Author Archives: admin

What Is the Purpose of the ‘IP Address’ Category?

Leave a reply

From time to time we are asked, “What is the purpose of the ‘IP Address’ category used by Wavecrest products?” The short answer is — it’s used to capture and segregate the IP addresses of Web sites that the product was unable to associate with ‘regular’ categories. Customers can then analyze them to identify network security threats, traffic to intranet sites, or other patterns of interest.

Here’s a bit more detail.

First note that our products identify many IP addresses and place them in content categories. The Wavecrest URL (control) list contains many such addresses.

Unfortunately though, initially unidentifiable IP addresses still appear from time to time. Generally speaking, we see three types, i.e., addresses associated with:

  1. Internal (and partner) Web pages
  2. Innocent links on Web sites
  3. Possible malware or virus servers

When the product encounters any of these three types, it places them in a special ‘IP Address’ category. Customers can then run reports on that category the same way they do on any other category. In addition, if the customer runs a Top Non-Categorized report, the uncategorized IP addresses will be listed along with uncategorized domain names.

Because the traffic associated with unidentified IP addresses can be important or even dangerous, it’s obviously desirable to pursue the matter further. So what can be done? Well, with a bit of work—and in some cases with some help from Wavecrest—it is possible to:

  • determine the source and purpose of most of the addresses
  • categorize the legitimate ones
  • isolate/neutralize the malicious ones

Let’s see how this is done. We’ll take it one ‘type’ at a time.

  1. Internal and Partner Web Pages. Some unidentified IP addresses may have resulted from users going to internal (intranet) or partner sites. (These normally would not be in the Wavecrest URL list.) To address this issue, start by running a Top Non-Categorized Sites Report or IP Address Category Report. Using your local knowledge, try to determine the IP addresses of those sites and then enter the information in one or more custom categories. (Instructions on how to create custom categories can be found in our manual.)
  2. Innocent links on Web Sites. These addresses could be associated with image or ad servers. If you want to address this issue, send a copy of a Top Non-Categorized Sites (“OtherWise”) Report to Wavecrest (sites@wavecrest.net). Our categorization team will then research and categorize the unidentified IPs for you the same way they categorize domains. If you would like to identify the IPs yourself, you can use IP address lookup tools such as the one available from https://www.networksolutions.com. This tool will provide you with information about the owner of the IP address(es) of interest. For example, the owner of the IP address could be a marketing company that serves ads, or it could be an image server. Once identified, if you desire, you can add the addresses to one or more custom categories.
  3. Possible Malware or Virus Servers. Some of the unidentified IP addresses could be associated with malware, spyware or virus servers. The clue here is very high around-the-clock traffic. This is an indication that the user’s computer has been infected or attacked. The solution in these cases is to isolate the internal computer(s) and remove the malware/spyware or virus. Here’s an approach you can use to help solve this problem.
  • Using the Dashboard, run a Trend report on the IP Address category and look for any unusual spikes. If you see anything suspicious then …
  • Run a category audit on the IP Address category and look for large amounts of activity coming from a particular PC(s). Make a note of the IP address(es) and then scan for infected files.

Summary. The IP address category was created to be a ‘red flag.’ Its purpose is to alert you that further action may be needed to resolve problems or to simply give you a more complete and comprehensive picture of all Web activity.

Social Networking or Social Not-working?

Leave a reply

Social networking in the workplace is a major dilemma for today’s businesses. Does it help or hurt the organization? While some companies block social networking, some say it helps by enhancing collaboration among employees, partners and customers. Others say it hurts by draining productivity and bandwidth and creating legal liability and network security risks.

A survey conducted by Nucleus Research showed that 77 percent of workers who have a Facebook account use it during work hours. Of those who do use Facebook at work, 87% said they could not define a clear business reason for accessing the site and some reported using it as much as two hours per day.

So, in the face of all the countervailing views, just what is the best approach to the issue? Options include banning it altogether, using it with no restrictions, and employing it for business purposes only.

The short answer is, “It depends.”

