SonicWALL CFS 2.0 enables small- and mid-sized businesses to maximize employee productivity while protecting employees from objectionable Web content. It enforces content filtering policies by combining a dynamic URL database with SonicWALL's unique rating and caching architecture. The distributed Internet-based URL database rates questionable or inappropriate Web content into 12 categories violence, intimate apparel, nudism, adult content, weapons, hate and racism, cult and occult, illegal drugs, criminal, sex education, gambling, and alcohol and tobacco. The CFS 2.0 policy on the SonicWALL appliance uses this rating information to enforce the desired levels of access for worker groups and individual employees. SonicWALL's architecture then caches the results on the appliance and allows for immediate access to approved sites in the future, and delivers a "You've been blocked by SonicWALL" redirect message when employees attempt to access barred sites.
Douglas Brockett, SonicWALL vice president of worldwide marketing, said CFS 2.0 is ideally suited for today's content filtering challenges.
"As an appliance-based subscription service available to existing SonicWALL customers, CFS 2.0 provides a comprehensive database and rating system previously found only in much more expensive, server-based products," Brockett said.
Basically, there's three ways a small business can filter Web content at the server, the gateway or through client solutions. Server solutions, such as those provided by Websense, N2H2, SurfControl, WatchGuard, Cisco, CheckPoint and Netscreen, are highly scalable, but costly. Server-based content filtering solutions also need to work in conjunction with a gateway device, so central management of content filtering is a bit cheeky. Gateway solutions, such as those provided by Fortinet, Blue Coat, and FilterLobix, typically cost $4,000 to $5,000. For many small businesses such solutions are simply too pricey. Client-based content filtering may be a more cost-effective option for small businesses, but only when very few computers are involved. Otherwise, each time there's an update to the program, the network administrator needs to add the update to each PC, which ends up wasting time, and eventually money.
Mervyn Alamgir, SonicWALL product line manager, said the easy-to-use, Web-based management interface in CFS 2.0 provides network administrators with greater control and flexibility, enabling them to conduct content filtering directly over a wired or wireless local area network.
"Administrators can apply policies to each category of content to enforce acceptable use policies from different locations inside and outside the network," Alamgir explained. "Network administrators can also apply time of day blocking and user level authentication for increased control over Internet access."
SonicWALL CFS 2.0 is flexible because it utilizes URL rating information provided by Cerberian. Alamgir said the system is versatile enough to allow administrators to specify a local list of URLs to block, while still allowing specific PCs unabridged access to all types of Web content.
But why limit Web access at all doesn't your IT staff have better things to do?
Alamgir said small businesses and public institutions of can't afford not to filter content when it comes to productivity and liability.
"A 2002 FBI 2002 Computer Crime Survey found that 78 percent of businesses have detected employee abuse of Internet privileges at work, such as downloading pornography or pirated software," Alamgir said. "Employee access to inappropriate Web content is a drain on small business resources and employee productivity. Then there's the liability of allowing access to racist or pornographic content. Any business is liable if it provides an unsafe work environment"
But it's not just small businesses that need to be sensitive to providing safe surfing capabilities for employees. Schools, libraries and other publicly funded institutions are very familiar with content filtering issues. The Children's Internet Protection Act (CIPA) of 2000 requires schools to protect students from inappropriate Web content. One such school, Fergus Falls Public School District in Minnesota, chose SonicWALL CFS 2.0 for its content filtering solution.
Mike Donoho, Fergus Falls Public School District technology systems manager at, said it was important to find a content filtering solution that is also easy to manage.
"The new CFS 2.0 does an amazing job of rating site requests against our extensive categories of blocked content, and does so with a high level of accuracy and fast response times," Donoho said. "We like that we can control site requests by time of day, category, or individual. SonicWALL CFS 2.0 also applies weekly filter updates automatically, and its intuitive interface makes administration very easy."
SonicWALL CFS 2.0 also features integrated management and reporting capabilities. SonicWALL's Global Management System (GMS) and ViewPoint reporting package can utilize data from CFS 2.0 to provide detailed activity and usage reports to network administrators.
Installation of SonicWALL CFS 2.0 is a breeze it consists of entering a key code into the device and setting up the categories of sties that need to be blocked. There is no additional software to buy and no need to schedule periodic downloads. SonicWALL updates the database of more than 4 million blocked URLs each hour and these updates are automatically distributed each week.
SonicWALL CFS 2.0 annual subscriptions will be available beginning in mid-June through its distribution channels. Solutions range from a five-node subscription for $75 a year to unlimited nodes for $695 a year. The CFS 2.0 service will run on a wide variety of SonicWALL devices, including its TELE and SOHO lineup of wired and wireless security devices. Those businesses that tapped into SonicWALL's first generation of its content filtering service that have and active support contract and appliances able to run Firmware version 6.4 are eligible for a free upgrade to Firmware 6.5 and SonicWALL CFS 2.0.