Appendix II - Cipafilter Documentation

Manual - Appendix II: Privacy / remote access disclosures

Your Cipafilter contains several features which, while designed to enhance usability and provide for excellent support, may create privacy concerns for some.  In the interest of maintaining openness and an informed user base, these features are documented in this section.

Remote access

Cipafilter retains the administrative keys and Web interface passwords for all Cipafilter units.  This is necessary for certain technical functionality (for instance, remotely deploying updates), but perhaps more importantly it allows Cipafilter employees to, at any time, remotely access your Cipafilter.

This is intended to provide speedy tech support — technicians are able to quickly log in to diagnose problems or update settings without requiring customers to set up special accounts and so on.  From time to time, tech support will also forward bugs or configuration issues to Cipafilter development for resolution; this may entail logging in to diagnose the problem and (less commonly) to deploy a fix.

As many customers are uncomfortable having maintenance performed or serious changes applied to their devices (particularly during business hours), all reasonable effort is taken to avoid making any such modifications to running units without receiving prior approval from the customer.  However, exigent circumstances, such as the disclosure of a serious vulnerability in one of the Cipafilter firmware's constituent software packages, may require changes to be applied without notification (usually after business hours or during the weekend).

Configuration data, database contents, and logs

All Cipafilter units automatically upload backups of their configuration data to the Cipafilter Enterprise system each night.  These backups are encrypted prior to (and then during) transmission, and are stored in the same encrypted format.  However, in order to provide support and disaster recovery, Cipafilter employees have the ability to decrypt these configurations.  This means that Cipafilter does have access to certain sensitive configuration data, like LDAP authentication credentials, User Manager credentials, and SSL private keys.

As part of their administrative remote-access capabilities, Cipafilter employees also have access to data stored locally on customers' hardware.  This includes not only the previously mentioned configuration information, but also the contents of the Cipafilter database and its logs.  These sources usually do not contain critically sensitive data like passwords, but they can reveal otherwise detailed information about an organization's network configuration, devices, and Internet usage, including (if so configured) those of staff and administrators.

Although copies of this local data are not maintained in Cipafilter's Enterprise system, excerpts may be forwarded to other Cipafilter employees in order to diagnose technical issues.

This information will never be shared externally or used for any purpose besides backup, recovery, problem diagnosis, and similar technical support.

    • Related Articles

    • Manual

      This article provides links to the individual sections of the Cipafilter product manual.  A PDF of the Cipafilter product manual is attached to this article. Introduction Interface Conventions Installation Status Management Users Hot Spare ...
    • Manual - Web Filtering

      The first thing to decide with regard to Web filtering is whether to run individual subnets in transparent or non-transparent (proxy server) mode. Transparent mode  — no client configuration is required, the Cipafilter simply intercepts all traffic ...
    • Manual - Appendix III: Legal Notices

      In addition to both proprietary and open-source first-party components, Cipafilter firmware contains numerous open-source components derived from third-party projects.  Cipafilter aims to meet the licensing requirements of all of these projects. For ...
    • Manual - Group Permissions

      Permissions for groups of users are managed here. Each group has individual settings for the different filtering technologies available, as well as a separate whitelist and blacklist. On this page, you can also edit the global whitelist and blacklist ...
    • Manual - Appendix I: Dot notation to CIDR notation translation table

      The following table shows how to convert common dot-notation subnet masks to CIDR-notation subnet bits. As an example: The subnet mask 255.255.0.0 , when applied to 172.16.0.0 , will cover the addresses 172.16.0.0 – 172.16.255.255 .  To refer to this ...