• HOME
• PRODUCTS
• CyBlock Proxy
• Filtering
• Reporting
• Technical Specs
• Price Quote
• FAQs
• Cyfin Proxy
• Reporting
• Technical Specs
• Price Quote
• FAQs
• Cyfin Reporter
• Reporting
• Technical Specs
• Price Quote
• FAQs
• CyBlock ISA
• Filtering
• Reporting
• Technical Specs
• Price Quote
• FAQs
• COMPANY
• Customers
• Partners
• WaveNews
• RESOURCES
• White Papers
• Case Studies
• Industry News
• SUPPORT
• CyBlock Proxy
• FAQs
• Forum
• Documentation
• Downloads
• Cyfin Proxy
• FAQs
• Forum
• Documentation
• Downloads
• Cyfin Reporter
• FAQs
• Forum
• Documentation
• Downloads
• CyBlock ISA
• FAQs
• Forum
• Documentation
• Downloads
• CONTACT US

Technical Specs

Web filter plug-in for Microsoft ISA Server.

Use the links below to find out how CyBlock ISA Web filter fits into your network.

• Network Configuration
• OS Requirements
• ISA Server 2004 and 2006 Compatibility
• ISA Server 2000 Compatibility

Network Configuration

 

CyBlock ISA plug-in installs directly on Microsoft ISA Server, monitoring user activity, filtering access to the Web sites or categories of sites you specify, and generating categorized reports on user activity.

OS Requirements

The supported operating systems for CyBlock ISA Web filter are shown below. Please click on the links for recommendations and details.

Minimum Requirements

• Processor: 2.0 GHz
• Memory: 512 MB RAM
• Hard Disk: 200 MB free disk space
• Browser: Internet Explorer version 6.0 or higher, Mozilla Firefox 1.0 or higher, Netscape 7.0 or higher. Test your browser for compatibility.

Supported Operating Systems

• Windows Server 2003,2000

ISA Server 2004/2006 Compatibility

CyBlock Web filter is designed to work with ISA Server 2004/2006.  Your CyBlock ISA system can be configured in two ways:  as an on-box solution (required for filtering) and optionally, as an off-box solution (to assume reporting duties).

Below, please examine the diagrams depicting how CyBlock integrates with ISA Server 2004/2006.  Also please view our recommendations for product configuration.  This information is designed to help you have seamless, trouble-free use of CyBlock ISA.

• CyBlock ISA installed directly on ISA Server 2004 or 2006 ("on-box")
  • Logfile Setup
  • Configuration Notes
• CyBlock ISA installed on an additional server for reporting purposes only (optional)
  • Logfile Setup
  • Configuration Notes

CyBlock ISA installed directly on ISA Server ("on-box")

NOTE:   CyBlock ISA must be installed on your ISA Server to filter Web browsing.  Other off-box options are discussed later on this page.

Logfile Setup

NOTE:  One of the following four "logfile types" needs to be configured in the CyBlock ISA browser interface.

 

MSDE database configuration:

Logfile Type:  Microsoft ISA Server (MSDE database)

Default Directory:  C:\Program Files\Microsoft ISA Server\ISALogs

NOTE:  A few simple steps are required to set up communication between the product and your MSDE database.  These instructions appear after you select "Microsoft ISA Server (MSDE database) as your logfile type in the product (begin with Logfiles - Setup screen). 

NOTE ABOUT PRIOR RELEASES:  MSDE-formatted data no longer needs to be extracted to ASCII text files for this product to use.  However, if you were using that method (previously required when using MSDE data in past versions of our product), upgrades are backwards-compatible and you do not have to change your processes. You could simply create a new configuration if you want to stop converting MSDE data to text, while still maintaining your older "text" configuration as well.

 

SQL database configuration:

Logfile Type:  Microsoft ISA Server (SQL database)

Default Directory:  (none)

NOTE:  Some configurations are necessary so that the product can access the SQL database and read it.  Follow the onscreen instructions provided when configuring this type of data source in the product (begin with Logfiles - Setup screen).

 

ISA Server Format configuration:

Logfile Type:  Microsoft ISA Server (ISA Server Format)

Default Directory:  C:\Program Files\Microsoft ISA Server\ISALogs

NOTE:  ISA Server Format uses local time for data record time stamp.

 

Extended Format configuration:

Logfile Type:  Microsoft ISA Server (Extended)

Default Directory:  C:\Program Files\Microsoft ISA Server\ISALogs

NOTE:  ISA Extended format uses GMT time (this is set by the ISA server and is not configurable).

