Author Archives: admin

Tech Tip: How to Change Your Proxy Port

Leave a reply

If you want to change our default proxy port for security reasons or you have another application already listening on that port, just follow these instructions:

1) Go to your hidden screen, https://xx.xx.xx.xx:7999/admin/setup/proxy/adv.php
2) Change the ‘Proxy Server Port:’ option to any port number
3) Click Submit
4) Restart service

Default Port: 8080

We never stop improving and we love to receive feedback from you!

Our in-house support staff is available to assist you and can be reached at (321) 953-5351, ext. 4 or email at support@wavecrest.net.

What’s Hogging Your Company’s Bandwidth? Causes for Slow Network Speed this Holiday.

Leave a reply

If you haven’t noticed, online holiday shopping lasts well beyond Cyber Monday.  According to a ComScore report, after the 2010 holiday shopping season, more than 85% of Americans online visited a retail site in December of last year.  Employees shopping online at work are likely causing critical applications, like Voice over IP (VoIP) and video conferencing, to perform poorly if at all.  The last thing you and your company need is network latency or slowdowns due to non-work related online activity.  Many of our clients are seeing a spike in bandwidth usage from shopping websites and have quickly taken measures to filter browsing to that category.  Which sites consumed the most bandwidth for your company this month?  Determine what factors are impacting your network speed before you decide to purchase more bandwidth – an expense that could be avoided with the right tools and a bit of discipline.

With 19 different types of highly customizable employee Web-use reports, Cyfin Reporter offer insights as to which types of traffic consume the maximum volume throughout the workday.  Monitor, filter, and report over 500 million Web pages in 74 categories and set throttling thresholds for sites that are slowing your company’s Internet speed with CyBlock Proxy.  Now is the time to address your poor network performance, slow applications, and bandwidth congestion.

We’re so sure you’ll benefit from our solutions that we offer a free 30-day product trial. Both products provide quantified data to help IT personnel keep track of bandwidth utilization by users as well as by type of usage (appropriate versus not so appropriate). After you’ve downloaded our products, take advantage of the User Comparison Trend Chart to detect unexpected spikes that could indicate excessive bandwidth or Web use.  Then review your Top Sites Bandwidth Chart (example seen below) and find out which ten sites are consuming the most bandwidth or had the most hits or visits for the time period you specify.

Top Sites Bandwidth Chart

 

Top Sites Bandwidth Chart for both Cyfin and CyBlock

Online Holiday Shopping Can Cost Your Business More Than Time

Leave a reply

Online Shopping Risks

Cyber Monday is no more – in an uncertain economy, post-Thanksgiving online holiday shopping has increased since coined in 2005 and now lasts for one month with more than 50% of all online spending taking place during working hours1.  What does this mean for your business?  A large decrease in employee productivity, a boost in bandwidth consumption, and one of the most popular times for cybercriminals to attack your secure data.

Lost productivity can mean big bucks for your company, reducing employee output to a mere 60%2.  A survey by CareerBuilder states that more than half of the 4,000 respondents polled intend on shopping online while at work with one third of those planning for more than one hour each day, in addition to the two typical hours daily already reported by respondents (time excludes lunch hour and scheduled breaks).  If you do not have a Web-use policy or Internet Acceptable Use Policy (AUP) in place, one is necessary to help report, monitor, and prevent employee Internet abuse in addition to protecting your company from legal liability.

Downloading malware is another risk as employees use the Internet for personal reasons. Spyware and malicious code are big threats to company networks as they can consume bandwidth and compromise security.  Recent studies show that company networks are being infected with spyware and malicious code most often through employees surfing the Web; with the holidays increasing that risk, these threats make it imperative for companies to enforce an AUP to protect their networks. Wavecrest Computing suggests that companies monitor and/or filter employee Web use in order to better protect themselves from security threats. In addition to the inherent risks associated with hacking your online security – loss of company reputation, destruction of company data, and the downtime employees face while systems are restored – the costs to mitigate attacks are extraordinary and rising each year.  This year, U.S. companies are expected to spend more than triple the costs spent in 20063.

To ensure these threats do not happen to your company this holiday season, run through our checklist and remember to check it twice!

  • Install all applicable system and program updates to avoid malware from infiltrating any system frailty that could have easily been patched with an update.
  • Create a Web usage policy and clearly communicate it to your employees.
  • Be cautious prior to clicking on links to different websites particularly those found on social networking sites as they’re often a hotspot for malware.
  • Avoid the use of pirated / illegal software as many contain malware.
  • Never open email attachments from unknown senders and make sure to scan attachments you do decide to download.
  • Make steps to consistently back up your computer in the case that malware wipes your hard drive clean.
  • Monitor servers and security devices 24x7x365 for security issues and require preventative actions be taken on security threats in real time – this is where we come in!

CyBlock can be set up to block Web access by categories and by hour so employees can access shopping sites on their lunch break or after hours. This approach can help sustain morale while minimizing the risks associated with online shopping.  With Cyfin, you can monitor employees’ Web use to ensure that Web-use policies are followed or that unwanted spyware or malware is not downloaded as a result.  Let us guide you to a safer, more reliable, robust security solution with exceptional support at an unbeatable price!

