Knowledgebase: Firewall / Security
Advanced CSM Functions in Vigor Routers
Posted by Roy Panetta on 12 December 2011 01:14 PM

Why CSM?

 

CSM (Content Security Management) is a powerful tool for network management. It allows rules to be set to control the traffic types, including web content and web applications, from the Internet. DrayTek’s implementation of CSM simplifies the complicated traditional firewall configuration process to just tick and click exercises.

 

CSM, allows network administrators not to need to deal with IP addresses, port numbers, etc. (tasks that can be tedious and repetitive) but instead can tick applications for P2P, Online Video, etc. directly – a very desirable feature for those who sometimes scratch their heads and pull out their hair trying to set up the firewall rules. DrayTek’s CSM will save network administrators a lot of time because:

  • Many applications no longer use fixed IP or port numbers, rendering traditional firewalls unable to stop traffic from such applications
  • No need to figure out port numbers and rules that are used by individual applications as well as how to configure the router - a time consuming task

 

Parents at home do not need a degree in computer science to be able to configure firewall rules to prevent children from accessing undesirable web pages with sex, violence, on-line gambling, etc. Vigor2820’s CSM GUI has these applications listed and the user only need to tick or un-tick as required.

 

In situations where someone is using up too much of the bandwidth quota, the administrator can set the rules at ease to limit traffic from applications, such as large video files.

What are DrayTek’s Advanced CSM Functions?

 

With new applications for file/resource sharing, remote accessing, video streaming, etc. popping up regularly, it is daunting for network administrators to keep up to date with every potential threat to the network. Therefore DrayTek has provided improved blocking capabilities to protect the network from these new threats.

 

DrayTek has designed the GUI for the Advanced CSM functions to make selection of those applications to block as easy as tick and click, as shown below

There are 3 types of protocols used by these applications: Tunneling, Streaming and Remote Control/Access.

 

Tunneling

Traditional HTTP proxy uses tunneling techniques to provide Internet accesses to remote users.  However, intruders can make use of the proxy and encode the browser packets to avoid detection by the firewall therefore jeopardizing the network security. VPN is another application that uses tunneling techniques that can penetrate the firewall and threaten network security (by a disgruntled employee, for instance).

 

Some recent applications pose greater security threats.  For instance, an employee can install software such as SoftEther in one of the Company PCs. This would then allow an external PC to access the company network as if from a local PC – a very scary thought for any responsible network administrator.

 

Another software application, UltraSurf encodes Web surfing packets by SSL and tunneling, making the packets invisible to traditional firewalls.

 

Streaming

With increasing Internet speed and coverage, it’s more and more common for people to watch video applications, including YouTube and its lookalikes/followers, and other VOD and P2P applications such as PPLive, SopCast, etc. on the Internet.

 

Most people do not understand the problems streaming can pose, such as high bandwidth usage, slow network speeds, reduced work efficiency, etc. For instance, many people substitute daily paper reading with YouTube or YouTube-like reading, resulting in large traffic volumes.  Video file sizes can be tens or hundreds of Mbytes. Households or businesses having a download quota may be surprised when receiving their bills showing charges for excess downloads.  Network administrators cannot filter these packets through URL Filtering.

 

Some applications, including SopCast, PPLive, are stream video based on P2P techniques. Therefore when people are viewing the video from the downstream, the upstream is open for other peers to share the contents – bad news for ADSL2/2+ users who have slower upstream speed than downstream speed.  When the upstream is congested, the downstream speed is also affected.

 

Blocking video streaming will prevent such situations from occurring, with the added benefits of increased work productivity.

 

What are DrayTek’s Advanced CSM Functions?

 

With new applications for file/resource sharing, remote accessing, video streaming, etc. popping up regularly, it is daunting for network administrators to keep up to date with every potential threat to the network. Therefore DrayTek has provided improved blocking capabilities to protect the network from these new threats.

