Filtering Modes for Connect for Windows, iOS, and macOS

What are Filtering Modes?

Filtering Modes allow you to customize and control how Connect filters your end user’s Windows, macOS, and iOS/iPadOS devices. Filtering Modes are set in School Manager in the Configuration > Mobile Agents page. Linewize Support will work with you to select and implement the best filtering modes for your school.

There are three primary filtering modes, each with their own advantages and disadvantages:

• DNS Filtering Mode is the fastest and least intrusive filtering mode but will limit School Manager’s reporting abilities. 
• Web Filtering Mode balances performance with reliable filtering by monitoring the common ports used for web content instead of all ports. 
• Full Filtering Mode offers the most thorough filtering but comes with a slight increase in network traffic and the processor load on the users’ devices as it monitors all internet activity.  

On Network or Off Network?

You will see that the Mobile Agent page includes two sections called On School Manager Network (on network) and Off School Manager Network (off network). If your school uses a physical School Manager appliance, you can choose to filter users’ devices differently when they are on your school’s network or on a non-school network. Linewize support will work with you to find the best on and off network configurations for your school or district.

If your school doesnothave a physical appliance (your school uses cloud-filtering), your users’ devices will have the same functionality, both on and off your school's network, based on your Filtering Mode in Off School Manager Network. 

Default Filtering Mode and Filtering Groups

The Default Filtering Mode allows you to set the filtering mode for the majority of your users. Filtering Groups are pools of users who are subject to a different filtering mode.

A Default Filtering Mode will be active on your user's device unless the user is in a Filtering Group. Most of the time, Filtering Groups are empty and are only used for special situations. For example, you may enable DNS Filtering for a Group of iPad users while enabling Web Filtering as the default for all other users.

DNS Filtering Mode

DNS Filtering Mode is the fastest, most basic filtering option. It requires a minimum amount of processor capacity and network bandwidth from your users’ devices. DNS Filtering works with devices running Connect. Connect uses the loopback address (127.0.0.1) to intercept DNS requests before connecting the device to a website. The DNS request is forwarded to a Linewize Cloud DNS filter where your user policies are applied to the requests. The device will load allowed requests or will display a DNS Block Page if the content is blocked.

Filtering Groups can also be used to enable DNS Filtering only on iPads to avoid conflicts with Mobile Device Management (MDM) running on the devices. 

DNS Filtering Mode does not support MITM (Man In The Middle). MITM is needed for:

• Search Reports and Video Reports
• Red Flag risk indicators for search keywords and video content details
• Limiting users’ access to personal accounts using Custom Header filtering when Connect is running  macOS and in a Chrome browser.

Web Filtering Mode

Web Filtering Mode is more reliable than DNS Filtering, with only a slight increase in traffic on your physical network and only requires a moderate amount of the user’s device processor. It is a good choice for laptops such as Windows, macOS, and Chromebooks. It can also be used with iOS/iPadOS devices that do not use MDM.

When Web Filtering Mode is enabled, Connect uses a packet filter to intercept traffic commonly used for websites, application content, and communications on three common ports:

• Port 53- IP and domains typically used to transmit website content
• Port 80- services like VOIP (voice and chat services), BitTorrent (file sharing between random devices on the internet), remote screen sharing, CDNs (websites queued up on nearby servers), streaming media, gaming services, and web proxies
• Port 443- encrypted data from web connected applications, forms, and websites using Transport Layer Security (TLS)

Full Filtering Mode

Full Filtering Mode is the most thorough filtering because it inspects all traffic, regardless of port or network protocol. Most of your users will not notice any difference in their device performance, but you will see a small increase in your overall network traffic. This is because Full Filtering Mode uses a packet filter to intercept all traffic from your users’ devices and applies your filtering policies to all traffic.