Tag Archives: url list

CyBlock/Cyfin Release 9.2.2 Now Available

We are pleased to announce the release of several enhancements in the new version of CyBlock and Cyfin. The first major enhancement is the new Wavecrest URL List 9 that adds specific cloud service categories, such as Collaboration and Cloud Storage, as well as renames and remaps categories, giving you more visibility into the Web sites and cloud services your employees are using. To report on cloud service activity, we have added the Cloud Services Detail and Cloud Services Summary reports.

Another enhancement is for CyBlock Appliance. The Real-Time Protocol Monitor has been updated to function just like the Real-Time Web Monitor. With icons now available on the monitor, you can easily control the live protocol traffic you want to see.

For CyBlock Cloud, logon accounts have been enhanced for individual customers as well as Managed Service Providers (MSPs). MSP-linked customers can now be given full access to the product interface and be licensed for additional logons. MSPs can create logon accounts for their own company as well as for their customers and also view the last interface logon for their customers. The enhancements are highlighted below.

  • Wavecrest URL List 9. The following features have been added:
    • The new URL List 9 includes new categories, category changes, default abuse threshold changes (not applicable to CyBlock Cloud), cloud service categories, and updated category descriptions. See Category Update for more information.
    • (not applicable to CyBlock Cloud) For existing customers on a previous list version, the following changes apply after upgrading the product:
      • On the Home page, the Wavecrest URL List Update section indicates that the new list is available and that you read the Category Update document before upgrading the list. A link is provided to go to the URL List Version page.
      • URL List Version Page:
        • The List 9 option has been added to the page.
        • After you upgrade to List 9, the service is restarted, and you are required to download the list. You are then returned to the URL List Version page which indicates that the current URL List version is 9.
        • A List Conversion Summary Report shows the policies and URL customizations that were affected by the change to List 9. It will also be sent via e-mail to the administrator.
    • Individual CyBlock Cloud customers and MSP Partners will be sent the List Conversion Summary Report via e-mail. MSP Partners will receive one e-mail per customer account.
    • For CyBlock Hybrid customers, ensure that your local CyBlock installation is on List 9 in order to sync with your cloud account.
  • Cloud Services Reports. The following features have been added:
    • Report Selection. On the Report Selection page, a Cloud Services Reports section has been added. Cloud Services Detail and Cloud Services Summary are listed in this section and generate reports on only cloud service categories.
    • Cloud Services Summary. This is a high-level report that shows employee Web use of cloud services. Web activity includes visits to sites in the following cloud service categories: Audio Streaming, Cloud Infrastructure, Cloud Storage, Collaboration, CRM, Development, File Sharing, HR, Personal E-Mail, Video Streaming, and VoIP Services. The report can be used to identify cloud service usage patterns, better manage cloud subscriptions, and highlight abnormal activity.
    • Cloud Services Detail. This is a low-level report that shows the specific URLs of cloud services by user, that is, visits to only the cloud service categories. It provides management with a complete view of every cloud service URL the user has clicked. This information can be used for cloud usage audits, identifying the most active users and the most heavily visited sites.

CyBlock Appliance

  • Real-Time Protocol Monitor. The following features have been added:
    • The Real-Time Protocol Monitor page has been updated to function like and have a similar user interface to the Real-Time Web Monitor.
      • The selections for the Controls field have been moved to the Real-Time Protocol Monitor and replaced by icons.
    • On the Real-Time Protocol Monitor, the controls and settings are available in a toolbar and can be changed while the monitor is gathering data in real time.

CyBlock Cloud

  • Additional Admin Accounts. The following features have been added:
    • On the User Management – Logon Accounts – Add screen, the Additional Logons field displays the number of additional logon accounts that have been created in the interface out of the number of licensed additional logons.
    • On the User Management – Logon Accounts – Delete screen, the Logon Accounts label has been added to the selection box.
    • If you are an MSP Partner adding or deleting a logon account, the Customer menu in the upper-right corner is removed, and the Customer field is displayed allowing you to select a customer or your own company.
  • MSP Partner Portal. The following features have been added:
    • Interface Access for MSP-Linked Customers:
      • MSP-linked customers can now have full access to the product interface.
      • MSP-linked customers will be licensed for 5 logon accounts and can add and delete logon accounts from these licensed logons.
      • Once a logon account has been created for an MSP-linked customer, they will receive an e-mail notification to complete their registration by logging on to the interface.
      • After logging on with the temporary password, they will be required to change their password on the Change Your Password screen.
    • Home Page:
      • When you click a customer name in your customer list, an Interface Details section is now displayed on the General tab.
      • The Last Interface Logon field shows the last date/time on which your customer logged on to the interface.
      • The Additional Logons field displays the number of additional logon accounts that your customer has created in the interface out of their number of licensed additional logons.

There are also a number of corrections in this release. To see the full release notes for your product, visit our Web site or knowledge base. You can upgrade to the latest release by going to the Help – Check for Updates screen in your product.

For additional assistance, please feel free to contact us.

