Wavecrest Computing — CyBlock Web Security Appliance

CyBlock Appliance Support FAQs

Answers to common questions users have regarding CyBlock Appliance.

Q1.  When connecting to the browser interface, I am prompted for a login and password. What is the default login and password?
A1.  login:  admin  password:  password

Q2.  How do I know that CyBlock Appliance filtering is functioning?
A2.  Go to the Administration - System Information - Filter Status screen. It should have green text indicating that the filtering status is OK. If it is red and states that the filter status is in an error state, contact Wavecrest Technical Support by phone at 321-953-5351, Ext. 4, or by e-mail at support@wavecrest.net.

Q3.  My network is not functioning properly, and I want to eliminate CyBlock Appliance as the culprit. How do I take the appliance out of the loop and still have Internet connectivity? 
A3.  If your appliance is "inline" please do the following:

1.  Disconnect the network cables going into the appliance's LAN1 and LAN2 ports, and physically move the appliance out of the way.
2.  Plug a single network cable from the firewall into the main network hub, effectively returning to a pre-appliance state.
3.  In your Windows Active Directory, if you had users set up by GPO to use the appliance as a proxy, change the GPO setting to go direct for the time being.

If you are simply using CyBlock Appliance as an HTTP Web proxy, you only need to perform step 3 above.

CyBlock is completely disassociated from your network in any way now. If your issues persist, CyBlock is not the cause. If your symptoms disappear, please contact Wavecrest Support directly at 321-953-5351, Ext. 4.

Q4.  How can I account for my laptop users who sometimes work remotely? If they are out of the office, can they get to the Internet without changing their browser settings?
A4.  Yes. You can use a proxy.pac file, and push out an appliance setting to all users' browsers. When a laptop user who is out of the office opens the Internet browser, it will try to reach the Internet through the appliance first, but will go direct when the appliance is not found in a few seconds. The proxy.pac file is automatically created in the appliance to make implementation easier for you. Simply go to the Setup - Browsers screen of CyBlock Appliance for easy-to-follow instructions.

Q5.  Can CyBlock Appliance import users from Active Directory?
A5.  Yes. You can set up multiple Active Directory configurations in the appliance, and schedule imports to occur. The Cyfin application also contains this same feature, and if you are using it for reporting, we recommend setting up Groups and IDs identical to the appliance (this setting is currently not synchronized between the two products).

Q6.  How are users authenticated using CyBlock Appliance?
A6.  There are two types of Internet traffic that CyBlock Appliance authenticates: Web traffic and Protocol traffic. Authentication for Web traffic is possible by simply pointing users' browsers through the appliance. In order to authenticate Protocol traffic, a CyBlock Client piece must be installed on each user's computer. Both types of authentication match up with the user names you have imported from Active Directory or that you have manually put into the product.

Both settings can be applied by GPO via Active Directory. The client piece can also be installed on all computers at once via PsExec. Please contact Support if you need help with these settings.

Q7.  Who are the "default" users, i.e., "noclient," "firewall," etc., that I see in the CyBlock Appliance's VIP group? 
A7.  The IDs noclient, firewall, system, and bypassed are put into the VIP group by default to account for the situations explained below which may arise with appliance use.

Noclient - This ID will display for any PCs that do not have the CyBlock Client piece installed and/or running.

Firewall - This ID is in place to account for PCs using a personal firewall. If this user is being seen in the Protocol Monitor, and the computer has the CyBlock Client running on it, then the CyBlock Client should be put into that computer's firewall exceptions list.

System - When an application being run is owned by the system and not by the user name, this ID will appear.

Bypassed - This ID is in place where user name authentication is unavailable. The appliance will allow communication to continue, using bypassed temporarily until authentication is made.

Q8.  Can I run reports on Instant Messaging use or other protocol usage?
A8.  At this time, protocol traffic can be seen in real time on the Protocol Monitor. It can also be logged, but not reported on in the 'classic' sense. HTTP Internet traffic can be reported on comprehensively and also viewed in real time via the Web Monitor.

Q9.  Is there any way to exclude users from being blocked? 
A9.  Yes. There are two ways to do this. You can either create your own exclusionary Web and protocol policies for those users, or move them into the VIP group. The default Web and protocol policies for the VIP group are "Allow All." Users in the VIP group will also be excluded from reports. Note:  If you plan to use the VIP group and import users into the product from Active Directory, make sure that on the Advanced Settings - Groups and IDs - Setup screen, you have "Inside the Product" selected.

Q10.  How does CyBlock Appliance block real-time protocol traffic and applications?
A10.  The appliance has a "protocol analyzer" built-in, and when used in conjunction with the CyBlock Client piece, it can very effectively filter by user name. It sees the information in packets passing through it, and the protocol analyzer enforces filter policies based upon the protocol identifiers and user names it is seeing.

© Copyright 1996-2024 Wavecrest Computing. All Rights Reserved.
Wavecrest Celebrating 25 years
Wavecrest Cyfin CyBlock Facebook Wavecrest Cyfin CyBlock Twitter Wavecrest Cyfin CyBlock Linkedin Wavecrest Cyfin CyBlock YouTube Wavecrest Cyfin CyBlock Knowledge Base
LEGAL PRIVACY | © Copyright 1996-2024 Wavecrest Computing. All Rights Reserved. | 321-953-5351