SonicWall Basic CFS Setup

IT

SonicWall Basic CFS Setup

1. Verify that you are licensed for CFS (Standard or Premium)
   a. You can check on the main status page on the right hand side under Security Services (Licensed / Not Licensed)
   b. You can look under the Security Services section which will also let you know your expiration date for the services (Licensed 19 March 2010)
   c. You can look under the Security Services>Content Filter section to see the status and service expiration date
   d. You can log into your mysonicwall.com account and look under your device
2. Go to the Content Filter section (Security Services>Content Filter)
   a. Verify that it shows that the server is ready
   b. Click on Configure next to the SonicWALL CFS optionjust below the Content Filter Type
   c. Now you have to decide if you want traffic going out or being blocked if it cannot check with the SonicWall server (Default is allow)
   d. Click on the Policy tab and then the pencil at the end to configure
   e. On the Edit CFS Policy you will see either a list of 12 (Standard) or ~65 (Premium with some numbers skipped) categories
   f. Select which categories you do not want users to access (you can use http://cfssupport.sonicwall.com/Support/web/eng/newui/viewRating.jsp to check on how a site is rated)
   g. Finally you can click on settings and for the most part we verify that the Disable Allowed Domains is unchecked and the Enable Forbidden Domains and Enable Keyword Blocking are both checked. This allows a little more granular control of allowed/blocked sites besides using the list of categories.
   i. If you need to set any of these up you can go to the Custom List tab on the SonicWALL Filter Properties
3. If you have any servers I’d recommend adding an exception for them to the CFS rules under the CFS Exclusion List and check the Enable VFS Exclusion List box
   a. One thing to watch out for on the newer OSes (5+ is that there is a default CFS Bypass CFS blocking for the administrator). This can mean that you have the CFS all setup, but are testing it from either a server with an exclusion or from a machine that you have logged onto the SonicWall with the administrator account and be able to get access to ANY site (even blocked ones) since it is detecting you as being logged in under the administrator account. I recommend testing the CFS from a completely separate machine that you didn’t use to configure the SonicWall CFS settings from.
4. Finally go to the Zones Section (Network>Zones) and verify that CFS is enabled on the LAN interface (should be by default).

More About the Author

Richard Clapp

Systems Engineer
Cleaning Up WinSXS Folder on Windows Server 2008 R2 I finally found some good information for cleaning up the WinSXS folder on new instances of Windows. I found the following site ...
Getting Access to Multiple Branches while Using a Split VPN Tunnel for Performance I recently had to help a client who was having performance issues over the VPN. They had a fast connection at home, but just a standard ...

See more from this author →

Subscribe to our newsletter

  • I understand that InterWorks will use the data provided for the purpose of communication and the administration my request. InterWorks will never disclose or sell any personal data except where required to do so by law. Finally, I understand that future communications related topics and events may be sent from InterWorks, but I can opt-out at any time.
  • This field is for validation purposes and should be left unchanged.

InterWorks uses cookies to allow us to better understand how the site is used. By continuing to use this site, you consent to this policy. Review Policy OK

×

Interworks GmbH
Ratinger Straße 9
40213 Düsseldorf
Germany
Geschäftsführer: Mel Stephenson

Kontaktaufnahme: markus@interworks.eu
Telefon: +49 (0)211 5408 5301

Amtsgericht Düsseldorf HRB 79752
UstldNr: DE 313 353 072