friendly

Sites designed specifically for children.
Category Examples:
www.yahooligans.com
www.playhousedisney.com

54. Advertisement
Sites that provide online advertisements or banners. These sites will always be allowed. Does
not include advertising servers that serve adult-oriented advertisements.
Category Examples:
rd.companion.yahoo.com
adserver.inetzone.com

55. Web Hosting

Sites of organizations that provide top-level domain pages, as well as Web communities or
hosting services.
Category Examples:
www.geocities.com
groups.yahoo.com

56. Other
Sites not fitting into any of the other categories.

64. Not Rated

Page 30 SonicWALL Content Filtering Service Premium Administrator’s Guide