 

Configuration Notes

ISA 2004 and 2006 Requirements:  No Service Pack required.

Set Service Account: 

1. On your ISA Server, open Services.
2. Double-click on Microsoft Firewall to display its properties.
3. On the Log On tab, choose Local System Account.
4. Click Apply and Ok to save changes.
5. Restart the Service to put changes into effect.

Configure Web proxy logging:

With ISA 2004/2006, information is logged to an MSDE database by default.  This product can also read SQL Server data.  A few simple steps are required - and described - in the Logfiles - Setup wizard when you select "Microsoft ISA Server (MSDE database)" or "Microsoft ISA Server (SQL database)" as your logfile type. If you plan to use either of these, steps 1-10 below are unnecessary.

NOTE:  These steps below are only pertinent to the 'Standard' and 'Extended' logfile configurations mentioned above.

To change Web proxy logging to the standard file type (non-MSDE), here are detailed instructions:

1. On your ISA Server, open the ISA Server Management console and expand the server name.
2. Click on Monitoring node in the left pane of the console.
3. On the Monitoring node, click the Logging tab in the middle pane.
4. Click on the Tasks tab in the right pane.
5. Click the Configure Web Proxy Logging link.
6. Select log storage format File (do not select database).
7. In the format drop down menu select ISA Server file format.
8. Click "Apply."
9. Click "OK."
10. To save these changes please click "Apply" on the top of the middle pane.

Filter Setup:  Setting up filtering in CyBlock for ISA Server is a simple process, explained with the following steps: 

NOTE:  These steps should be performed regardless of which data type you plan to use in the product.

1. In the CyBlock ISA browser interface, go to the Setup-Filtering screen.
2. Choose the type of user ID to use in CyBlock filtering (e.g., Login Name, IP Address, or Login Name/IP).
3. Choose how CyBlock will respond when Login Name has been chosen as the ID type, but a login name is not present in the data.  If you check the Block anonymous users check box, CyBlock will block all requests that don't have a login name.  If you do not select the check box, CyBlock will allow all requests that don't have a login name.

Configure Integrated authentication for outbound Web requests    *(Optional, recommended)*

It is recommended that you configure Integrated authentication for the users on your network, as it will provide seamless Internet browsing (e.g., no 'popup' messages requiring a login and password will appear) for Internet Explorer browsers.  To do this, follow these steps: 

1. On your ISA Server, start the ISA Server Management tool.
2. Expand Server Name, expand Configuration, and then click on Networks.
3. Right-click the network that listens for the outbound Web requests and then click Properties.  For example, to configure authentication for users who are connected to the internal network, right-click Internal, and then click Properties.
4. Click the Web Proxy tab, and then click the Authentication button.
5. Click to select the Basic check box, then click to select the Integrated check box.
6. Click to select the Require all users to authenticate check box.
7. Click OK to save changes and to exit.

CyBlock ISA installed on an additional server for reporting purposes only (optional)

NOTE:  CyBlock ISA can also be installed on another machine to handle reporting duties (the machine in the middle of the above diagram depicts this setup).  This is recommended due to the CPU usage required when running reports.  Simply put, it can be beneficial to have CyBlock ISA doing its filtering on your ISA Server, and its reporting functions on another machine.

Additionally, you can FTP the ISA Server logfiles to the second machine to help with ease of reporting.  The section below discusses "off-box" logfile options in more detail.

Logfile Setup

If CyBlock ISA is also installed "off-box" for reporting use, the logfiles need to be transferred to that box or put into a suitable location where CyBlock can read them.  This can be done in a few ways:

• Copy the logfiles to the second CyBlock machine's local drive (this is what we recommend for best network performance).  To automate this process, you can create a script to copy the logs over at a specific time each day.
• FTP the logs over to the second CyBlock machine's local drive.   Again, this process can also be automated with scripts.
• Have the logfiles reside on a network drive.  NOTE:  CyBlock cannot browse the network in its default state.  For this logfile option to be successful, two things must be true: 
  • The network drive must be mounted on the network
  • The CyBlock Service logon account needs to be a domain account with administrative rights

Please see the section above for information about logfile setup, keeping in mind that the directory path for logfiles might be different in an "off-box" solution.

Configuration Notes

NOTE:  The filtering piece of the product will not function on a machine other than the ISA Server, but reporting will work normally.  Simply use the "off-box" installation of CyBlock ISA to run reports (and possibly store logfiles).

ISA server 2000 Compatibility

CyBlock Web filter is designed to work with ISA Server 2000. Your CyBlock ISA system can be configured in two ways:  as an on-box solution (required for filtering) and optionally, as an off-box solution (to assume reporting duties).

