How can I exclude a computer from SonicWall content filtering service (CFS)?
08/26/2022 1,348 People found this article helpful 492,346 Views
Description
How to exclude a computer from SonicWall Content Filtering Service (CFS)
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
IP address ranges can be manually added to or deleted from the CFS Exclusion List. Content filtering is disabled for IP addresses in the CFS exclusion list. These address ranges are treated as trusted domains. Select CFS Exclusion List to enable this feature.
The Exclude Administrator checkbox controls content filtering for administrators. By default, when the administrator (“admin” user) is logged into the SonicOS management interface from a system, CFS blocking is suspended for that system’s IP address for the duration of the authenticated session. If you prefer to provide content filtering and apply CFS policies to the IP address of the administrator’s system, uncheck the Exclude Administrator checkbox.
To add a range of IP addresses to the CFS exclusion list, follow these steps.
- Login to the SonicWall management Interface.
- Navigate to Policy | Ssecurity Services |Content Filter.
- Select the Excluded Address listbox.
- Click Create new address object next to excluded address. The Add Address Object window is displayed.
- Enter the first IP address in the range in the IP Address From: field and the last address in the IP Address To: field
- Click OK.
- Click Accept on the Security Services | Content Filter page. The IP address range is added to the CFS exclusion list.
Modifying or Temporarily Disabling the CFS Exclusion List
To modify or temporarily disable the CFS exclusion list:
- To keep the CFS exclusion list entries but temporarily allow content filtering to be applied to these IP addresses, Select None next to the Excluded Address.
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
IP address ranges can be manually added to or deleted from the CFS Exclusion List. Content filtering is disabled for IP addresses in the CFS exclusion list. These address ranges are treated as trusted domains. Select CFS Exclusion List to enable this feature.
The Exclude Administrator checkbox controls content filtering for administrators. By default, when the administrator (“admin” user) is logged into the SonicOS management interface from a system, CFS blocking is suspended for that system’s IP address for the duration of the authenticated session. If you prefer to provide content filtering and apply CFS policies to the IP address of the administrator’s system, uncheck the Exclude Administrator checkbox.
To add a range of IP addresses to the CFS exclusion list, follow these steps.
- Login to the SonicWall management Interface.
- Navigate to Manage |Security Configuration | Security Services |Content Filter.
- Select the Enable CFS Exclusion List checkbox.
- Click Create new address object next to excluded address. The Add Address Object window is displayed.
- Enter the first IP address in the range in the IP Address From: field and the last address in the IP Address To: field.
- Click OK.
- Click Accept on the Security Services | Content Filter page. The IP address range is added to the CFS exclusion list.
Modifying or Temporarily Disabling the CFS Exclusion List
To modify or temporarily disable the CFS exclusion list:
- To keep the CFS exclusion list entries but temporarily allow content filtering to be applied to these IP addresses, Select None next to the Excluded Address.
Resolution for SonicOS 6.2 and Below
The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.
IP address ranges can be manually added to or deleted from the CFS exclusion list. Content filtering is disabled for IP addresses in the CFS exclusion list. These address ranges are treated as trusted domains. Select Enable CFS Exclusion List to enable this feature.
The Do not bypass CFS blocking for the administrator checkbox controls content filtering for administrators. By default, when the administrator (“admin” user) is logged into the SonicOS management interface from a system, CFS blocking is suspended for that system’s IP address for the duration of the authenticated session. If you prefer to provide content filtering and apply CFS policies to the IP address of the administrator’s system, select the Do not bypass CFS blocking for the administrator checkbox.
To add a range of IP addresses to the CFS Exclusion List, follow these steps.
- Login to the SonicWall management interface.
- Navigate to Security Services |Content Filter.
- Select the Enable CFS Exclusion List checkbox.
- Click Add. The Add CFS Range Entry window is displayed.
- Enter the first IP address in the range in the IP Address From: field and the last address in the IP Address To: field.
- Click OK.
- Click Accept on the Security Services | Content Filter page. The IP address range is added to the CFS exclusion list.
Modifying or Temporarily Disabling the CFS Exclusion List
To modify or temporarily disable the CFS exclusion list:
- To keep the CFS exclusion list entries but temporarily allow content filtering to be applied to these IP addresses, Uncheck the Enable CFS Exclusion List checkbox.
- To edit a trusted domain entry, click the Edit icon.
- To delete an individual trusted domain, click Delete icon for the entry.
- To delete all trusted domains, click Delete All.
Related Articles
Categories