Sources:

1https://blog.comscore.com/2011/11/cyber_monday_work_computers.html

2 https://www.wavecrest.net/editorial/costsavings.html

3https://money.cnn.com/galleries/2011/technology/1107/gallery.cyber_security_costs/index.html?iid=EL

 

Explanation of the “IP Address” Category in Wavecrest Products

Leave a reply

Unfortunately, some instances of Web-use activity cannot be readily identified or categorized by Web access management products.  One type appears in the Wavecrest products’ Web Monitor and employee internet usage reports simply as IP addresses with no domain.

If the IP address is not recognized by our product it is put into IP address category and not into “Other” for the below reasons  (While some IP addresses have been identified and categorized in the Wavecrest URL control list, many have not.) If the product does not recognize the IP Address, it initially assigns them – in parallel to two special categories: (a) the IP Address category, and (b) the “Other” (uncategorized) category. This ‘groups’ them so they can be dealt with, as follows.

Using IP Addresses to Help Analyze Web Activity. At first glance it may appear impossible to make use of these initially unidentified IP addresses, but that’s not really the case. With a bit of work, it’s possible to:

  • Deduce the source and purpose of most of them
  • Categorize the legitimate ones
  • Isolate/neutralize the malicious ones

Let’s see how this is done.

First though, for purposes of this discussion, let’s ‘label’ the four general types of unidentified IP addresses. We’ll call them:

  • ‘Internal and partner Web pages without domain names’
  • ‘Innocent links on Web sites’
  • ‘Possible malware or virus servers.’
  • ‘Public proxies’

Identification and Corrective Action Process. This is a three step process: (a) listing the IP addresses; (b) classifying them by the types defined above; and (c) taking appropriate action.

To take the first step, simply run a Top Non-Categorized Sites Report and note the rows with IP addresses.  Then, as explained below, classify each (by type) and take action.

  1. IP Addresses Associated with Internal and Partner Web Pages.  These IP addresses could result from user-generated or Web application traffic. Using local knowledge, determine the sources and then enter the addresses in one or more custom categories. If you wish, give the addresses recognizable names. Complete instructions on how to create custom categories can be found in our manual.
  2. IP Addresses Associated with Innocent links on Web sites. These addresses could be associated with image or ad servers. If you send a Otherwise report that contains these IPs to Wavecrest our categorization team will research and categorize these IPs for you  the same way we would categorize domains. If you would like to identify them yourself there are IP Address lookup tools like the one available from https://www.networksolutions.com This tool will provide you with information about the owner of the IP address(es) of interest. For example, the owner of the IP address could be a marketing company that serves ads, or it could be an image server. Once identified, add the addresses to one or more custom categories. If you wish, give the addresses recognizable names.
  3. IP Addresses Associated with Possible Malware or Virus Servers. These addresses could be associated with malware, spyware or virus servers. The clue here is very high around-the-clock traffic (an indication that the user’s computer has been infected or attacked).  The solution in these cases is to isolate the internal computer(s) and remove the malware/spyware or virus.
  4. Public proxies. Also known as “Anonymous proxies”, public proxies are often used by employees or students who want to get around Web filters and/or avoid being identified by Internet logging. In other words, public proxies allow individuals to surf the Web “anonymously.” Many public proxies promote spyware or malware activity. They are created to gather user information, or even worse, company information on an employee’s computer. They often log an individual’s online browsing, emails, and chat sessions to gather user names, passwords, credit card or banking information. Some of the information gained, e.g., email addresses, is often used to sell to other companies for marketing purposes.

For more information, read our post: The danger of public proxies.

New Releases CyBlock and Cyfin Internet Monitoring Software

Leave a reply

We recently released newer versions of our CyBlock Proxy, Cyfin Reporter, CyBlock ISA and Cyfin Proxy software.  CyBlock Version 6.5.0 and Cyfin Version 8.5.0 are now available and include the following new features:

  • Dashboard Traffic Chart. A new trend chart to track allowed and denied hits traffic has been added to the Dashboard. This chart is available by going to the Dashboard and selecting Trend – Traffic.
  • Dashboard Metrics: Denied Visits and Denied Hits. Two new metric options have been added to the Dashboard Top and Trend charts. They are Denied Visits and Denied Hits. Denied Visits are failed attempts to access a Web site. For the most part this occurs because the user is not authorized to access the site, i.e., his access has been “blocked.” However, a “denied” indication can also be caused by technical anomalies, e.g., “page not found by server”, etc. Denied Hits are any type of viewable or usable data transmission that is triggered by a visit to a Web site and is denied or blocked. Denied hits can be in the form of a denied or blocked file, message, object, graphic, link, banner, ad, or push item.
  • New Option for Scheduled Deletion of Import Data. An option to delete data “older than 4 months” has been added to the Data Manager – Import Data – Delete – Schedule screen.
  • Pause/Restart Button on the Real-Time Web Monitor (CyBlock Proxy and Cyfin Proxy Only). A Pause/Restart button was added to the top of the real-time Web monitor screen. Clicking Pause will stop new results from being displayed. A new IP address column has also been added to the Web monitor. Now the Web monitor displays the ID, IP, Date/Time, Category Name and Web Page. Note: When Authentication is disabled, the ID column will not be displayed.

