CyBlock/Cyfin Release 9.0.5 Now Available

Thursday, March 20th, 2014

We are pleased to announce the release of a new version of CyBlock Appliance, CyBlock Cloud, CyBlock Software, and Cyfin. In this release, you will find corrections as well as enhancements to the products. For CyBlock Cloud, several enhancements have been added including the new SSL Inspection feature that allows our CyBlock products to decrypt, analyze, and fully inspect all HTTPS traffic. The enhancements are described below.

CyBlock Cloud

  • SSL Inspection. The new functionality includes the following:
    • Ability to view the full URL including path, embedded URLs, and parameters.
    • Domain, path, and parameter matching.
    • Ability to filter detailed HTTPS traffic by Web categories and Web content types and display blocking messages for both.
    • Search Term blocking.
    • Ability to view full URLs in the Real-Time Web Monitor.
    • Ability to view full URLs, not just domains in the following reports:
      • Category Audit Detail
      • Category Audit Summary
      • Site Audit Detail
      • User Audit Detail
      • User Audit Summary
    • A new SSL Inspection page that allows you to first install the Wavecrest Certificate, and then select groups and/or IDs and categories to be inspected. Go to Settings – Proxy – SSL Inspection to access this page.
  • Control Web Categories. The following features have been added:
    • The Filtering Schedule allows you to block categories by day, hour, or half hour
    • Coaching can be enabled on blocked categories and allows users to temporarily bypass blocked sites.
  • Web Blocking Message. The following features have been added:
    • The Redirect option allows you to specify a URL that the user will be redirected to when he or she tries to access a blocked site.
    • “Coaching” has been added to the Tokens drop down in the Message Editor, and token {6} to the blocking message for coaching purposes. If coaching is enabled on the Control Web Categories page, the message will include a link to bypass the blocking message allowing the user to access the Web site.
  • Reports. The following features have been added:
    • On the Manage Reports page, in the Recently Run Reports section, the view icon allows you to view your recently run report. If multiple reports were generated depending on how you ran the report, a list is displayed with links.
    • On the Create Report page, the following options have been added:
      • Report Format. A PDF version of the report can now be generated in addition to the HTML format.
      • Time Frame Filter. The Filter field allows you to filter the days and times to include in the report data. You can create a new filter or select an existing filter.
    • Sample Site Analysis and User Audit Detail reports are now available. Go to Reports – Sample Reports to access these reports.
  • Product Help. The Technical Support contact page has been replaced by the product Help. The Help system has a similar TOC as the product manual, but also includes an Index and a Search box. Access the product Help by clicking Help in the navigation bar at the top.

CyBlock Appliance and CyBlock Software

  • Web Blocking Message. This includes the following changes:
    • “Coaching” has been added to the Tokens drop down in the Message Editor.
    • For the Redirect option, a note is displayed indicating that the URL for the blocking message must include “https://.”
  • SSL Inspection. The URL live.mozillamessaging.com has been added from the URL List to the list of domains to be tunneled and cannot be deleted from the domain list.

CyBlock Appliance, CyBlock Software, and Cyfin

  • E-Mail Settings. The ability to use e-mail server authentication has been added to the Settings – E-Mail page. If authentication is required, you can now enter the e-mail server user name and password.

To see the full release notes for your product, visit our Web site. You can download the latest release by going to CyBlock Software Downloads or Cyfin Downloads. To upgrade CyBlock Appliance, please contact Technical Support at (321) 953-5351, Ext. 4 or support@wavecrest.net.

For additional assistance, please feel free to contact us.

Displaying the Blocking Message When Connecting to a Secure Site

Tuesday, August 6th, 2013

Using CyBlock Software or CyBlock Appliance, a secure Web site (https://domain) can be blocked by blocking the corresponding category, explicit URL, or custom category in which the URL has been added. If the secure site contains a path (https://domain/path), the URL match is made on only the domain portion by default. SSL Inspection has to be turned on with the associated blocked category set to be inspected in order to match on the domain and path portions combined.

However, the following issue may be encountered with the browser for a secure site (https://domain). When a user attempts to connect to a blocked secure site through CyBlock Software or CyBlock Appliance, the browser is only capable of receiving a Connection Established header response. Any other response, including a blocking message, is treated as a failed connection, and contents embedded in the response are not rendered due to security constraints.

Therefore, in order to display the blocking message when a user is connecting to a blocked secure site, the proxy must first send a Connection Established header which will require an SSL certificate to be accepted by the browser. This certificate is generated using the Wavecrest root certificate. If the Wavecrest root certificate is not already installed in the browser, a certificate warning message will be issued that must be accepted in order to display the blocking message. Please see the Wavecrest Certificate Installation Guide for instructions on how to install and distribute the Wavecrest root certificate and prevent the certificate warning message for your users.

If you do not accept the certificate when you receive the warning message, just a blank page will be rendered in the browser with a generic browser error message.

For additional assistance, please contact Technical Support at (321) 953-5351, Ext. 4 or support@wavecrest.net.