Category Archives: Deployment

Deployment of WFilter NG Firewall

Difference between WSG appliance models

WSG(WFilter Security Gateway) appliance has two series of models: professional and enterprise. For example, WSG-100P means WSG professional for 100 users; while WSG-100E means WSG enterprise for 100 users.
WSG enterprise has full the features of WFilter NG firewall. Compare to WFilter enterprise, WSG professional is lack of some enterprise-level features: “Internet Usage”, “AD Integration”, “ISP”, and “Hot Standby”.

Hardware difference

Since WSG professional does not record internet usage which requires a lot disk space, WSG professional appliance only have a small harddisk(8GB) for reports only. And the RAM is also less.

WSG professional and WSG enterprise have the same box appearance.

Software difference

WSG professional has no “Internet Usage”, “AD Integration”, “ISP Management”, and “Hot Standby”. Other features are all the same. Please check the screenshots.

usage

ad_integration

Isp user01.png

 

So in case you don’t need usage recording and other enterprise-level features, you can choose WSG professional, which is much more cost-effective.

WFilter NGF vs. open source firewall systems.

There are dozens of open source firewall systems to download. Some are complete free, some provides limited free features. Does “free” sound attractive? but they have dis-advantages. In this post, I would like to discuss the comparsion of WFilter NGF with open source firewall systems.

Disadvantages of open source firewalls

  1. Limited features. Most open source firewalls does not have other enterprise-level features, such as “ usage recording/reports” , “domain integration”…
  2. Lack of support. Most systems only have forum support, unless paid.
  3. Slow response. Bugs may need months to be fixed.

Comparison

WFilter NGF is designed for business networks, with a lot enterprise-level features. In case you want a free solution, open source firewalls can help. However, if you need more features and better support, you’d better choose some commerical products. Below is a list of WFilter NGF advantages comparing to open source firewalls:

  1. Designed for business networks.
  2. Enterprise-level features: usage recording, powerful report system, AD integration…
  3. 7 * 24 dedicated support via email/phone/skype/teamviewer.
  4. Faster response. Improvements and bugs will be fixed ASAP.

WFilter NGF vs. internet filtering appliances.

Internet filtering appliances(UTM) are very popular in business networks. In this article, I would discuss the difference of WFilter NGF with internet filtering appliances.

Comparing to WFilter NGF, appliances are easier to be deployed. You don’t need to install the system by yourself.

Advantages of appliances

  1. Easier to be deployed.
  2. No hardware compatiablity issue.

Disadvantages of appliances

  1. Most appliances can only work for 2-3 years.
  2. Bad expansion. In case you have more network clients, you need to buy new appliances.
  3. Very expensive. Even upgrade is not free.

Comparison

Despite of the above disadvantages, Internet filtering appliances are ideal for business network security.  With WFilter NGF,  you need to test hardware and install the system by yourself. However, it also has below advantages:

  1. You can DIY your own appliance.
  2. License is upgradable and movable.
  3. Free upgrade for lifetime.
  4. Most cost-effective.

So if you like WFilter NGF features, or prefer a more cost-effective solution, please choose “WFilter NG firewall”.

WFilter ICF vs. proxy-based internet filtering solutions

Proxy-based internet filtering solution requires you to setup a proxy server, either transparent or non-transparent, then you can setup policies to filter web access. There are a lot open source or free products. This solution has below advantages and disadvantages.

Advantages:

  1. Free or open source.
  2. Can filter websites.

Disadvantages:

  1. Most are linux-based. You need a linux pc to setup the proxy.
  2. No support.
  3. Less features. Only for domain filtering.
  4. Add network latency.

Comparison

Proxy-based internet filtering solution is similar to the “website black list” in your router/firewall. If you only need to block some sites, it’s an option.

With WFilter ICF, you will get:

  1. Enterprise-level internet monitoring and filtering features.
  2. Dedicated support.
  3. No influence to network performance.
  4. Easier to be deployed.

WFilter ICF vs. internet filtering appliances

With rich enterprise-level features, internet filtering appliances(UTM) are very popular in business networks. In this article, I would discuss the difference of WFilter ICF internet content filtering solution with internet filtering appliances solutions. Internet filtering appliances have below advantages and disadvantages.

Advantages:

  1. More features. UTM appliances integerate more features, including web filter, VPN, firewall, anti-virus…
  2. Easier to be deployed.

Disadvantages:

  1. Most appliances can only work for 2-3 years.
  2. Bad expansion. In case you have more network clients, you need to buy new appliances.
  3. Very expensive. Even upgrade is not free.

Comparison

Despite of the above disadvantages, Internet filtering appliances are ideal for business network security.  Though it is more difficult to be deployed with less features, WFilter ICF software also has below advantages:

  1. Software solution without additional device, can be deployed with minimal change to network topology.
  2. License is upgradable and movable.
  3. Free upgrade for lifetime.
  4. Most cost-effective.
  5. If you prefer UTM solutions, please also check our: WFilter NG firewall.

WFilter ICF vs. dns internet filtering solutions

DNS internet filtering solution provides you a configurable dns server. Dns query to a blocked domain will be redirected to a denial page. This solution has below advantages and disadvantages.