That is, for any one organization, the answer really depends on management’s views on a number of issues. Among these are the nature and objectives of the business, organizational culture and managerial style, workforce morale factors, workforce demographics and skills, availability of technological solutions, and the need for external communications.

We are often asked about this issue.  So we developed this paper to share our knowledge and views. It explores various aspects of the issue, cites some relevant facts, and provides several recommendations. Our hope is that this information will help organizations that are struggling today with this contemporary and very important issue.

Read the full white paper: Social Networking or Social Not-working?

Don’t Forget to Update Your Web-Use Policy

Leave a reply

There has been a lot of buzz surrounding the use of social networks, i.e., Facebook, Twitter, LinkedIn, etc.,  in the workplace recently.  This is a great reminder to all organizations to take a look at their current Web-use policies and update them.

Reuters covered a recent seminar put on by LeClairRyanon covering “Key Issues in Labor & Employment Law,” where the importance of a policy for social networks was discussed.  The speaker, Joseph P. Paranac, a shareholder in LeClairRyan’s Labor and Employment Group, stated, “Inappropriate and unwise use of online social networking sites like Facebook and Twitter is a growing source of liability risk for employers, including discrimination, defamation and retaliation claims.”

He went on to offer some Web-use policy suggestions for employers.

“In order to have a successful policy on the use of social networking sites, Paranac told the audience, employers should stipulate that:

  • Employees may not comment or use any confidential information about the employer or discuss internal matters.
  • Use of online social networks should be limited to non-working hours, unless the use is for legitimate business purposes.
  • Employees’ comments should not be discriminatory or harassing.
  • Similarly, they should not be disparaging or defamatory to the employer’s business.

The veteran attorney also offered the following elements of a successful Internet and e-mail policy:

  • Employees should be trained on electronic communications equipment parameters and prohibitions.
  • All business systems and company-issued electronic communication equipment and data belong to the employer.
  • Systems and equipment must be used for appropriate and lawful business purposes only.
  • Employee use is subject to review/monitoring by the employer and employees who use employer equipment have no expectation of privacy.
  • Use of systems and equipment for harassment, discrimination, or defamation is strictly prohibited.
  • Disclosure of employer confidential information is strictly prohibited.
  • Warn employees of the penalties or policy violations.
  • Obtain a signed acknowledgment of employee receipt of policy.
  • Include a procedure for reporting violations.
  • Enforce the policy!”

Read the full article: TWEET: ‘I’m About to Testify in My Defamation Case!’

Online Holiday Shopping: Here We Go Again

Leave a reply

It’s that time of year again! The big Christmas shopping spree. As in previous years, the online version ‘officially’ starts on Cyber Monday – the day after the big T-Day weekend. And now this year we’ve got Green Monday (December 7) and Brown Monday (December 14). These are days on which, like Cyber Monday, online retailers put on a full court press to draw in ‘surfer-shoppers.’

And the whole circus runs through New Year’s Day.

The volume can be huge and problematical for employers. A survey conducted for ISACA, an association of 86,000 information technology professionals, states in part:

“Employees plan to spend nearly two full working days (14.4 hours) on average shopping online from a work computer this holiday season. One in 10 plans to spend more than 30 hours shopping online at work. Convenience (34%) and boredom (23%) are the biggest motivators.”

“… the second annual “Shopping on the Job: Online Holiday Shopping and Workplace Internet Safety” survey found that half of those surveyed plan to holiday shop online using a work computer.

“Dangers of shopping online include viruses, spam and phishing attacks that invade the workplace, resulting in financial losses due to reduced productivity and destruction or compromise of corporate data.”

In addition to generating network security and performance issues, online holiday shopping is a huge productivity waster for businesses. When workers are shopping, they’re not ‘minding the store.’ Accordingly, this is a good time for all types of organizations to take stock of their Web-use management practices and seek help if needed.

Wavecrest Computing is ready to provide that help.

Wavecrest’s Cyfin and CyBlock products and services help all types of organizations manage and control inappropriate and risky personal surfing of all kinds, including shopping. Cyfin and CyBlock products do this by monitoring and/or filtering employees’ Web use and reporting on the activity by content categories, e.g., shopping, sports, games, and others. Of particular note, with regard to holiday shopping, CyBlock products can be set up to block Web access by categories and by hour so employees can access shopping sites on their lunch break or after hours. This approach can help sustain morale while minimizing the risks associated with online shopping.

