Below is a list of videos about WFilter in youtube.
Filtering by IP address and MAC address is enough for most networks. However, in networks with dynamic IP addresses or BYOD networks, you may not identify clients by IP or MAC. In this case, AD integration is a widely adopted solution for internet content filtering.
1. AD Integration in “WFilter Enterprise”.
More details can be found at: Active directory Integration of WFilter Enterprise
2. WFilter NG Firewall
With WFilter NG Firewall, not only you can do “AD integration”, you also can add “Local accounts” for monitoring, filtering and VPN access.
Torrent downloading can consume most of your bandwidth. It’s rather annoying for IT administrators.
With WFilter NG Firewall, you can detect torrent traffic, block torrent downloading and get bandwidth report of torrent traffic.
In this post, I will demonstrate the steps to block torrent in LAN network with WFilter NG Firewall. Please note that WFilter block torrent by protocol matching. So once you block bittorrent in WFilter, all other torrent clients, including bittorrent, utorrent, qtorrent will all be blocked.
3. Torrent clients being blocked.
Please note that all WFilter products can block torrent in Lan network. You may check other topics:
In a previous blog How to monitor internet bandwidth usage in lan network?, I introduced features and steps to monitor lan bandwidth with WFilter NG Firewall.
We have another windows software program named “WFilter Enterprise”, which also can monitor clients bandwidth in pass-by deployment. The WFilter pc do not need to be a gateway or network bridge, it can do internet monitoring and filtering through a mirroring port in your switch or router(passby deployment). With pass-by deployment, you don’t need to change network topology or add new hardware to deploy an internet content filter.
In this guide, I will demonstrate the bandwidth monitoring features of WFilter Enterprise 4.1.
2. Click bandwidth to get live connections of a client.
You also can terminate connections by clicking the red icon.
3. Bandwidth Report by protocols
The reports have pie, bar, line and data formats. You can do report by username, data, protocol name and protocol category.
4. Bandwidth Alert
Send an alert email when bandwidth threshold is reached.
Internet bandwidth is always not enough if clients in your network have unrestricted internet access. Torrent, downloading, online videos can eaisly consume most of your bandwidth.
As an IT administrator, to protect your internet bandwidth from being abused, you need to have full control of your network.
WFilter provides a total solution to monitor and manage internet bandwidth usage in lan network, with below features:
1. Monitoring live connections bandwidth
In “real-time bandwidth”, you can get a list of client devices, including IPs, MAC addresses, operator system and bandwidth rate. You also can get live connections of client devices.
2. Bandwidth shaper and priority optimize
A complete guide of bandwidth optimization can be found at here: WFilter NG Firewall bandwidth optimization solutions
3. Bandwidth usage reports
WFilter NG firewall needs to be deployed as gateway or network bridge of your network. If you prefer pass-by bandwidth monitoring solutions, please check: WFilter Enterprise.
A youtube video of internet bandwidth monitoring of WFilter Enterprise can be found at: How to monitor internet bandwidth usage on network?
WFilter NG firewall has a built-in group “punish group”. With this punish group, you can add clients to the penalty box for a period of time.
Please note, “punish group” is a virutal group, you also can add your own virtual group, eg: “expired users” or “trial users”…
1. Add a client into the punish group.
In realtime bandwidth, by click “kill” icon in “connections”, you can add a client into the punish group for a period of time. Your own virtual group will also appears here.
2. Clients in the punish group.
3. Remove a client from the penalty box
To remove a client from the penalty box, you can wait for punish timeout, or click “reset default” in “unblock and reset”.
4. Set “access policy” and “bandwidth” policy for the punish group.
In “Access Policy” and “Bandwidth”, you can set policy for the punish group. For example, set “bandwidth shaper” for “punish group” to have only 20kb download rate limit.
To get it working, you need to use the “ntdsutil” tool to modify “MaxPageSize”. The below screenshot demonstrates the steps to set “MaxPageSize” to 5000. No reboot is required. The new setting is applied after “commit changes”.
A more detailed step can be found at: https://support.microsoft.com/en-us/kb/315071
After enlarge the “maxpagesize”, WFilter is able to sync AD users.
Nowadays, most business networks provide WiFi service. However, WiFi makes it more difficult for IT administrator, as described in below:
- Much more devices in network.
- Various operation system(IOS, Andriod, Windows).
- Most wifi clients have dynamic ip addresses.
- Can not distinguish pc and mobile phone.
- Can not identify mobile users.
WFilter can help you to override these issues, and get your WiFi network manageable.
1. Identity Client Operation System
In “realtime bandwidth”, “online users” of WFilter, you can get a clients list, with IP, MAC, OS…
2. Various Authentication Solutions
3. Blocking, filtering and recording
You can set internet access policy by IP addresses, MAC addresses and usernames. In a DHCP network, you can set policy based on MAC addresses, so changing of IP has no influence.
In the recording feature of WFilter, you also can track internet usage( web activities, email activies) of Wi-Fi clients. Even mobile phone brand and model can be detected.
WFilter extentions also help for WiFi network mangement. For example:
- Network clients scan extension: scan the list of network clients.
- Nat discover: discover clients who are sharing their internet.
In general, we recommend:
- a). Reasonable network topology, separate IP ranges of PC and WiFi.
- b). IP bindings to WiFi clients or enable user authentication. Unauthorized access shall be forbidden.
- c). Use “nat discover” extension to forbid internet sharing.
Facebook Wi-Fi lets customers check in to participating businesses on Facebook for free Wi-Fi access. When people check in to your Page, you can share offers and other announcements with them. Official Facebook Wi-Fi guide can be found at here.
A recent update of WFilter NG firewall added support of “Facebook Wi-Fi”. Together with “wechat WiFi”, WFilter provides a solution for social network marketing of your business.
This post demonstrates the steps to enable “Facebook Wi-Fi”.
1. Add a local user for facebook checkin.
2. Enable “Facebook Wi-Fi” in “Web Auth”->”Thirdparty Auth”.
3. Click “Register Facebook Page” to associate WFilter with your business facebook page.
4. Now client devices will be redirected to the login page.
On visits to http webpage, clients will be redirected.
5. Click “check in“ to continue web browsing.
A more detailed guide can be found at here: Webauth of WFilter NG Firewall.
An email client receives emails via POP/IMAP protocols, sends emails via SMTP protocol. In today, SSL encryption is widely used for email clients. There are two kinds of SSL encryption: “SSL Connection” and “STARTTLS”.
WFilter Enterprise is an internet content monitoring and filtering software program, which can monitor a whole network from one pc, without the need to install any client agent.
With WFilter, you can monitor employee emails usage of plain SMTP/POP/IMAP.
1. Click “Emails” number in “Online Users”.
2. You will see a list of sent/received emails.
Click the “Subject” link will be able to check the email content.
3. Query email history in “Query History Logs”.