 

DrayTek has designed the GUI for the Advanced CSM functions to make selection of those applications to block as easy as tick and click, as shown below

Picture-1

There are 3 types of protocols used by these applications: Tunneling, Streaming and Remote Control/Access.

 

Tunneling

Traditional HTTP proxy uses tunneling techniques to provide Internet accesses to remote users.  However, intruders can make use of the proxy and encode the browser packets to avoid detection by the firewall therefore jeopardizing the network security. VPN is another application that uses tunneling techniques that can penetrate the firewall and threaten network security (by a disgruntled employee, for instance).

 

Some recent applications pose greater security threats.  For instance, an employee can install software such as SoftEther in one of the Company PCs. This would then allow an external PC to access the company network as if from a local PC – a very scary thought for any responsible network administrator.

 

Another software application, UltraSurf encodes Web surfing packets by SSL and tunneling, making the packets invisible to traditional firewalls.

 

Streaming

With increasing Internet speed and coverage, it’s more and more common for people to watch video applications, including YouTube and its lookalikes/followers, and other VOD and P2P applications such as PPLive, SopCast, etc. on the Internet.

 

Most people do not understand the problems streaming can pose, such as high bandwidth usage, slow network speeds, reduced work efficiency, etc. For instance, many people substitute daily paper reading with YouTube or YouTube-like reading, resulting in large traffic volumes.  Video file sizes can be tens or hundreds of Mbytes. Households or businesses having a download quota may be surprised when receiving their bills showing charges for excess downloads.  Network administrators cannot filter these packets through URL Filtering.

 

Some applications, including SopCast, PPLive, are stream video based on P2P techniques. Therefore when people are viewing the video from the downstream, the upstream is open for other peers to share the contents – bad news for ADSL2/2+ users who have slower upstream speed than downstream speed.  When the upstream is congested, the downstream speed is also affected.

 

Blocking video streaming will prevent such situations from occurring, with the added benefits of increased work productivity.

 

Below is a message that will show up in a YouTube screen when it’s ticked for blocking:

Picture-1

Remote Access

Remote Access is a convenient tool for network administrators or users to be able to access and control remote PCs – a wonderful time saver increasing in popularity. Common applications include: operating the PC in the office from home (e.g., downloading a file to a remote PC), configuring servers remotely (so you don’t need to drive to the server room at wee hours), etc. Only one problem – it’s also a God sent tool for would be network intruders.

 

Network intruders can remotely access the PCs in the office or at home, bypassing the office firewall, for activities that may or may not be legal and causing potential trouble for the companies.  The company data can also be stolen or privacy infringed.

 

Below is an example message when a user tries to access a remote PC with VNC when it’s ticked for blocking:

DrayTek’s advanced CSM functions have included most of the current software for remote access/control, so it’s a matter of ticking and saving as a profile to maintain the highest possible integrity of the networks.  And together with other functions such as Object Based firewall, Time Scheduler, etc., the network administrators can have stress-free lives (at least as far as network security is concerned).

Remote Access

Remote Access is a convenient tool for network administrators or users to be able to access and control remote PCs – a wonderful time saver increasing in popularity. Common applications include: operating the PC in the office from home (e.g., downloading a file to a remote PC), configuring servers remotely (so you don’t need to drive to the server room at wee hours), etc. Only one problem – it’s also a God sent tool for would be network intruders.

 

Network intruders can remotely access the PCs in the office or at home, bypassing the office firewall, for activities that may or may not be legal and causing potential trouble for the companies.  The company data can also be stolen or privacy infringed.

 

Below is an example message when a user tries to access a remote PC with VNC when it’s ticked for blocking:

Picture-1

DrayTek’s advanced CSM functions have included most of the current software for remote access/control, so it’s a matter of ticking and saving as a profile to maintain the highest possible integrity of the networks.  And together with other functions such as Object Based firewall, Time Scheduler, etc., the network administrators can have stress-free lives (at least as far as network security is concerned).

(1 vote(s))
Helpful
Not helpful

Comments (0)