Web Filter: Glossary

Glossary:

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

A

ADS - Active Directory Services is a Windows 2000 directory service that acts as the central authority for network security, by letting the operating system validate a user's identity and control his or her access to network resources.

always allowed - A filter category given this designation will be included in the white list. However, this setting in a library category is overridden if the minimum filtering level is set up to block that category.

attribute - A component of a group base or Distinguished Name (DN) that has a type and value. Attribute types include "cn" for common name, "dc" for domain component, and "ou" for organizational unit.

authentication method - A way to validate users on a network. The LDAP method is the authentication method used by the Web Filter.

authentication server - The domain controller on a domain. This server is used for authenticating users on the network.

B

block setting - A setting assigned to a service port or library category when creating a rule, or when setting up a filtering profile or the minimum filtering level. If an item is given a block setting, users will be denied access to it.

bridge mode - A Web Filter set up in the bridge mode filters as for the invisible mode, with the exception of HTTPS requests to YouTube and Google. These requests are passed to a special on-board proxy where they are decrypted. This mode allows keyword filtering of HTTPS Google and YouTube requests. In version 5.1.10 and above, you can choose to filter ONLY these requests.

C

common name (cn) - An attribute type entered for a username and group when using LDAP.

container - An LDAP server object that can be comprised of containers, organizational units, or domains. Container objects can also "contain" other objects, such as user objects, group objects, and computer objects.

custom category - A unique library category that is created by an administrator, and can include URLs, URL keywords, and search engine keywords to be blocked. Group administrators create and manage custom library categories for their own group.

D

directory - This information source on a server contains attribute-based data relevant to a DN entry.

directory service - Uses a directory on a server to automate administrative tasks for storing and managing objects on a network (such as users, passwords, and network resources users can access). ADS, DNS, and NDS (Novell Directory Services) are types of directory services.

Distinguished Name (DN) - A string of “cn” and “dc” attribute types comprised of the username and group name, domain name, and DNS suffix. For example: “cn=admin_user, cn=admin, dc=yahoo, dc=com”. The "ou" attribute type also could be part of the DN. For example: "cn=Joe Smith, ou=users, ou=sales, dc=acme, dc=com."

DNS - Domain Name Service is a distributed Internet directory service. DNS is used mostly for making translations between domain names and IP addresses.

domain - An entity on a network comprised of servers, workstations, and peripherals.

domain component (dc) - An attribute type entered for a domain name and DNS suffix when using LDAP.

domain controller - An authentication server that answers logon requests from workstations in a Windows NT domain. There are two types of domain controller servers: Primary Domain Controller (PDC) and Backup Domain Controller (BDC).

dynamic group - a virtual LDAP group that does not contain names of its members but is derived automatically by matching certain user data criteria. (See also “static group”.)

E

entry - A collection of attribute types that comprise a Distinguished Name (DN). Each attribute type of the Distinguished Name has a type and one or more values. These types are mnemonic strings, such as "cn" for common name, "dc" for domain component, or "ou" for organizational unit.

F

filter setting - A setting made for a service port. A service port with a filter setting uses filter settings created for library categories (block, open, warn, or always allow settings) to determine whether users should be denied or allowed access to that port.

firewall mode - A Web Filter set up in the firewall mode will filter all requests. If the request is appropriate, the original packet will pass unchanged. If the request is inappropriate, the original packet will be blocked from being routed through. You can choose to pass HTTPS Google and YouTube requests to a special on-board proxy where they are decrypted. This mode allows keyword filtering of these requests.

G

global administrator - An authorized administrator of the network who maintains all aspects of the Web Filter, except for managing master IP groups and their members, and their associated filtering profiles. The global administrator configures the Web Filter, sets up master IP groups, and performs routine maintenance on the server.

group administrator - An authorized administrator of the network who maintains a master IP group, setting up and managing members within that group. This administrator also adds and maintains customized library categories for the group.

group name - The name of a group set up for a domain on an Windows Active Directory server. For example: “production” or “sales”.

