iSentryII frequently asked
questions.
What is iSentryII Content Filtering Software Suite?
iSentryII Content Filtering Software Suite is a fully
integrated package which includes its own hardened Linux distribution, IP tables firewall,
content filtering application program and blocking database. The software can be installed
on any standard PC with a minimum CPU speed of 500 MHz, 128 MB DRAM, CD-ROM drive and two
Ethernet NICs (10/100, Fiber, 1 GB etc depending upon your network's capabilities).
[return to top]
Is there a license agreement and extra charges based on the number of users?
The iSentryII software
does not have restrictions on the number of users or require per-seat-price adjustments.
[return to top]
How much time will be required to install and configure the iSentryII Software
Suite?
Typically the iSentryII Software Suite can be
installed on your dedicated PC in about 15 minutes.
[return to top]
Will iSentryII work with my existing firewall?
iSentryII can be installed next to or behind your
existing firewall. If iSentryII
is installed behind a firewall it will require permission to download database updates
using rsync.
[return to top]
How much time will I have to spend maintaining iSentryII?
iSentryII has been designed to require minimal
administrative time. With an annual subscription contract, all updates to the blocking
list occur automatically. Automated log and disk space management and reporting utilities
eliminate administrative chores. Maintenance is required only when you want to add new
users, change server configuration, or update software.
[return to top]
How are Web sites blocked?
Using the client’s IP address or user ID
iSentryII determines which categories will be blocked. iSentryII looks up the requested
URL in each of the applicable databases using high speed constant data bases. If the site
is listed in any of the categories (such as pornography or hate) the request is denied and
the user is notified. All requests are logged in the http access log. All blocked requests
are also logged in the http error log, showing the category responsible for the block.
[return to top]
How do you create your database of blocked Web sites?
The URL Content Filter database is maintained by
Firewall Servers and uses proprietary software tools that search the Internet looking for
new or updated sites that may contain material for each of the managed categories.
Additional software excludes legitimate sites from the database and removes redundancies.
[return to top]
How many Web site categories do you have?
The iSentry software provides 15
selectable content filtering categories. We have combined the dozens
of minor groupings used by some other approaches into these highly
relevant compilations. This provides the network administrator an
easily managed solution with optimum flexibility while maintain
filtering policy criteria integrity.
A
useful feature of iSentryII
is a category "trusted-only". This category blocks ALL sites except those
specifically added to this category. This feature is highly useful in school environments
where only specific sites are to be used. This is easily updated or changed as needed.
Additional sites can be added dynamically by businesses or schools as needed.
[return to top]
How many URLs do you block?
iSentryII blocks access to more than 200 million Web
pages.
[return to top]
Are Web sites blocked by keyword?
Yes and No. Keywords are searched as part of a
regular expression search and attempts to search for banned keywords on search engines are
blocked. Keyword-only approaches can produce very inaccurate results.
[return to top]
Do you block Web sites by IP address?
iSentryII uses both the full URL name and the IP
address. If the matching site on the list contains one or more path names then only the
data in the path(s) will be blocked. If no pathname is included the entire site is
blocked. This provides for maximum flexibility and precise control over all blocking. URL
based filtering is required to properly handle virtual Web site hosting. Since many ISPs
host multiple Web sites on the same server, products that block based only upon IP address
will incorrectly block every site on the hosted Web server, even though some sites do not
contain inappropriate content. Use of the IP address also prevents by passing the blocking
filter by entering the IP address rather than the host name.
[return to top]
Can iSentryII block all hosts from a single domain?
Yes. Some sites allow any host name to precede
their domain name making it difficult to block their site by host name, as any host name
will resolve to their server’s IP address. iSentryII defends against this clever ploy
that circumvents other blocking lists.
[return to top]
What happens if someone enters an IP address to access a site?
iSentryII automatically detects IP address entry and
properly handle them as if the site had been entered by URL name. This prevents a user
from bypassing a blocking list based only on hostname.
[return to top]
Can I provide a list of users that do not get blocked?
Yes. There are 5 groups which can be used to define
what access is available to the user base. The default setting has all users passing
through a "transparent" proxy and are filtered according to the rules chosen by
the policy. This requires NO changes to the existing user's workstation.
Selected users can be assigned to another group with different filtering criteria,
including NONE.
[return to top]
Can I Define a Private Access List?
Yes. The private access control facility restricts URL access
to a specified list of URLs. These can be easily be defined and maintained by the
Administrator.
[return to top]
Can an authorized user bypass the iSentryII filtering?
Yes. iSentryII has an optional "Bypass" feature which allows the user to access
the Internet unfiltered. This requires the user to obtain both a login name and password.
The default period for unfiltered access from this particular workstation is 1 hour but
can be changed by the administrator.
[return to top]
Can I add my own sites and site categories to iSentry’s database?
Yes. You can easily add sites to the iSentryII
database. You can also add your own categories, which can then be included in access
profiles just like iSentryII's pre-defined categories. Your site and category additions
are retained during iSentryII automatic database updates.
[return to top]
How often do I receive database updates?
Updates are automatically downloaded twice weekly
into your iSentryII. Updates are usually scheduled for early AM hours but can be scheduled
at a time that you choose.
[return to top]
How do I receive software updates?
As long as your have a current support license,
software updates will be automatically shipped to you. Updates can be applied while the
system is running without disrupting active users.
[return to top]
Does iSentryII offer reporting?
Yes. In addition to proactive filtering and blocking
of inappropriate Internet access, iSentryII provides full monitoring and logging of all
successful and unsuccessful Internet accesses. Even though access to disallowed Web sites and Internet services have
been successfully blocked, it can be very important to be able to analyze the
patterns of attempted access. This can be helpful as user feedback for corrective action
as well as documentation for disciplinary proceedings if necessary.
[return to top]
How do I administer iSentry?
iSentryII is administered through an ordinary
browser. Remote administration enforces strong user authentication to ensure only
authorized persons can administer the system. All transmissions are encrypted to keep
hackers from snooping.
[return to top]
How does the iSentryII appliance connect to my network?
An iSentryII based Content Filter appliance has dual
10/100Mbps network interface cards and is typically connected between your router and LAN.
Other connection options exist to meet special needs.
[return to top]
Will the iSentryII
appliance impact network performance?
iSentryII Content Filter based
filtering systems actually
improves network performance, by blocking unauthorized access to content that would
otherwise consume network resources. It also acts as a caching server and caches
frequently accessed pages and saves the round trip to the server. With the proper
hardware configuration, an iSentryII based Content Filter appliance is capable of
supporting more than 100 Megabits per second (Mbps). Throughput is equal to 60 T1 links.
[return to top]
