Eappariello (30th March 2013)
I did feel lacking in information on technical detail for Lightspeed - a lot of the wiki seems to be customer only. It would be helpful if you could put an easily accessible page of technical specifications and features with a comparison of the different models. Maybe one already exists and I missed it as well!
Eappariello (30th March 2013)
Thanks for the feedback however, I will endeavour to see if we can improve the Wiki in this area.
Did you happen to contact support with this question, or attend the free web essentials course, or free training videos ? or was you not informed about them ?
Thanks again for the feedback
Last edited by Eappariello; 30th March 2013 at 08:51 PM.
I do not recall being pointed to the web essentials course or web videos, but I may have forgotten. However, pre-sale when I am trying to compare different options and get as much of a complete overview as quickly as possible, personally I find video a rather slow way to learn about a product. So had I known about the videos, I would probably have skipped through some but not watched them all.
Eappariello (31st March 2013)
It might be of interest to note that we see dynamic content analysis come to the fore in sites like Yahoo Mail where the users news feed might show objectionable content when they log in. On the face of it, yahoo mail is a webmail site in the webmail category, but we do see it blocked based on content - most commonly Gambling and Porn based on the ads and news feeds on the landing page. Of course most of the time you won't see this but periodically we see customers baffled by why the block page appears for something 'normal' like yahoo mail and when you drill into the log you find out it was blocked on content.
You'll see it too in sites that randomly generate content when the random generator puts together something that triggers a content block. I can't point you to one though as the nature of it is random.
Jollity (10th April 2013)
Page 9 (only) of this thread is now being categorised by the Smoothwall content filter under web proxies and blocked. I don't think it likes being criticised.
And thisDid a quick test and it seems not, but I am not quite sure what category the security forum would be blocked under - proxy bypass maybe? I would be surprised about it being blocked under any dynamic filtering though - working out automatically that that content is sensitive seems as if it would be pretty tough. Easy to block the security forum manually of course, but then we have web forums as a category blocked for pupils.
Reading this page and taking those key words you could be looking at a forum which is telling you how to bypass filtering.My information about lack of SSL decryption
tom_newton (11th April 2013)
Thought I'd dig this thread up a year later.
Those who have made the switch from Smoothwall to Lightspeed, what are your experiences ? Are you happy ? regrets ?
psydii (4th May 2014)
Also interested in this. We've had *countless* demos, webinars, do's, dont's etc of Lightspeed and still it would be apparent that Smoothwall is the preferred product even now. However that's just how it comes across...
The school has been using smoothwall for a long time now and I've seen it grow, reading back through this thread, a lot of the things smoothwall mentioned haven't materialised in a year since the thread was started (reporting etc.) the layer 7 addition got released without any fanfares and is a paid addon module at 500 quid, I've a demo of it but I can't find any news or information on how to use it (its in outgoing ports and I can't appear to get it to work) I could open a ticket to get info or make a post on the smoothwall forum here - which I did but got totally ignored. The school is gearing up to BYOD and iPads more and more and I'm just feeling out of control with the filtering (students running rampant with private VPN's and other apps) most app traffic is unmonitored as far as I can tell. I need a product more in line with this.
ibpalle and I are really excited about what's coming. We expect there will be a number of small revisions as time goes on to better adapt the reporting system for the needs of our customers.
As far as the layer 7 module goes, this should fit in seamlessly with your port rules and be configured under the Networking > Outgoing > Ports, find the port rule you want to edit and click 'Edit' on the 'Blocked Services' entry. This will take you to an 'Edit Services' screen where you can use the Layer 7 content to block services.
It is not possible to allow services based on these as the problem is identifying them. The way it works is to perform deep packet inspection and often traffic can only be categorised once an initial handshake has been processed. So your client might say hello to a P2P service but can't then send or receive traffic. The inbuilt Manual accessed using the 'Help' or '?' buttons has configuration information for this under the title 'Managing Blocked Services'.
App traffic doesn't always behave in a standard way and add into that complications from HTTPS and you have a bit of a minefield. A big part of effectively filtering mobile devices is Authentication. If you're using captive portal then apps aren't ever going to play nice with it because captive portals are browser based and most apps don't interface with the browser at all. The next snag you hit with apps is SNI - they aren't browser based so the applications have to be written to support SNI and lots of them aren't which is a problem when trying to intercept HTTPS. A lot of traffic goes out over HTTPS these days so a lot of this is going to be damage limitation. Private VPNs are a firewall issue more than a filtering one so it might be worth bringing down an iron curtain and blocking all outgoing traffic on all ports then taking each request as it comes.
The Smoothwall Support forum on this board is a peer support forum rather than an official support channel - our support engineers cannot prioritise posts on Edugeek over support tickets so if you are experiencing an issue with your Smoothwall product we always recommend that you log a support ticket in line with your Support agreement rather than relying on an engineer seeing your post as many simply are not able to spend time on this board.
Please consider making the reports more "human readable" and in line with what school managers would want to see.
The user inteface also needs a lot of work, I completly missed how to change the dates on a report as it was such a small box at the top of the screen and not on the report options toolbar. Imo this should all be in the one place.
Also consider offering the option of SSD drives in your future UTM boxes as this would make creating reports so much quicker.
Last edited by zag; 6th May 2014 at 12:56 PM.
There are currently 2 users browsing this thread. (0 members and 2 guests)