browse
Overview
As part of our commitment to providing the best possible Internet security and filtering, we're excited to introduce a new category of content filtering to Umbrella: the Internet Watch Foundation (IWF).
The IWF is a UK-based charitable organization whose mission is the elimination of child sexual abuse images online. The IWF maintains a list of blocked web pages to prevent internet users from accidentally stumbling across child sexual abuse content. They supply partners with an accurate and current URL list to enable blocking of child sexual abuse content. Now Umbrella is adopting their list as a category that can be blocked in Umbrella. For more information about the work the IWF is doing, read here.
Understanding how to enable the IWF Category
The IWF's list is comprised of both domains and URLs. This means that some entries on the list can simply be blocked using our standard DNS-based block list technology, whereas the URL-specific blocks requires that Umbrella's intelligent proxy is enabled. In order to block all the sites contained within the IWF content category, you are required to enable the intelligent proxy within your policies.
The intelligent proxy is explained in more detail here; but in essence, it enables the ability to filter certain URLs as determined by our cloud-based proxy. By selectively and intelligently proxying certain traffic, we're able to easily filter the URL list from the IWF without slowing down or bottlenecking the speed of your Internet.
Note: The intelligent proxy's and the IWF content category are only available to customers with the Insights or Platform packages. The IWF content category and the Intelligent Proxy are also available to MSPs providing the "Umbrella for MSPs" package to their customers, and for any current Guest Wi-Fi/Secure hotspot package users (Roaming/branch/WLAN ). If you don't see the Internet Watch Foundation (IWF) category listed in your Category Settings, please contact your account manager for this additional feature.
Setting up the Internet Watch Foundation as a content category to be blocked
The first step is to enable Umbrella's intelligent proxy in your policies. The intelligent proxy is the ability for Umbrella to intercept and proxy requests for malicious files embedded within certain so-called "grey" domains. For instructions on how to enable the intelligent proxy, see Enable the Intelligent Proxy.
The second step is to enable the content category in your policy by finding the "Internet Watch Foundation" category. To do this, navigate to Policies > Management> DNS Policies > Category Settings. In the list of Categories to Block, select Internet Watch Foundation and save.
Testing the IWF category and Viewing Reports
- We have set up a test domain to allow you to ensure that you have correctly configured your policies for the relevant identities that should have the URLs on the IWF list blocked. The test domain is http://proxy.opendnstest.com/iwf.htm and if your identities and policies are correctly configured, you should receive a block page as you would for any other content category block. The block page appearance will vary based on your configuration.
- If you do not see a block page, check to ensure that the identity you're testing with is correctly applied to the appropriate policy. If you see a page indicating you are not using the intelligent proxy, check your policies to ensure the intelligent proxy is enabled. If it is enabled but the IWF content category is not set to block, you will receive a page showing the text "IWF". In that case, please check to ensure the content category is enabled in your policies.
- Once you've tested it and you'd like to check out your reports, apply a filter against a search in the Activity Search report:
- Your results should show any attempts made against our test page in the results.
- If you are not seeing the appropriate block page when testing, or if the results of your tests are not appearing in your search, please a raise a support case by emailing at 'umbrella-support@cisco.com'.