Fine Tuning The Content Scanner
After general set up of content filters have been done it is necessary to fine tune them to achieve better performance and speed during Internet usage.
Fine tuning content filter means that there should be a fair understanding of what kind of Internet traffic to let through to LAN and what needs to be blocked. There are some very useful features inside Content Scanner that would help to fine tune traffic. 'Web Usage' report analysis can come in handy to analyse the nature of traffic requested by hosts in LAN.
It is possible to fine tune content scanning for a particular group of users or for the entire LAN. Separate user groups should be defined to apply different set of rules for different users in LAN.
'Website Category Lists' is the basic level of tuning in which checking & un-checking different categories listed block websites coming under the respective category. You can block categories like Ads, Adult, Porn etc.. It is a blanket blocking method and you will not be able to specify specific URLs or domains to block or to let through.
To allow or block specific URLs/domains/server IP addresses; use 'Black List', 'Grey List' & 'White List' feature.
It is possible to set different content scanning filter rules for each Web Filter Group.
Black List is used to list URLs and domains that is to be unconditionally blocked. If a website/domain/ip address is Black Listed then that site will not be made available to Internet users.
Sometimes it happens that if you block a category like 'Ads' then couple of useful sites will also get blocked. You can conditionally unblock these websites by using Grey list.
If a useful web resource is getting blocked due to the category block you can conditionally unblock it using Grey list. Grey List will allow a website/domain/ip address to be made available to Internet users after content and virus scanning has been completed and if the content is found to be within the limits. Grey List supersedes Black List.
White List is allow all list and this list supersedes other two. If a website/domain/ip address is listed in White List, content scanning is not done and that website would be made available without scanning. This is useful to allow know resources to be passed through without any checks and as fast as possible.For eg: Banking websites, websites of educational institutions, own websites etc. White List supersedes Grey List and Black List.
For best performance you should analyse Traffic, speak to users on host machines, speak to department heads, take into account the institutional policy and devise a plan for efficient content filtering. Instead of using a blanket block on a certain categories, other than obvious ones like 'Porn' or 'Hacking', it is best to manually allow or disallow certain websites which are often requested by Internet user.
White List, Black List and Grey List can be fine tuned at Security >> Gateway Antivirus >> Web Filter Groups >> Edit the Web Filter Group you need to tune the content scanner for.