All internet packets are required for WFilter to parse network activities. However, the ESET personal firewall blocks non-local computer network packets by default. Therefore, when the ESET personal firewall is enabled, WFilter can not monitor itself computer because other computer's network packets are all blocked by ESET.

To make WFilter work with ESET personal firewall, you need to adjust the firewall settings.

The following example demonstrates how to configure ESET Smart Security 5.0:

1. Click "Setup" -> "Network" in ESET.

2. The filtering mode shall be "interactive filtering mode".

3. Click "Configure rules and zones..." to set the rules.

In "Toggle detailed view of all rules" view, click "new" to creat a new rule.

The new rule is set to allow all TCP&UDP traffic. All other rules shall be disabled.

1. Direction: Both
2. Action: Allow
3. Protocol: TCP & UDP
4. Profile: For every

4. In "Advanced Personal firewall setup..."

Uncheck "Check TCP connection status" in "Packet inspection" section of "IDS and advanced options".

Now your WFilter shall be able to work.

More information of disable ESET firewall, please check: http://kb.eset.com/esetkb/index?page=content&id=SOLN2113

Terminal Services allows IT departments to install applications on a central server. For example, instead of deploying database or accounting software on all desktops, the applications can simply be installed on a server and remote users can log on and use them via the network. This centralization makes upgrading, troubleshooting, and software management much easier.

However, since all terminal clients share the server's network, it becomes difficult to monitor/filter individual users internet usage because most internet monitoring/filtering products only monitor/filter internet activities based on ip addresses or MAC addresses.

From WFilter en.3.3.148 version, with WFilter proxy's "user authentication" feature, you are able to monitor terminal client users and set differnet internet policy for each user.

Please check details of this solution at: How to monitor terminal server users?

Sometimes you might want to block google mail(gmail) access in your network. This tutorial will guide to block gmail with WFilter.

Google mail( gmail ) supports vary kinds of access, including:

1. Web access via HTTPs protocol.
2. SMTP over SSL for sending emails.
3. POP over SSL for receiving emails.
4. IMAP over SSL for receiving emails.

So for complete blocking of gmail, you need to enable blocking of certain email protocols, and also need to enable "HTTPS black list" to block gmail web access.

1. Block SMTP/POP/IMAP over SSL

Enable blocking of "SMTP over SSL", "POP over SSL" and "IMAP over SSL" in certain blocking policy. These settings will block gmail access from email client programs.

2. Block gmail web access.

Enable "HTTPS black/white list", and choose "New" to new a list.

Add "mail.google.com" into the new HTTPs black list.

New gmail web access is also blocked.

Please notice: if gmail web page is already open before enabing of HTTPs black list, the current https session can not be blocked until restarting of your browser.

More information, please check "WFilter Enterprise".

Other related links:

How to block UDP ports in RRAS windows server 2003?
How to block internet downloading?
How to monitor internet usage on company network?
Internet monitoring software for business
How to filter web surfing?
How to block websites and restrict internet access?
How to block HTTPS websites on my network?

For pass-by monitoring and filtering, you need to setup a mirroring port in your switch. When port mirroring feature is enabled, the switch will replicate data from other ports onto a single port for monitoring purpose. Since the original packets will not be hold or delayed, port mirroring does not affect your network speed theoretically.

However, inproper port mirroring settings will cause heavy load in your switch and even cause packet loss.

So please consider the following points when configuring a mirroring port:

1. Do not mirror multiple ports to one port until necessary.
2. If it is required to mirror multiple ports, please make sure the total mirrored ports throughput will not exceeds the mirroring port throughput limit.
3. For WFilter, mirroring the internet port is enough. Usually, only the router/firewall port needs to be mirrored.
4. If your switch does not allow outgoing traffic on the mirroring port, or you're using WFilter to filter internet access for more than 50 computers, it is recommended to use two network adapters: one is for monitoring only, another one is for filtering.

How to check whether port mirroring settings are correct?
How to check whether a switch supports port mirroring?
Why a port mirroring switch is required to monitor my network?

The internet has been turned to an invaluable tool in business. However, the availability of internet currently has given an important risk factor to the employer liability and at the same time consumes the employers 90% of hours in productivity.

Therefore internet access shall be filtered and restricted to keep the working productivity of your employees.

There have several ways to filter internet access:

1. Setup an network internet filtering program. With a filtering program, you will be able to filter internet access of all computers in your network from ONE computer only. There have a lot such products in the market. For example, WFilter Enterprise, or Websense Enterprise are very helpful for you to filter internet access of network computers.

Passby internet filtering products usually require you to setup a mirroring port in a manageable switch. Setting up a mirroring port does no change to your network toplogly and it will not influence your network performance.

2. Setup ACL policy in your Router/Firewall/UTM. Firewall devices can enable you to block websites/ports/ip addresses. So you also can setup ACL rules in your firewall to block certain traffic. For more information about UTM solution, please visit http://www.astaro.com

3. Filter websites from the dns server. You may try "opendns" solution. Opendns solution is simple and easy to setup. However, with this solution, there can only have one policy for your entire network.

WFilter 4.0 version will be released soon after nearly two years development.

The new version made a lot improvement and optimization of current features. Also a series of new features are added, such as "WFilter Dashboard", "Central Management of WFilter servers", "WFilter Local Account", "Multi-adapter Monitoring", and several new alert types. Below is a brief introduction to these new features:

1. WFilter Dashboard

WFilter Dashboard allow you to check the monitoring status, log storage status, system warnings from a central dashboard.

2. WFilter Servers Management

This feature enables you to manage several WFilter servers from a central localtion.

3. Default IP Policy

The "Default IP Policy" feature enables you to set different policies to different ip ranges, when a new computer found it's default ip policy will be applied.

4. Search of Network Computers

You can use the "Search Computers" feature to search computers in your network. It's more convenient than the passive computer finding in the old version.

5. More Alert Types

More alert types are added: disk space alert, new computer alert, ip address changing alert...

6. More Powerful Account Monitoring

WFilter's "account monitoring" feature can integrate WFilter with your active directory. So you can deploy monitoring based on user accounts. The new version added "WFilter local accounts" feature. When you don't have an available active directory, you also can use "WFilter local account" feature to monitor/filter by user accounts.

6.1 Integrate Active Directory

6.2 WFilter local account

7. Multi-adapters Monitoring

WFilter 4.0 can support monitoring on multiple adapters to support complicated networkings.