Introduction

With LANCOM Security Essentials, you can filter specific content in your network to prevent access to, for example, illegal, dangerous, or offensive websites. Additionally, you can restrict private browsing on certain sites during working hours. This not only boosts employee productivity and network security but also ensures that full bandwidth is available exclusively for business processes.

LANCOM Security Essentials is an intelligent, dynamic website filter. It contacts a rating server that reliably and accurately evaluates websites based on the categories you selected.

The functionality of LANCOM Security Essentials is based on checking the IP addresses determined from the entered URLs. For many pages, subdirectories within a domain are also evaluated separately so that different sections of a URL can be rated differently.

Important: Users cannot bypass website verification by LANCOM Security Essentials by entering the IP address of a site in the browser. LANCOM Security Essentials checks both unencrypted (HTTP) and encrypted (HTTPS) websites.

The BPjM module is part of the LANCOM Security Essentials or can be obtained separately via the LANCOM BPjM Filter Option software license. The BPjM module is published by the Federal Agency for the Protection of Children and Young People in the Media (Bundeszentrale für Kinder- und Jugendmedienschutz) and blocks domains that must not be made accessible to children and adolescents in Germany.

The license you purchased for LANCOM Security Essentials applies to a specific device category and a specific time period (either one year or three years). The number of users is unlimited. You will be notified in advance when your license is about to expire.

Note: You can test the LANCOM Security Essentials on any router that supports this function. To do so, you must activate a time-limited 30-day demo license once per device. Demo licenses are created directly from within LANconfig. Right-click the device, select Activate Software Option from the context menu, and in the following dialog, click the link next to Need a demo license?. You will automatically be connected to the LANCOM registration server website, where you can select and register the desired demo license for the device.

Category profiles store all settings related to categories. You select from predefined main and subcategories in your LANCOM Security Essentials: 73 categories are grouped into 12 thematic groups, e.g., "Pornography", "Shopping", or "Illegal". Each group allows you to enable or disable the included categories. Subcategories for "Pornography" include "Pornography", "Sex toys", "Sexual content", "Nudity", "Lingerie", and "Sex education".

Additionally, administrators can enable an override option for each category during configuration. When override is active, users can temporarily access a blocked site by clicking a corresponding button—but the administrator will receive a notification via e-mail, SYSLOG, and/or SNMP trap.

Using the category profile you created, along with the whitelist and blacklist, you can create a content filter profile that can be assigned to users via the firewall. For example, you can create the profile "Employees_Department_A", which is then assigned to all computers in that department.

During installation, LANCOM Security Essentials automatically sets up useful default settings that only need to be activated for initial operation. In subsequent steps, you can further adapt the behavior of LANCOM Security Essentials to your specific use case.

Useful default settings are also automatically configured for the BPjM module. For example, there is a default firewall rule in the IPv4 or IPv6 firewall with the system object "BPJM" as the destination station. Define the source stations as the networks that should be protected by the BPjM module. By activating the rule, the BPjM module is started.