Content Filtering and Blocking Page 111
• Known Fraudulent Certificates
Digital certificates help verify that Web content and files originated from an authorized party.
Enabling this feature protects users on the LAN from downloading malicious programs
warranted by these fraudulent certificates. If digital certificates are proven fraudulent, then the
SonicWALL blocks the Web content and the files that use these fraudulent certificates.
Known fraudulent certificates blocked by SonicWALL include two certificates issued on January
29 and 30, 2001 by VeriSign to an impostor masquerading as a Microsoft employee.
• Access to HTTP Proxy Servers
When a proxy server is located on the WAN, LAN users can circumvent content filtering by
pointing their computer to the proxy server. Check this box to prevent LAN users from accessing
proxy servers on the WAN.
• Don’t Block Java/ActiveX/Cookies to Trusted Domains
Select this option if you have trusted domains using Java, ActiveX, and Cookies. To add a trusted
domain, enter the domain name into the Add Trusted Domain field. Click Update to add the
domain to the list of trusted domains. To delete a domain, select it from the list, and then click
Delete.
Trusted Domains
Trusted Domains can be added in the Restrict Web Features section of the Configure tab. If you trust
content on specific domains, you can select Don’t block Java/ActiveX/Cookies to Trusted Domains
and then add the Trusted Domains to the SonicWALL. Java scripts, ActiveX, and cookies are not
blocked from Trusted Domains if the checkbox is selected.
Message to display when a site is blocked
When a user attempts to access a site blocked by the Websense Enterprise Content Filter List, only
Websense Enterprise messages are displayed in the browser. If the Websense Enterprise Content
Filter List server is unavailable, the default SonicWALL message is displayed.