Amer Networks E5Web GUI User Manual

Dynamic WCF Databases

cOS Core Dynamic WCF allows web page blocking to be automated so it is not necessary to
manually specify beforehand which URLs to block or to allow. Instead, Clavister maintains a
global infrastructure of databases containing huge numbers of current web site URL addresses
which are already classified and grouped into a variety of categories such as shopping, news,
sport, adult-oriented and so on.

The Dynamic WCF URL databases are updated almost hourly with new, categorized URLs while at
the same time older, invalid URLs are dropped. The scope of the URLs in the databases is global,
covering websites in many different languages and hosted on servers located in many different
countries.

Note: Dynamic WCF database access uses TCP port 9998

When cOS Core sends a query to the external WCF databases, it sends it as a TCP request
to the destination port 9998.

Therefore, any network equipment through which the request passes, including other
security gateways, must not block TCP traffic with destination port 9998.

If the equipment through which the message passes is another Clavister Security
Gateway, an IP rule with the action Allow should be created along with a custom service
that is then associated with the rule.

Dynamic WCF Processing Flow

When a user of a web browser requests access to a web site, cOS Core queries the Dynamic WCF
databases in order to retrieve the category of the requested site. Access to the URL can then be
allowed or denied based on the filtering policy that the administrator has put in place for that
category.

If access is denied, a web page will be presented to the user explaining that the requested site
has been blocked. To make the lookup process as fast as possible cOS Core maintains a local
cache in memory of recently accessed URLs. Caching can be highly efficient since a given user
community, such as a group of university students, often surfs to a limited range of websites.

Chapter 6: Security Mechanisms

448