For 13 years, Wavecrest Computing has been providing Internet filtering and monitoring solutions to business, government, and educational organizations worldwide.  Wavecrest’s customer base includes well-known names such as the HP, Procter and Gamble, Burlington Northern Santa Fe Railway, Bridgestone, Mazda and many others.

Wavecrest’s 13th Birthday

Leave a reply

We’re Wavecrest Computing, a leading developer of Internet usage management products. Today is our thirteenth birthday. So we’re taking a moment to celebrate, look back, and reflect on some of our accomplishments over the years.

Since 1996, from our base in Melbourne, Florida, we have developed, marketed and supported a spectrum of innovative Internet monitoring and reporting solutions. Our products help all types of organizations manage their employees’ online activities and ensure compliance with acceptable use policies. Starting thirteen years ago with a single customer, our client base has grown to more than 3,000 organizations, many of them Fortune 500 companies and high profile government agencies.

We’re extremely proud of this. But it didn’t just ‘happen.’

The credit goes to an unusually talented and well-led team of development, sales and support people. They all work directly for Wavecrest; none are outsource or temporary employees. For years these dedicated men and women have made sure that we consistently deliver the products and services that our customers need to meet the many dynamic challenges associated with use of the Internet in the workplace.

And those challenges have certainly evolved over the years. Examples include the very real and seriously increasing risks of productivity losses, bandwidth drains, legal liability, and network security threats. And as the Internet grew and the challenges escalated, we have kept pace every step of the way.

Our first product— a basic software application called ProxyReporter—read and analyzed employers’ outbound Web logs. From that data, it then produced reports that helped management and IT monitor employees’ use of Web access.

Then, as the Internet became more sophisticated, we went on to develop a series of increasingly robust Web-use monitoring and filtering products designed to suit a variety of customers and network infrastructures. Our monitoring products now include Cyfin Reporter—a highly sophisticated and scalable logfile analyzer/reporter—and Cyfin Proxy, a standalone Web proxy/monitor/reporter. Our combination filtering/reporting products include CyBlock for ISA—a combination filter/reporter system for use with Microsoft ISA products—and CyBlock Proxy, a standalone proxy/filter/reporting solution.

Our latest innovation is CyBlock Appliance, a hardware based Internet-usage management device. Designed to monitor and help control use of all Internet protocols, CyBlock Appliance is a standalone proxy, monitor, filter and reporter.

Of particular interest, in recent years, we have upgraded all of these products to deal with emerging issues associated with a variety of Web 2.0 advances such as social networking. At the same time we have been busy incorporating new features such as protocol filtering and trend reporting.

Through the years our products have been well received and proven to be highly reliable and cost-effective, and we back them all with a 90-day money-back guarantee.

As proud as we are of our products, we take equal pride in our support services. When customers call, they talk to a real person—here in America—and they get personalized attention. Our support personnel, all of whom have been with us for years, know that customer satisfaction is key to the company’s (and their own) success. And as a result of their responsiveness and professionalism, they have received literally hundreds of kudos and compliments over the years.

So, in sum, we have much to celebrate and be proud of.

Happy Birthday, Wavecrest!

Managing Groups and IDs in CyBlock and Cyfin

Leave a reply

There are two options for managing your Groups and IDs in Cyfin or CyBlock.  You can manage them either “Inside the Product” or “Outside the Product.”

By choosing to manage your Groups and IDs “Inside the Product,”  it means exactly that.  You can manually add, delete and move Groups and IDs in the product.  If you import your Groups and IDs from Active Directory or a text file, each time your Groups and IDs are imported either manually or scheduled, only NEW Groups and IDs will import.  The new Groups and IDs that are imported will be based on your configuration setup in the Active Directory Setup wizard.  Your existing Groups and IDs will not be modified, which means if a user left or moved departments, he/she will have to be deleted or moved in the product.  If you want to have users in the VIP group, you must use the “Inside the Product” option.

