One admin interface to manage all your employees’ Web use–CyBlock Hybrid Array.

Monday, December 12th, 2016

binary-1536650_640

Since all your employees use the Internet in some way every day, whether for cloud services, research, or just e-mail, they are prime targets for hackers, malware, and data theft. Efficiency can play a key role in actively keeping your company secure from as many cyber threats as possible, especially today when your employees can be working in many different locations.

Choosing multiple cloud instances allows for advanced coverage of your distributed workforce but this can be time-consuming if managing each separately. Solution? CyBlock Hybrid Array. Now you can have one server location to manage all your CyBlock Cloud instances as well as your main office CyBlock installation–see charts or run reports that include all the locations or focus on one, monitor any of the paired CyBlock Cloud accounts, and manage any policy changes that can automatically or manually be synced with the appropriate cloud instance.

Easy, efficient, proactive management of your Hybrid deployment with multiple-region CyBlock Cloud capability. Saving more of your time so you can focus on the mission-critical operations.

CyBlock Hybrid allows you to manage the policies for your on-premises and off-premises employees. Using CyBlock Cloud along with your CyBlock Appliance or Software installation, the Hybrid deployment secures remote and mobile users so there is no need to route traffic back to the main office. Free up local server bandwidth; easily monitor, filter, and manage users, both local and remote; and easily access reporting, real-time monitoring, and Dashboard charts for both your CyBlock Cloud and local CyBlock configurations.

To find out more about CyBlock Hybrid and CyBlock Hybrid Array, please contact us today.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Cyfin Release 8.8.2 and CyBlock Release 6.8.2 Now Available

Monday, July 1st, 2013

We are pleased to announce the release of new versions of CyBlock Appliance, CyBlock Software, and Cyfin. In this release, you will find significant enhancements to the products. For CyBlock, the first enhancement is the addition of a new screen that allows you to install client authentication certificates for the proxy so that it can connect to sites that require a nonstandard client certificate. The second enhancement involves a total revision of the Login Name Caching feature to allow more flexibility in the way user names are cached and cached entries are used. Also for CyBlock, domains that have issues when SSL Inspection is used can now be exempted from inspection.

Other enhancements in this release include the ability to import Active Directory Groups and IDs on a more frequent basis than once every 24 hours, and for Cyfin, we have made numerous changes to log file configurations. We also have a number of corrections in this release. The enhancements are described below.

  • SSL Certificates.  This includes the following changes:
    • The ability to install client authentication certificates for the proxy has been added so that the proxy can connect to sites that require a nonstandard client certificate. The proxy uses the installed client certificates when SSL Inspection is enabled to identify clients (Web applications) to Web servers.
    • The Advanced Settings – Proxy Settings – SSL Certificates screen has been added to allow you to add a client certificate. On this screen, you assign domains and groups and/or IDs to the certificate so that the usage of the certificate is secured to only those domains and for those groups and/or IDs. All fields on the screen are required.
    • As certificates are added, they are displayed in a list where you can enable/disable, edit, view, and delete each certificate.
  • Login Name Caching.  This includes the following changes:
    • The Advanced Settings – Proxy Settings – Login Name Caching screen has been updated to allow more flexibility in the way user names are cached and cached entries are used. The screen now consists of the following fields:
    • Cache Mode – The following options are available:
      • Primary – In this mode, cache is used when connection requests are made. If a cache entry is not found or is invalid, authentication occurs and user names are added to the cache.
      • Supplemental – This option is the default and replaces the previous Enable option. If authentication fails or an entry in the Authentication Manager Bypassed list is accessed, the cache is used before the user name “bypassed.”
      • Disabled – In this mode, cache is never used, and all connection requests are authenticated. Entries in the Authentication Manager Bypassed list are given the user name “bypassed.”
    • Duration of Valid Entry – This is the time in minutes that the entry will be available in cache before it is cleared. The default is two minutes.
    • Exempt IPs – This box allows you to enter IP addresses that should be excluded from login name caching. Wildcards (e.g., asterisk (*)) in IP addresses are not matched and should not be used.
  • SSL Inspection.  This includes the following changes:
    • The Advanced Settings – Proxy Settings – SSL Inspection screen now allows you to specify domains to be tunneled, that is, exempted from inspection.
    • Domains to be tunneled can be added or deleted.
    • The list of domains to be tunneled will include specific entries from the URL List. These sites are known to have issues when SSL Inspection is used, and they cannot be deleted from the domain list.
  • Active Directory.  The ability to import Active Directory Groups and IDs on a more frequent basis than once every 24 hours has been added. The Frequency field was added to the Advanced Settings – Groups and IDs – Import – Active Directory – Schedule screen allowing you to schedule the import hourly or at a specific hour.
  • Log File Configurations.  This includes the following changes:
    • On the Logfiles – Setup – Select Logfile Type screen, the Type of Logfile drop-down box has been updated as follows:
      • The following log file configurations have been added.
        • EdgeWave iPrism
        • NETGEAR
        • Palo Alto Firewall
        • Trustwave
      • The following log file configurations have been renamed.
        • 8e6 to 8e6 Appliance
        • BorderManager Proxy to BorderManager
        • BorderWare Firewall to BorderWare
        • Cisco Cache Engine to Cisco Content Engine
        • IronPort Appliance to IronPort
        • Nemesis Cache Proxy to SuperLumin Nemesis
        • NetCache Appliance to NetCache
        • Symantec Web Security to Symantec Web Gateway
      • The sort in the drop-down box has been changed to a case-insensitive sort. Previously, entries beginning with a lowercase letter were sorted last in the list, and entries with the first few letters in uppercase were out of order.
      • The following log file configurations have been converted to an XML format and allow the processing and better handling of more records. Previous and new reports may show differences in counts based on the number of records processed.
        • Barracuda Networks
        • Bloxx Proxy
        • Blue Coat Systems (SGOS 3 & 4 & 5)
        • Blue Coat Systems Common Format
        • CyBlock Appliance
        • CyBlock Proxy
        • Cyfin Proxy
        • EdgeWave iPrism
        • IronPort
        • McAfee Web Gateway
        • NETGEAR
        • Palo Alto Firewall
        • Squid Proxy
        • SuperLumin Nemesis
        •  Webwasher Gateway V7