I

individual IP member - An entity of a master IP group with a single IP address.

instant messaging - IM involves direct connections between workstations either locally or across the Internet. Using this feature of the Web Filter, groups and/or individual client machines can be set up to block the use of IM services specified in the library category.

invisible mode - A Web Filter set up in the invisible mode will filter all connections on the Ethernet between client PCs and the Internet, without stopping each IP packet on the same Ethernet segment. The unit will only intercept a session if an inappropriate request was submitted by a client.

K

keyword - A word or term used for accessing Internet content. A keyword can be part of a URL address or it can be a search term. An example of a URL keyword is the word “essex” in http://www.essex.com. An example of a search engine keyword is the entry “essex”.

L

library category - A list of URLs, URL keywords, and search engine keywords set up to be blocked.

LDAP - The authentication method protocol used by the Web Filter. Lightweight Directory Access Protocol (LDAP) is a directory service protocol based on entries (Distinguished Names).

LDAP host - The LDAP domain name and DNS suffix. For example: “yahoo.com” or “server.local”.

login (or logon) script - Consists of syntax that is used for re-authenticating a user if the network connection between the user’s machine and the server is lost.

M

machine name - Pertains to the name of the user’s workstation machine (computer).

master IP group - An IP group set up in the tree menu in the Policy section of the Administrator console, comprised of sub-groups and/or individual IP filtering profiles.

master list - A list of additional URLs that is uploaded to a custom category’s URL Category window.

minimum filtering level - A set of library categories and service ports defined at the global level to be blocked or opened. If the minimum filtering level is established, it is applied in conjunction with a user’s filtering profile. If a user does not belong to a group, or the user’s group does not have a filtering profile, the default (global) filtering profile is used, and the minimum filtering level does not apply to that user. If the minimum filtering level is set up to block a library category, this setting will override an always allowed setting for that category in a user’s profile. Minimum filtering level settings can be overridden by profile settings made in override accounts, exception URL settings, and use of the “bypass all” Rule setting.

mobile mode - The operations mode used on a Web Filter configured for filtering end users on machines located outside of the in-house network.

N

name resolution - A process that occurs when the Web Filter attempts to resolve the IP address of the authentication server with the machine name of that server. This continuous and regulated automated procecedure ensures the connection between the two servers is maintained.

net use - A command that is used for connecting a computer to—or disconnecting a computer from—a shared resource, or displaying information about computer connections. The command also controls persistent net connections.

NetBIOS - Network Basic Input Output System is an application programming interface (API) that augments the DOS BIOS by adding special functions to local-area networks (LANs). Almost all LANs for PCs are based on the NetBIOS. NetBIOS relies on a message format called Server Message Block (SMB).

NetBIOS name lookup - An authentication method used for validating a client (machine) by its machine name.

Network Address Translation (NAT) - Allows a single real IP address to be used by multiple PCs or servers. This is accomplished via a creative translation of inside “fake” IP addresses into outside real IP addresses.

O

open setting - A setting assigned to a service port or library category when creating a rule, or when setting up a filtering profile or the minimum filtering level. If an item is given an open (pass) setting, users will have access to it.

organizational unit (ou) - An attribute type that can be entered in the LDAP Distinguished Name for a user group.

override account - An account created by the global group administrator or the group administrator to give an authorized user the ability to access Internet content blocked at the global level or the group level. An override account will bypass settings made in the minimum filtering level.

P

PDC - A Primary Domain Controller functions as the authentication server on a Windows NT domain. This server maintains the master copy of the directory database used for validating users.

peer-to-peer - P2P involves communication between computing devices—desktops, servers, and other smart devices—that are linked directly to each other. Using this feature of the Web Filter, groups and/or individual client machines can be set up to block the use of P2P services specified in the library category.

profile string - The string of characters that define a filtering profile. A profile string can consist of the following components: category codes, service port numbers, and redirect URL.

protocol - A type of format for transmitting data between two devices. LDAP and SMB are types of authentication method protocols.

proxy server - An appliance or software that accesses the Internet for the user’s client PC. When a client PC submits a request for a Web page, the proxy server accesses the page from the Internet and sends it to the client. A proxy server may be used for security reasons or in conjunciton with caching for bandwidth and performance reasons.