Advantages:

  1. Easier to be deployed. You only need to change your dns server to get filtered.
  2. Can filter domains via a black list or url category.
  3. Can provide usage history and reports.

Disadvantages:

  1. The filtering dns server may not be as fast as public domain servers.
  2. Clients can break filtering by modifying dns servers.
  3. All clients can only share a same blocking policy.
  4. Can not block applications.
  5. Can only record dns query quest. No bandwidth reports or visited url reports.

Comparison

Compared to this internet filtering solutions, WFilter ICF is more difficult to be deployed. However, WFilter is much more powerful:

  1. When pass-by deployed, WFilter has no influence to your network performance.
  2. Client can not bypass filtering because WFilter inspects all network packets.
  3. You can set individual blocking policy for each client.
  4. More filtering features, including web filtering, web downloading blacklist, url keywords filtering, application control, ip-mac binding…
  5. More monitoring features and reports. WFilter can record visited domains, url, bandwidth… You can get various reports and statistics.

So if you only need to filter some domains or categories for the whole network, dns filtering would be a good choice. If you need more detailed reports or more dedicated blocking policy, WFilter ICF can be more helpful.

 

 

WFilter ICF vs. client & browser plugin internet filtering solutions

Client or browser plugin internet filtering solutions require you to install a client agent or browser plugin in client pc to filter websites. This solution has below advantages and disadvantages.

Advantages:

  1. Easier to be deployed. You can install client agent or plugin instantly.
  2. Can block domains or filter websites via cloud-based url category database.

Disadvantages:

  1. Can not filter smart phones internet access.
  2. Need to be installed in every client pc.
  3. Clients can break filtering by changing browser, or killing the agent process.

Comparison

Compared to this internet filtering solutions, WFilter ICF is more difficult to be deployed. However, WFilter is more powerful and easier for maintaince:

  1. WFilter can filter the whole network by one installation.
  2. All type of clients can be filtered, including smartphone, andriod, mac, windows, linux.
  3. No client installation is required.
  4. More features: internet usage monitoring and reporting, application control, web filter…

So, for personal/family usage, client & browser plugin web filtering solution might be a good choice. But when you need to manage a business network, WFilter ICF provides a better solution.

WFilter Pass-by deployment for multiple VLANs network.

WFilter Enterprise( WFilter internet content filter) supports monitoring and filtering of multiple VLANs clients from a central WFilter pc.

Below is the deployment diagram:wfilter-vlan

Please note:

  1. The WFilter pc shall have two network cards.
  2. NIC1 shall be connected to the mirroring port.
  3. NIC2 shall be connected to the management VLAN, which can communicate with other VLANs.
  4. The mirroring port shall be configure to monitor the uplink port. (Connected to the up-layer router or firewall)

In WFilter, you also need to setup the “mirroring adapter” and “blocking adapter” in “System Settings”->”Monitoring Settings”. The mirroring adapter shall be the adapter connected to the mirroring port, while the blocking adapter shall be connected to the management VLAN.

 

WFilter added “Email Notification” in the ISP module.

The ISP module of “WFilter NG firewall” designed for ISPs to manage users and bandwidth plans.

Beside “user web portal”, a recent update of “WFilter NG Firewall” added “Email Notification” feature. So users can get email notification of their bandwidth usage.

isp_emai_notification

As shown in the above diagram, you can set different email alert frequency for “valid users” and “cap exceeded users”, with different email contents.

This feature will be helpful for ISPs who prefer use email alert rather web portal.

WFilter email monitoring solutions for business networks.

Many users asked about email monitoring and recording features of WFilter. Actually, WFilter, including “WFilter Enterprise” and “WFilter NG firewall”, all are able to record SMTP, POP3, IMAP and web-based emails on network. However, there are some limitations of this feature.

This post will discuss WFilter’s email monitoring features and solutions.

1. Monitoring of email clients

An email client receives emails via POP/IMAP protocols, sends emails via SMTP protocol. In today, SSL encryption is widely used for email clients. There are two kinds of SSL encryption: “SSL Connection” and “STARTTLS”. With WFilter, you can:

  • Monitoring emails via plain SMTP/POP/IMAP.
  • Email attachments can also be recorded.

For SMTP/POP/IMAP over SSL, you have two solutions:

Solution 1: block SSL email connections to force email clients using plain email protocols.

block_ssl_mail_en

When blocking is applied, email clients need to be re-configured to disable SSL encryption.

block_ssl_mail_en2

Solution 2: Enable “SSL Email Inspection” with “WFilter NG Firewall”.

This feature can intercept SSL connections and record SSL emails. However, “STARTTLS” still can not be recorded, even “SSL Email Inspection” is enabled. Please check: SSL Email Inspection

2. Monitoring of Web Emails

Web email means receiving and sending emails within a web browser. Please note that web emails received can not be recorded, while http outgoing emails can be recorded by WFilter. Please note:

  1. Outgoing http web emails can be recorded.
  2. Https web emails can not be recorded.
  3. Not all http attachments can be recorded. It depends on the uploading protocol.
  4. For http web emails not recorded, you may contact us for a web email format upgrade.