To see the full release notes for your product, visit the Support Forum. You can download the latest release by going to the Administration – Product Update screen in your Cyfin or CyBlock product.

For additional assistance, please contact us.

Downloading Windows 8 Apps

Thursday, June 27th, 2013

Companies that filter and monitor Web traffic by user name do so in order to enforce their Acceptable Use Policy and for reporting purposes. In order to obtain user names for filtering and reporting purposes, they enable the authentication of all Web requests. An issue that arises with authentication is that there are some Web apps that do not respond to authentication requests.  This is the case with Windows 8 apps.

In order for the Windows 8 operating system to download apps through CyBlock Software or CyBlock Appliance, entries need to be made in the Authentication Manager. This work-around puts these apps in an authentication “Bypass” list where they are exempt from authentication. CyBlock will not require authentication for any URL/User-Agent combination established in the Bypass list. Any user name cached for this connection will be used. If none is cached, the activity will be logged with the user name of “bypass.” The steps below should be followed.

  1. Go to the Advanced Settings – Proxy Settings screen, and click the Authentication Managerlink.
  2. Under Display Selection, select Bypassed or All to display the Bypassed entries. Note that the All option will display the Pending Bypass entries also.
  3. Under Bypassed, click the Add new bypass entry link. A dialog box is displayed.
  4. Enter each of the following combinations of URL or Domain and User-Agent, and click Add after each entry.
URL or Domain User-Agent
*.apps.microsoft.com *
*ws.microsoft.com *
* MSappsHost/*

 

The entries on the screen should look like the following example.

CyBlock Authentication Bypassed Entries

 

For additional assistance, please contact Technical Support at (321) 953-5351, Ext. 4 or support@wavecrest.net.

Cyfin Release 8.8.1 and CyBlock Release 6.8.1 Now Available

Thursday, May 23rd, 2013

We recently released new versions of Cyfin, CyBlock Software, and CyBlock Appliance. In this release, you will find several corrections as well as improvements to the Restore/Download feature and to access accounts. With the Restore/Download enhancement, you will be able to transfer all of your current configuration settings to another installation of the product. This will prove to be useful if you are transitioning to production mode or purchasing a new server. With access accounts, you can now confirm a password when creating or modifying an access account. The enhancements are described below.

  • Restore and Download.This includes the following changes:
    • The ability to transfer all configuration settings to another installation of the product has been added.
    • Transfers of configuration settings are only supported for the same product type, for example, CyBlock Software to CyBlock Software. Transfers across products are not allowed.
    • Transfers of configuration settings are only supported from this release and later. Previous restore points before this release are not transferable.
    • On the Administration – Restore – Restorescreen, the Choose Restore Type field has been added with Full and Configuration Only options.
      • The Full option allows you to transfer configuration settings from one product type to the same product type with the same restore point path on the same computer.
      • The Configuration Only option allows you to transfer configuration settings to a different restore point path on the same computer or to a different computer.
    • On the Administration – Restore – Download screen, the following has been added:
      • A Restore Point Settings section to allow you to edit or select the restore point path.
      • An Update button to reload the new restore point path.
      • A Create Restore Point section to allow you to create a new restore point using a Create button.
      • A Restore Point Filename field that displays the name of the .zip file in the format yyyymmdd+hhmmss.zip. Older restore points with file name ##.zip will still be displayed; however, they are not transferable and should not be used.
  • Access Accounts.This includes the following changes:
    • For Cyfin and CyBlock Software, the Enter Password and Confirm Password fields have been added to the following screens to allow you to enter and confirm a new password when creating or modifying an access account:
      • Administration – Access Accounts – Create
      • Administration – Access Accounts – Modify
    • For CyBlock Appliance, the Enter Password and Confirm Password fields have been added to the Administration – Access Accounts – Modify screen to allow you to enter and confirm a new password when modifying an administrator access account.
    • If the new and confirmable passwords do not match, a red x is displayed, and the Submit button is disabled.

