Vanguard Computer Technology Labs
Consulting FilterWall PowerPC Contacts
FilterWall
Features
 Specs
 FAQ
 History
 

FilterWall Frequently Asked Questions

Current FilterWall Owners

  1. Q:How do I know if my FilterWall has the DMZ option?
  2. Q:How can I be sure that web pages are not stale if I have caching enabled?
  3. Q:How can I block https?
  4. Q:How can I block AIM (AOL Instant Messenger)?
  5. Q:How can I block external web proxies (anonymizers)?
  6. Q:How many web requests/hour should I expect to see?
  7. Q:What does "zero state error" mean, and how can I fix it?
  8. Q:What does "connection reset by peer" mean?
Prospective FilterWall Owners
  1. Q:What additional hardware or software do I need to incorporate FilterWall into my network?
  2. Q:How do I know if I need the DMZ option?
  3. Q:How efficient is the web caching?
  4. Q:What is the typical network latency added by the FilterWall?
Current FilterWall Owners
  1. Q:How do I know if my FilterWall has the DMZ option?
    A:Look at the back of the machine. If you only see 2 ethernet ports, then you do not have a DMZ enabled FilterWall -- contact us if you wish to upgrade.
  2. Q:How can I be sure that web pages are not stale if I have caching enabled?
    A:Web pages are usually current, but if you want to be absolutely sure use the "force reload" feature of your browser. Make sure your FilterWall clock is set correctly to provide maximum cache efficiency.
    Further explanation:
    1. the web caching algorithm follows the content expiration date provided by many web servers
    2. if no content expiration is provided, the web server is queried for the modification date and compared to the date of the cached copy
    3. browser force-reload requests are always honored
      NOTE: FilterWall Version 2.1 includes a workaround for a bug in IE browsers < 5.2 that broke force-reload option
  3. Q:How can I block https?
    A:From the main web administration page, go to "Service Policies->Outgoing". Add a new entry with port 443. To block https from only a specific server, enter the server's address as the ip and "255.255.255.255" as the netmask. To block all https traffic, enter "0.0.0.0" for both ip and netmask.
  4. Q:How can I block AIM (AOL Instant Messenger)?
    A:Just block all access to login.oscar.aol.com; right now login.oscar.aol.com corresponds to the ip addresses 64.12.161.185 and 64.12.161.153. Note these addresses might change in the future. From the main web administration page, go to "Service Policies->Outgoing". Add a new entry for each ip above, with netmask "255.255.255.255" and the port "0".
  5. Q:How can I block external web proxies (anonymizers)?
    A:It is difficult to provide complete coverage for these proxies, but the following steps greatly limit this problem
    1. block port 8080
    2. block https (port 443) and http (use web filter) access to all known anonymizer proxy servers
  6. Q:How many web requests/hour should I expect to see?
    A:The limiting factor in most installations will be the connection to the Internet. A T1 line can handle approximatesly 30,000 web requests/hour.
  7. Q:What does "zero state error" mean, and how can I fix it?
    A:This indicates that the web page is non-cacheable, and the server portion of the url must be added to the list of uncached sites.
    Example: if the url http://www.vctlabs.com/a_page.html gave this error, then add "www.vctlabs.com" under "Service Policies->Caching"
  8. Q:What does "connection reset by peer" mean?
    A:There are two possible reasons for this error:
    1. the remote web server is having problems, and is dropping connections
    2. your internet connection is congested, and the resulting delays are causing errors in connections
Prospective FilterWall Owners
  1. Q:What additional hardware or software do I need to incorporate FilterWall into my network?
    A:None! If your network is already hooked up to the Internet, the FilterWall package provides everything needed to install it.
  2. Q:How do I know if I need the DMZ option?
    A:If you have servers that must be accessed from the Internet (such as mail or web servers), then a DMZ is recommended.
  3. Q:How efficient is the web caching?
    A:Cache efficiency is sensitive to network usage patterns, but typically the efficiency ranges from 40-50% cache hits/web request.
  4. Q:What is the typical network latency added by the FilterWall?
    A:less than 1ms latency
© Vanguard Computer Technology Labs, inc., all rights reserved