If you select to manage your Groups and IDs “Outside the Product,” then you will be only managing and making changes to your Groups and IDs at the directory source.  Each time Groups and IDs are imported, whether manually or scheduled from Active Directory or a text file, all Groups and IDs will be updated to identically match that configuration. Typically this option is not used because the directory source is grouped according to your network setup and not according to how you will want to apply Web-use policies.

Summer 2009 Newsletter

Leave a reply

Check out the Wavecrest Computing Summer 2009 Newsletter.  Topics include:

  • End of Year Sales Specials – Discounts for New and Existing Customers
  • New Rack Mount CyBlock Appliance
  • Managing and Customizing Categorization in Cyfin and CyBlock
  • Displaying Login Names and IP Addresses in Reports

New Advanced Reporting Options

Leave a reply

New advanced reporting options were recently added to Cyfin and CyBlock. You can configure these options by going to Advanced Settings – Report Settings in your Cyfin or CyBlock product and clicking on the Advanced Options link. The new options include the following:

  • Check For New Logfiles. Before running a report, the product will check for any new logfiles. This option is selected by default.
  • Compress Reports For Email. This compresses the report attachment for read-only reports in an email as a .zip file.
  • Display Login Name and IP Address. Select this option if you want to see both the login name and IP address for each record in the report.
  • Include All Group´s Users. This will display a user ID even if there is no data for that ID in a User Audit Detail or Category Audit Detail report.

If you have any questions about these settings, contact technical support by phone at 321-953-5351, ext. 4 or by email at support@wavecrest.net.

More Businesses Monitoring Employees’ Internet Use

Leave a reply

More businesses are monitoring their employees’ use of the Internet due to a constantly evolving Internet and increased security and productivity concerns.  A recent article, “Big Employer May Be Watching,” from the Tampa Bay Business Journal discusses these concerns in more detail and provides advice from various IT professionals in the field of Employee Internet Management.  Below is a snippet of the article with advice from Wavecrest Computing’s VP of Business Development, Dennis McCabe.

The reasons why companies monitor employees has changed over time, said Dennis McCabe, VP of business development at Wavecrest Computing Inc., a developer of management software based in Melbourne.

After the burst of the dot-com bubble companies grew increasingly concerned with productivity. The concern later shifted to security issues posed by unwanted e-mail or “spam.” Productivity is once again a concern with the economic downturn, as well as security within a company, he said.

“This is not a firewall where you might have unknown hackers that might attack you. These are people working in your building, colleagues,” McCabe said.

Communication between management and staff is essential.

“You need informed management about how employees are using it and based on companies’ philosophy,” McCabe said. “They need to formulate a policy based on that.”

Online Video Viewing is Up

Leave a reply

According to Nielsen’s “VideoCensus,” online video viewing is up this year compared to last.  Total video streaming was up 31.4%, and viewers spent an average of about 3.5 hours watching online video in July.  This is an increase of 42.2% from 2008.  The most popular video Web site was YouTube with over 7 billion streams in July 2009. A simple 5 minute video on YouTube uses 12,500 kilobytes in bandwidth.

Online video viewing often happens in the workplace where users have access to a faster Internet connection.  This can cause network slowdowns or latency in the workplace if abused.

The below Cyfin and CyBlock reports can be used to track bandwidth usage by users and identify potentially troublesome sites.  These reports can help you anticipate overload possibilities and the need (or lack of need) to purchase additional capacity.  If abuse can be detected and brought under control, the cost of additional capacity may be avoided.

  • Site Analysis Bandwidth Report – Focusing on kilobytes by classification, category, and users, this report gives a good overview of whether the majority of bandwidth consumption was acceptable and which categories and users used the most bandwidth.
  • Top Bandwidth Sites Report – This report shows the top bandwidth consuming sites and their categories for the specified time period.
  • Network Information Report – Find out your busiest time of day for Internet use with this report.  It shows visits and kilobytes read by hour.

Source: https://www.emarketer.com/Article.aspx?R=1007247