Q

quota - The number of minutes configured for a passed library category in an end user’s profile that lets him/her access URLs for a specified time before being blocked from further access to that category.

R

Radius - This feature is used for controlling the filtering levels of dial-up users. The Radius accounting server determines which accounts will be filtered and how they will be filtered. The user profile in the Radius accounting server holds the filter definition for the user.

Real Time Probe - On the Web Filter, this tool is used for monitoring the Internet activity of specified users in real time. The report generated by the probe lets the administrator know whether end users are using the Internet appropriately.

router mode - A Web Filter set up in the router mode will act as an Ethernet router, filtering IP packets as they pass from one card to another. While all original packets from client PCs are allowed to pass, if the Web Filter determines that a request is inappropriate, a block page is returned to the client to replace the actual requested Web page or service. You can choose to pass HTTPS Google and YouTube requests to a special on-board proxy where they are decrypted. This mode allows keyword filtering of these requests.

rule - A filtering component comprised of library categories set up to be blocked, opened, always allowed, or set up with a warning and/or a time quota. Each rule created by the global administrator is assigned a number and a name that should be indicative of its theme. Rules are used when creating filtering profiles for entities on the network.

S

search engine - A program that searches Web pages for specified keywords and returns a list of the pages or services where the keywords were found.

service port - Service ports can be set up to blocked. Examples of these ports include File Transfer Protocol (FTP), Hyper Text Transfer Protocol (HTTP), Network News Transfer Protocol (NNTP), Secured HTTP Transmission (HTTPS), and Other ports such as Secure Shell (SSH).

SMTP - Simple Mail Transfer Protocol is used for transferring email messages between servers.

SNMP - For the Web Filter, a Simple Network Management Protocol is a third party product used for monitoring and managing the working status of the Web Filter’s filtering on a network.

sub-group - An entity of an IP group with an associated member IP address and netmask, and filtering profile.

synchronization - A process by which two or more machines run in parallel to each other. User filtering profiles and library configurations can be set up to be synchronized between multiple Web Filters. The clock on the Web Filter can be set up to be synchronized with a server on the Internet running Network Time Protocol (NTP) software.

T

tiers - Levels of authentication methods. Tier 1 uses net use based authentication. Tier 2 uses time-based profiles. Tier 3 uses persistent login connections.

time profile - A customized filtering profile set up to be effective at a specified time period for all users in a sub-group.

Traveler - Trustwave’s executable program that downloads updates to your Web Filter on demand or at a scheduled time.

Trustwave supplied category - A library category that was created by Trustwave, and includes a list of URLs, URL keywords, and search engine keywords to be blocked.

Top

U

URL - An abbreviation for Uniform Resource Locator, the global address of Web pages and other resources on the Internet. A URL is comprised of two parts. The first part of the address specifies which protocol to use (such as "http"). The second part specifies the IP address or the domain name where the resource is located (such as “203.15.47.23” or "trustwave.com").

V

VLAN - Virtual Local Area Network is a network of computers that may be located on different segments of a LAN but communicate as if they were on the same physical LAN segment.

virtual IP address - The IP address used for communicating with all users who log on the network.

VuSafe - A feature that lets users view only the videos posted to YouTube or SchoolTube that are approved for their profile. This feature requires the setup and maintenance of a Web portal, and/or access to VuSafe’s portal.

W

warn setting - A setting assigned to a library category or uncategorized URLs when creating a rule, or when setting up a filtering profile. This designation indicates URLs in the library category or uncategorized URLs may potentially be in opposition to the organization’s policies, and are flagged with a warning message that displays for the end user if a URL from that library category or an uncategorized URL is requested.

Web-based - An authentication method that uses time-based profiles or persistent login connections.

white list - A list of approved library categories for a specified entity's filtering profle.

© Trustwave. All rights reserved.