Enhanced Malware Protection

Wavecrest Computing is pleased to announce an enhancement that delivers a tenfold increase in CyBlock’s ability to protect computer networks from malware and Cyfin’s ability to identify increasing security threats. Here is some background information.

Malware is the scourge of the Internet. The term “malware” includes computer viruses, worms, Trojan horses, spyware, adware, and other malicious programs that can disrupt computer operations, gather sensitive information, or gain access to private computer systems. For Wavecrest’s purposes, malware also includes Web sites that support hacking. Most malware originates and is spread from particular Web sites. Unfortunately, many thousands of such sites exist today, and to make matters worse, the number is growing steadily every day at distressingly fast rates.

The malware problem is not new to Wavecrest. For a number of years, companies have been using CyBlock and Cyfin products to protect against and identify automated invasions of malicious scripts and software, and unauthorized access to their internal networks–the two major problems caused by malware. CyBlock provided protection–under customer control–by blocking and reporting on employees’ attempts to visit sites in 3 of more than 70 URL List categories: Hacking, Phishing/Fraud, and Spyware/Malicious.

While this methodology was effective, it was not perfect. The difficulty lay in keeping the URL List up to date in the face of the relentless and rapid increase in the number of malware-spreading sites. This issue has been addressed with an enhancement that significantly improves the ability to keep the list current.

At the same time, three related categories, Hacking, Phishing/Fraud, and Spyware/Malicious, have been consolidated into one called Malware. This consolidation increases the ease of administration for customers.

This enhancement with its improved URL List is included in the latest release of CyBlock v.6.8.0 and Cyfin v.8.8.0. To realize its benefits as soon as possible, it is recommended that you upgrade your CyBlock or Cyfin product as soon as you can. Wavecrest will continue to update the enhanced list daily and make it available for download by customers. The download process remains unchanged.

You can schedule the list to be downloaded automatically every day, or you can download it manually at any time. In any case, as soon as it is downloaded, you will immediately begin to receive the added protection and see a significant reduction in the number of security threats to which you may be exposed.

To download the latest release, go to the Administration – Product Update screen in your CyBlock or Cyfin product. For additional assistance, please contact Technical Support at (321) 953-5351, Ext. 4 or support@wavecrest.net.

Are the URLs in Your Categories Set Correctly?

If you are upgrading your CyBlock or Cyfin product, you will be using the Wavecrest URL List 7. List 7 supports wildcard entries in domain, path, and parameter matching in URLs. In List 6, wildcard entries were possible, but limited, and thus, the URL matching was slightly different. Therefore, we recommend that you recheck and reset the URLs that were added to your standard and custom categories.

To do this, go to the Advanced Settings – Category Setup – Edit URLs screen and select the category you want to change. In the Supplemental URLs or Custom URLs box, modify your URLs according to the List 7 rules. List 7 allows you to use the following wildcard rules to add multiple URLs simultaneously.

  1. Wildcards With Domain Matching.This URL matching method categorizes Web sites whose pages all contain the same type (category) of content, e.g., Shopping, News, and Sports. In these relatively simple cases, one category applies to the entire site. Under this method, if the Web log entries are in any of the following formats, and the URL List contains a matching URL, the product will categorize the visit on the basis of the domain name.
    • www.mydomain.com
    • *.mydomain.com
    • www.mydomain.*
    • *.mydomain.*


    Note:      For this method to work, and as reflected in the examples, the entry in the URL List must contain a complete domain name element. That is, the domain name between the periods (dots) must be complete and must not be augmented with an asterisk or any other character. For example, the list must not contain mydomain*.com or *mydomain.com.

  2. Wildcards With Domain and Path Matching.This URL matching method categorizes Web site visit-attempts at the path level. This method enables individual pages to be categorized. If the URLs visited (as documented in the Web logs) are in any of the following formats and there is a corresponding entry in the URL List, the product will categorize the visit on the basis of the domain name and path.
    • www.mydomain.com/path/*
    • www.mydomain.com/*/path/*
    • *.mydomain.com/*/path/*
    • *.mydomain.com/path/

    Notes: For this method to work, the entry in the URL List must contain a complete path element. That is, the path element between the forward slashes must be complete and must not be augmented with an asterisk or any other character. For example, the list must not contain /path*/. As indicated at the end of the fourth example above, the asterisk is not always required, i.e., an exact path can be entered. However, as indicated in all four examples, forward slashes are always required.

  3. Wildcards With Parameter Matching.This method adds parameter matching to the two methods defined above (domain alone and domain-plus-path). It focuses more on syntax found in URL parameters than on content of the site being evaluated by the product. The parameter method works as follows. If the Web log entries are in any of the formats listed below, the product will categorize the visit on the basis of (a) the domain name plus the parameter, or (b) domain name plus path and parameter. Note that the first three bullets are examples of the former (no path included).
    • www.mydomain.com/*?keyword=value
    • www.mydomain.com/?keyword=value
    • www.mydomain.com/?id=*
    • www.mydomain.com/?id=*&sr=* (example of multiple pairs)
    • *mydomain.com/*/path/*?id=*

    Notes:  Parameter matching always requires the use of “?”. If a question mark is placed at the end of the domain or the path, the URL List will perform this matching method.The “/” is also required for this method. However the “&” is optional and is only needed when more than one “keyword=value” pairing is involved (as indicated above). Note that the “&” is added between pairs, and the pairs do not have to be in any particular order.