To see the full release notes for your product, visit the Support Forum. You can download the latest release by going to the Administration – Product Update screen in your CyBlock or Cyfin product.

Get Your Wavecrest Reports in PDF

Leave a reply

Many customers have asked for it, so back in March, Wavecrest Computing added a new option to receive or email reports in PDF format.  This option is available for any manual or scheduled report in your Cyfin or CyBlock product.  To receive or email your reports in PDF format, simply select PDF in the Report Format pulldown on any of the reporting screens.

The option to email and run reports in HTML format is still available, and HTML format must be used when using Interactive reporting for drill-down purposes.

If you have any questions about this new feature or any other features in your Cyfin or CyBlock product, please feel free to contact us.

Upgrade Today! New Releases for CyBlock and Cyfin

Leave a reply

We’re thrilled to bring you more new features in our latest releases of CyBlock and Cyfin. In CyBlock Version 6.3.3 and Cyfin Version 8.3.3, we are happy to deliver you with the following:

  • Classification Policies. New classification policies can be created and saved for use in manual and scheduled reports. The policies can be created and selected from a new option on the Reports – Manual and Reports – Schedule screens. Two named classification policies are provided with this release: Default and No Classification. The default classifications policy is set at the Category Setup – Classify Categories screen, and no classification means that no classifications will appear in the report.
  • Dashboard Drill-down. Drill-down reporting has been added to the Dashboard Top Users and Top Categories charts. When clicking on a user from the Top Users chart, a User Audit Detail report will automatically run, and when clicking on a category from the Top Categories chart, a Category Audit report will automatically run.
  • Download Restore Points. The ability to download and save a restore point for product settings has been added. The restore points can be downloaded from the Administration – Restore – Download screen.
  • Email Notification When License Exceeded (CyBlock Only). If the number of filtered users exceeds what the product license allows, an email notification will be sent to the product’s administrator every three days.
  • Using Active Directory for Access Accounts. A “Lookup” link has been added to the Advanced Settings – Access Accounts screen. When using Active Directory authentication for access accounts, clicking this link will cause the full name and email address for the access account to be automatically populated from Active Directory.

To see the full release notes for your product, visit the Support Forum. You can download the latest release by going to the Administration – Product Update screen in your CyBlock or Cyfin product.

Wavecrest Recommends Users Upgrade from Internet Explorer 6

Leave a reply

If you are still using Internet Explorer 6, we and Microsoft recommend that you upgrade as soon as possible.  One of the main reasons to upgrade is that Wavecrest’s CyBlock versions 6.3.0 and later and Cyfin versions 8.3.0 and later no longer support IE6.

Microsoft also has a big push now to get users to upgrade and stop using IE6.  See their new website ie6countdown.com. One of the main reasons they are pushing the upgrade is security. They state, “we recommend that Internet Explorer 6 users upgrade to a newer version of Internet Explorer for a safer browsing experience.” So if you haven’t done so already, Wavecrest recommends that you take a minute to make sure all of the computers and servers in your network are upgraded to a later version of Internet Explorer.

If you have any questions, please contact Wavecrest’s technical support team by phone at 321-953-5351, ext. 4 or toll-free at 1-877-442-9346, ext. 4.

Sources:

The Internet Explorer 6 Countdown
Microsoft Begs Users to Stop Using IE6
It’s Time to Finally Drop Internet Explorer 6

New Release – CyBlock 6.3.2 and Cyfin 8.3.2

Leave a reply

We have been busy and working hard to add features that you have been asking for into CyBlock and Cyfin. In this latest release, here are some new features we have added:

  • Custom Reports – This allows you to use Wavecrest’s existing standard reports and customize them by selecting which sections of the report to display.  You can create, name and save these reports to be run manually or scheduled to run automatically.
  • PDF Option in Reports – You now have the option to choose whether you want your report in PDF or HTML format. This option is available in manual, scheduled and custom reports.
  • Ability to Add Full URLs to Categories and Custom Categories – Full or partial URLs, not just the domain, can now be added to a category or custom category on the Advanced Settings – Category Setup – Edit URLs screen. This means that you can add bbc.com/sports to the Sports category, and all other pages on bbc.com that are not sports will still be categorized as News.

To see the full release notes for your product, visit the Support Forum. You can download the latest release by going to the Administration – Product Update screen in your CyBlock or Cyfin product.

New Half-Hour Filtering In CyBlock

Leave a reply

If you haven’t seen it yet, in the latest version of CyBlock 6.3.1, scheduled filtering has changed from hourly to half hour. This means that you can select to allow a category from 12:00 – 12:30pm instead of the full hour 12:00 – 1:00pm.

You can make these changes at Advanced Settings – Filter Settings – Block Web Categories. Simply click on the clock icon that appears when you select the “block” radio button and select the times you want to block and allow the category.

If you have not upgraded your product to the latest version of CyBlock, you may do so by going to Administration – Product Update screen.