To see the full release notes for your product, visit the Support Forum. You can download the latest release by going to the Administration – Product Update screen in your Cyfin or CyBlock product.

For additional assistance, please contact us.

Cyfin Release 8.8.0 and CyBlock Release 6.8.0 Now Available

Wednesday, April 17th, 2013

We are excited to announce the release of two major enhancements in the new version of Cyfin and CyBlock. The first major enhancement is the new SSL Inspection feature that allows our CyBlock products to decrypt, analyze, and fully inspect all HTTPS traffic. In order to defeat security threats facing companies today, SSL Inspection is essential. The second major enhancement is an innovative technique for protection against automated invasion of malicious scripts and software and/or unauthorized access to internal networks. Enhanced Malware Protection automates the process of identifying large numbers of new malware-spreading sites daily. To facilitate identifying and blocking malware traffic, three security threat categories have been consolidated into a new Malware category.

Other enhancements in this release include the rebranding of our products, new product icons displayed after installation, and new product Help. We also have a number of corrections in this release. The details of the enhancements include the following:

  • Product Rebranding.The Wavecrest products have been rebranded as follows:
    • The products offered are CyBlock and Cyfin (formerly Cyfin Reporter).
    • Three deployment options are available for CyBlock:
      • CyBlock Software (formerly CyBlock Proxy)
      • CyBlock Appliance
      • CyBlock ISA/TMG
    • These changes are reflected on the Wavecrest Web site and the Forum. They will eventually transition to the products and associated documentation.
  • SSL Inspection.This includes the following changes:
    • Ability to view the full URL including path, embedded URLs, and parameters.
    • Domain, path, and parameter matching.
    • Ability to filter detailed HTTPS traffic by Web categories and Web content types and display blocking messages for both.
    • Safe Search blocking (where applicable).
    • Ability to view full URLs in the Real-Time Web Monitor.
    • Ability to view full URLs in the following reports (where applicable), not just domains:
      • Category Audit Detail
      • Category Audit Summary
      • Site Audit Detail
      • User Audit Detail
      • User Audit Summary
    • A new SSL Inspection screen that allows you to select groups and/or IDs and standard and custom categories to be inspected. To access this screen, go to Advanced Settings – Proxy Settings – SSL Inspection. For inspection to occur, you must select a group and/or an ID, and set a category to Inspected. The Financial category is set to Tunneled by default for privacy reasons, but this can be changed to Inspected.

Note:  Before using SSL Inspection, the Wavecrest Certificate must be installed. Refer to the Wavecrest Certificate Installation Guide for instructions on how to install/distribute the certificate. For more information on this enhancement, see the SSL Inspection Tech Brief.

  • Enhanced Malware Protection in URL List.This includes the following changes:
    • Extensive malware site additions were made to the URL List. You will receive the enhanced protection when the list is downloaded manually or automatically.
    • The Hacking, Phishing/Fraud, and Spyware/Malicious categories were consolidated into a new Malware category.
    • Custom URL entries categorized as Hacking, Phishing/Fraud, and Spyware/Malicious are now categorized as Malware.
    • The Hacking, Phishing/Fraud, and Spyware/Malicious categories were replaced by the new Malware category on appropriate screens and in all category drop-down boxes.
    • For CyBlock, on the Block Web Categories screen, the Malware category is set to “Block” in the Default policy in new installations by default. In existing installations, previous settings will not change when the product is upgraded, that is, the Malware category will be set to the previous Spyware/Malicious category setting.
    • The Malware category is displayed on the Help – Reporting – Check URL screen under URL Category Match when there is a category match.
    • Scheduled reports now report on the Malware category if they were set up to report on the Hacking, Phishing/Fraud, and Spyware/Malicious categories.
  • Product Icons. The Wavecrest product icon has been replaced with new CyBlock and Cyfin product icons on the Start menu and on the browser tab (favicon).
  • Product Help. The QR pages in the product have been replaced by a new searchable Help system. The Help system has a similar TOC as the product manual, but also includes an Index and a Search box. If a search result indicates “Web site,” you can right-click the entry to open the page in a new tab or window. You can also print a displayed Help topic by clicking the Print button.

To see the full release notes for your product, visit the Support Forum. You can download the latest release by going to the Administration – Product Update screen in your Cyfin or CyBlock product.

For additional assistance, please contact us.