For additional assistance, please contact Technical Support at (321) 953-5351, ext. 4 or support@wavecrest.net.

Managing Categorization in CyBlock and Cyfin

Leave a reply

CyBlock and Cyfin offers the advanced functionality for you to manage and customize the categorization of sites. By using these categorization features, you can maximize the overall usefulness of your CyBlock or Cyfin product. Follow these 5 tips to get the most out of categorization.

1. Keep your categorization list current via daily updates.
Wavecrest site analysts work continuously to update and expand the categorization list. In fact, the Wavecrest URL list is 100% human reviewed. These updates are available for download daily. It’s a simple process that can be done manually or on an automatic/scheduled basis. You can download the URL list or schedule the download to occur daily on the Administration – URL List screen.

2. Establish custom categories.
Augment Wavecrest’s standard 74 categories with custom categories. You can add up to 25 custom categories. You can activate and use as many or as few of these as you want, and you can easily give them specific names of your own choosing. Names are limited to 50 characters. These settings are found on the Advanced Settings — Category Setup — Name Custom screen. Once a custom category has been established, you can augment the Wavecrest URL List with URLs of your own choosing and place them in the custom category for subsequent monitoring or filtering. Custom categories also provide white list (allow-only) capability for CyBlock users.

3. Add URLs.
You can add URLs to both the Wavecrest standard and custom categories. The applicable settings are found on the Advanced Settings — Category Setup — Edit URLs screen. You can also delete URLs here.

4. Change a URL’s category.
If you wish, you can change the category to which Wavecrest has assigned a particular URL. You can do this by simply adding the URL to the category of your choice. Your categorization will take permanent precedence over the Wavecrest URL list.

5. Participate in our OtherWise program.
To opt in our OtherWise program, you simply need to periodically run a Top Non-categorized Sites report and email a copy to sites@wavecrest.net. Our list technicians will research, identify and categorize the most popular unidentified sites, many of which will be of local or special interest to your organization. Then, after you download the next daily control list update, subsequent visits to those sites by your users will no longer be listed as “Other.” They’ll be properly identified and categorized. NOTE: We hold all customer information sent to us in strict confidence.

Wavecrest’s RealTimePlus Filtering

Leave a reply

RealTimePlus is our customer-configurable three-layer filtering process. It uses three layers of screening based on: (1) custom categories, (2) the Wavecrest categorization (control) list and (3) a real-time deep packet analysis process.

1. Custom Categories (the “First Layer”). ‘Custom categories’ supplement the standard categories. This enables you to better identify and control your users’ Web activity.   For example, you can create a custom category to:

  • Serve as a “white list” that contains all sites to which visits are allowed (while blocking all others).
  • Track and possibly block access to ‘standard’ sites that are not in the Wavecrest URL List but are of special local interest or concern.
  • Serve as a “black list” that contains all sites to be blocked (while allowing access to all others).
  • Track (but not block) visits to internal servers (intranet sites) and/or partner sites.

You can add custom categories at the Advanced Settings – Category Setup – Custom Categories screen. Then use the Advanced Settings – Category Setup – Edit URLs screen to add sites into your custom categories.

2. The Wavecrest URL List (the “Second Layer”). To accurately identify and categorize the vast majority of visits, Wavecrest products use a large, mature categorization control list.  This ‘control’ list consists of 69 ‘standard’ content-identification categories that is updated daily with URLs from around the world.  We recommend that you download the list daily to get the best filtering and monitoring coverage.   You can setup an automatic daily download of the list at the Administration – URL List – Schedule screen.

Another great customization feature with the control list is that you can add and move URLs in the standard categories.  For example, if you use Twitter as a Marketing tool but want to continue to block all other social networking sites, you can simply add www.twitter.com to the Marketing category.  You can make this change at the Advanced Settings – Category Setup – Edit URLs screen.

Finally, set your block/allow policies for your custom categories and standard categories at the Advanced Settings – Filtering Settings – Block Web Categories screen.

3. Deep Packet Analysis (the “Third Layer”). Using real-time ‘deep packet analysis,’ CyBlock can determine if the content of a URL is Flash, video streaming, audio streaming, images, Active X and more.  Any or all of these could be considered “inappropriate” and can be blocked.  You can also add your own extensions to be blocked.  You can block these types of content or add your own at the Advanced Settings – Filter Settings – Block Web Content screen.

Other Features

1. Hourly Blocking. You can block or allow categories at specific hours during the day.  For example, you may want to allow access to some categories during the lunch hour. You can set these hourly policies by clicking on the clock icon at the Block Web Categories screen.

2. Customizable Blocking Message. CyBlock comes with a standard blocking message, but you can configure the product to point to your own Web policy or personalized blocking message.  You can set this custom message at the Advanced Settings – Filter Settings – Web Blocking Message screen.