Released: January 3, 2019
This patch updates the blacklists. We also added full https filtering of pages and urls via deep SSL inspection or Man in the middle inspection.
NOTE: For full https filtering of pages, including URLs, you will have to generate a certificate on the NetSentron and then install it on ALL client devices. If you have active directory, then a policy can be set up to install this certificate.
If you just wish to block https pages and/or want to force safe search for search engines, then you must configure the proxy on each device. The NetSentron has a wpad.dat/proxy.pac file on it that will automatically adjust client devices to use the proxy settings for the NetSentron. Otherwise you can manually tell your client to connect to the wpad file on the NetSentron. It is located at http://[green_address]/wpad.dat
[green_address] would be replaced by the actual LAN address of your NetSentron
NOTE: because of how the https protocol works, we can not provide a Denied Page when a site is blocked. We can only provide a Denied Page if the full https filtering is enabled.
How does the man in the middle (deep ssl inspection) work and why does it need a certificate?
When someone types in a url into their browser, the NetSentron analyzes it, determines if it is an https site and if so, it goes out and fetches the contents of the page. It then decrypts this information so that it can analyze it like an http page. Normally the NetSentron would grab the https page and forward it on to the client as per https protocol. Note: by enabling this mode, you are breaking the https protocol.
Once the page is decrypted, if it passes the usual tests for banned words, banned urls, etc, the NetSentron then encrypts the page using a certificate built on the fly by the NetSentron. It is because of the encrypting part of things that you need to have a ROOT authority certificate added to clients. This then allows clients to accept the encrypted pages from the NetSentron.
Comments are closed.