Below, please examine the diagrams depicting how CyBlock integrates with ISA Server 2000.  Also please view our recommendations for product configuration.  This information is designed to help you have seamless, trouble-free use of CyBlock ISA.

• CyBlock ISA installed directly on ISA Server 2000 ("on-box")
  • Logfile Setup
  • Configuration Notes
• CyBlock ISA installed on an additional server for reporting purposes only (optional)
  • Logfile Setup
  • Configuration Notes

CyBlock ISA installed directly on ISA Server 2000 ("on-box")

NOTE:  CyBlock ISA must be installed on your ISA Server to filter Web browsing.  Other off-box options are discussed later on this page.

Logfile Setup

Recommended configuration:

Logfile Type:  Microsoft ISA Server (ISA Server Format)

Default Directory:  C:\Program Files\Microsoft ISA Server\ISALogs

NOTE:  ISA Server Format uses local time for data record time stamp.

 

Alternate configuration:

Logfile Type:  Microsoft ISA Server (Extended)

Default Directory:  C:\Program Files\Microsoft ISA Server\ISALogs

NOTE:  ISA Extended format uses GMT time (this is set by the ISA server and is not configurable).

 

Configuration Notes

ISA 2000 Requirements: ISA Service Pack 1 corrects a log file problem for the reporting piece of the product.  You can download the ISA Service Pack 1.

Filter Setup:   Setting up filtering in CyBlock for ISA Server 2004 is a simple process, explained with the following steps:

1. In CyBlock ISA, go to the Setup-Filtering screen.
2. Choose the type of user ID to use in CyBlock filtering (e.g., Login Names, IP Addresses, or Login Name/IP).
3. Choose how CyBlock will respond when Login Name has been chosen as the ID type, but a login name is not present in the data.  If you check the Block anonymous users check box, CyBlock will block all requests that don't have a login name.  If you do not select the check box, CyBlock will allow all requests that don't have a login name.

Configure Integrated authentication for outbound Web requests    *(Optional, recommended)*

It is recommended that you configure Integrated authentication for the users on your network, as it will provide seamless Internet browsing (e.g., no 'popup' messages requiring a login and password will appear) for Internet Explorer browsers.  To do this, follow these steps:

1. Start the ISA Server Management tool.
2. Expand Servers and Arrays.
3. Right-click the network Server that listens for the outbound Web requests, and then click Properties. 
4. Click the Outgoing Web Requests tab.
5. Highlight the Server displayed in the box, and click the Edit button.
6. Click to select the Integrated checkbox. 
7. Click OK to save changes and to exit.

NOTE:  To completely authenticate all browsers, check both the Integrated checkbox and the Basic with this domain checkbox, making sure to select the domain for the latter if necessary.

CyBlock ISA installed on an additional server for reporting purposes only (optional)

NOTE:  CyBlock ISA can also be installed on another machine to handle reporting duties (the machine in the middle of the above diagram depicts this setup).  This is recommended due to the CPU usage required when running reports.  Simply put, it can be beneficial to have CyBlock ISA doing its filtering on your ISA Server, and its reporting functions on another machine.

Additionally, you can FTP the ISA Server logfiles to the second machine to help with ease of reporting, or send the logfiles to a shared (mounted) network drive.

The section below discusses "off-box" logfile options in more detail.

Logfile Setup

If CyBlock ISA is also installed "off-box" for reporting use, the logfiles need to be transferred to that box or put into a suitable location where the additional CyBlock ISA box can read them.  This can be done in a few ways:

• Copy the logfiles to the second CyBlock machine's local drive (this is what we recommend for best network performance).  To automate this process, you can create a script to copy the logs over at a specific time each day.
• FTP the logs over to the second CyBlock machine's local drive.   Again, this process can also be automated with scripts.
• Have the logfiles reside on a network drive.  NOTE:  CyBlock cannot browse the network in its default state.  For this logfile option to be successful, two things must be true: 
• The network drive must be mounted on the network
• The CyBlock Service logon account needs to be a domain account with administrative rights

Please see the section above for information about logfile setup, keeping in mind that the directory path for logfiles might be different in an "off-box" solution.

Configuration Notes

NOTE:  The filtering piece of the product will not function on a machine other than the ISA Server, but reporting will work normally.  Simply use the "off-box" installation of CyBlock ISA to run reports (and possibly store logfiles).

legal disclaimer   |   privacy statement   |   © Copyright 1996-2008 Wavecrest Computing. All rights reserved.