Cipafilter Support:
1-800-243-3729 Ext. 300
Mon-Fri 7 AM - 6 PM CT
RSS Feed
Latest Updates
Cipafilter 8.8 Preview
Posted by Dan Schuler on 01 September 2015 02:37 PM

Cipafilter is proud to announce version 8.8 of our device firmware. Our major priorities for this version related to SSL decryption and authentication, two subjects on which we have received tremendous feedback from our customers. However, as always, improvements have been made in a number of areas.

SSL decryption by group and domain

SSL decryption is the best — and sometimes only — way to filter the increasingly secure Web. However, many customers have found it to be a complicated investment. Cipafilter 8.8 improves the flexibility and ease of deployment of SSL decryption in two related ways: First, it is now possible to apply SSL decryption on a per-group basis. This allows organizations to selectively exempt particular groups (such as teachers or application servers) from decryption. In addition, decryption can be applied or exempted for each group on a per Web site basis, allowing you to decrypt only what you want.

Multiple authentication directory services

Previous firmware versions supported only a single authentication directory service, which could be a limitation for larger and more complex environments. With Cipafilter 8.8, we now support any number of authentication back-ends. User log-in attempts will be passed to each service in turn until either one succeeds or they all fail. We continue to support all of the back-end options from previous firmware: Microsoft Active Directory, Apple Open Directory, Novell eDirectory, Google OAuth, and Cipafilter User Manager.

Integration with wireless devices via RADIUS accounting

With the new E-Rate focus on wireless systems, we have added the ability for Cipafilter to integrate with wireless APs such as those provided by Ruckus and Aruba. Cipafilter can be configured to receive authentication events from supported APs via RADIUS accounting, providing a seamless authentication experience for your...
Read more »

Important Changes to Google SafeSearch
Posted by Dan Schuler on 03 June 2015 02:59 PM

Google has announced that it will be making some changes to its SafeSearch feature. Currently, when the “Safe Search Enforcement” box is checked on your Cipafilter, searches are sent to a non-SSL version of Google. This allows your Cipafilter to log search terms, as well as to enforce SafeSearch and perform additional filtering through our Enhanced Safe Search features. Due to abuse by external parties, Google will no longer be supporting non-SSL searches and will soon allow only SSL connections.

What this means for you:

Recent versions of Cipafilter firmware will still be able to enforce Google SafeSearch. However, unless SSL Decryption is enabled, Google’s changes will prevent your Cipafilter from either logging searches or using our Enhanced Safe Search features.

Firmware versions supporting this change:

  • 8.6.3 and newer
  • 8.4.7 and newer


If your Cipafilter is on firmware older than the versions listed above, or if you have any additional questions about Google SafeSearch, please contact the Technical Support team at

Read more »

8.6.6 Released
Posted by Chris Cooper on 20 March 2015 03:32 PM

A new build of 8.6 is now available.

Version 8.6.6 - Friday, March 20, 2015

  • New Feature: 0007324: Significantly improved the memory profile of the content filter.
  • 0007415: Increased the default DHCP lease time to 10 days.
  • 0007405: Corrected a minor typo in the portal SSL guide.
  • 0007237: Corrected an issue with DNS resolution which could lead to premature hot-spare fail-over.
  • New Feature: 0006599: Added a virus detection report to the beta web reporting feature.
  • 0007325: Google OAuth directory authentication now excludes group members whose e-mail addresses are not on the configured Google Apps domain.
  • 0007415: Added place-holders showing the default values on the DHCP Server page's Advanced Configuration tab.
  • 0007396: Corrected a minor file-handling issue on the Log Viewer page.
  • 0007475: Updated Web-interface and portal SSL configuration to mitigate 'FREAK' vulnerability (CVE-2015-0204).
  • New Feature: 0007429: Added Enhanced Safe Search and logging support for Wikipedia, Tumblr, Imgur, and (partially) Pinterest.
  • 0007511: Updated software packages to mitigate several minor OpenSSL vulnerabilities (CVE-2015-0209, et al.)
  • 0007479: The Web-interface news feed now includes blog entries from the Cipafilter website.
  • 0007422: The main Web-interface header now links to the Status page.
  • 0007186: Improved the performance of regular-expression matching in the content filter.
  • 0007344: Improved handling of access tokens for the Google OAuth directory back-end.
  • New Feature: 0007429: Added full Safe Search Enforcement and logging support for Flickr.
  • 0007444: Corrected an issue with IPv6 automatic address assignment which could interfere with DNS resolution and mail delivery.
  • 0007324: Decryption connections between clients...
    Read more »

©Cipafilter 2015. All Rights Reserved.