The Vicomsoft SoftRouter combines enhanced Internet sharing functionality with the ability to incrementally add a full range of extended Internet connectivity modules.

In its most basic form, it incorporates NAT (Network Address Translation) for Internet connection sharing, an industrial strength TCP/IP router, a DHCP server for ease of administration, DNS caching for faster access, a local DNS server and firewall security.

Vicomsoft's Internet connectivity server modules may be added to SoftRouter á la carte, with each optional module purchased separately. Many users however prefer to benefit from the cost savings and ease of choice offered by a packaged solution. If this is your case, the Internet Gateway suites are for you.

Internet Sharing Server Features
	Shared Internet Access allows multiple users on the network to access the Internet using a single Internet Service Provider (ISP) account and connection.
	New Fallback Server provides automatic backup for Internet connections, with support for different connection types. With this feature enabled a second, designated connection is automatically opened should the primary connection fail.
	Off-line Cache Library with search allows browsing of cached Web content without requiring online connection to the Internet.
	Firewall stops unwanted entry to the local network from the Internet, preventing any possible security compromises.
Performance Features
	New Connection Teaming allows you to simultaneously use more than one Internet connection. Accumulate bandwidth using two or more modems, or even multiple different connection types.
	Web Caching Server automatically caches web content, improving network response time and efficiency. All computers on the LAN transparently benefit from the Web Cache with no manual browser configuration required.
	DNS Caching minimizes delays and timeouts experienced during Internet sessions.
Local Network Server Features
	The optional Remote Administration function provides full access to monitoring and administration functions by authenticated users from a locally networked or remote computer.
	DHCP Server allocates TCP/IP networking information to machines on the local network automatically.
	A TCP server locator allows users to see a list of all web, FTP or other servers on the LAN without having to manually probe individual IP addresses, or ask their colleagues what URL to use.
	The powerful new WebHeaders allow an administrator to create and select a text or graphic message to be placed automatically in a separate frame above each web page displayed in users' browsers.
	Remote Access Server gives support for dial-in users, (e.g. users wanting access from home) giving access to network services, such as email.
	Powerful Software Router provides easy interconnection of different networks. A broad range of hardware network interfaces is supported including Ethernet, TokenRing and the latest wireless networking hardware. The MacOS version includes a full MacIP Server implementation for direct support for LocalTalk and MacIP networks.
	Dynamic Local DNS Server offers unrivalled host name and IP address management.
	Powerful Multi-Hosting feature allows any Web Server to run multiple virtual web sites.
Access Controls
	Extensive User Defined Filters govern which particular clients have access to the Internet or other interconnected networks.
	Full support for the CyberNOT content filtering list, to prevent access to questionable web sites and areas on the Internet via a weekly updated list.
	Timed Access Controls allow an administrator to set permitted periods and total Internet connection times for each day of the week. These limits apply to each computer on the LAN.

Available for Windows 95/98/2000, NT Workstation, NT Server & MacOS, The SoftRouter offers unrivalled flexibility, configuration options and compatibility.

Utilizing true TCP/IP routing technology, the suite supports almost any TCP/IP application running on the client machines, regardless of platform, simplifying configuration and offering the maximum in compatibility.

Download Trial Version

Download Trial Version

Simple to use, configure and monitor, the SoftRouter continuously displays graphical & numerical real-time status reports of active connections, such as the Internet connection, Local Area Network connections, any dial-in ports and Wide Area Network connections attached to the Server machine. The client who triggers a connection to the Internet can be seen along with the users who are currently accessing the Internet. TCP/IP traffic throughput monitoring gives feedback on network and utilization of Internet connections.

Click on one of the images below to see an example of the SoftRouter real-time status screen:

Windows	MacOS

The Softrouter allows multiple users to share a single Internet Account and connection, reducing costs and increasing flexibility. In it basic version, the SoftRouter allows any five client machines to simultaneously access the Internet by sharing a single IP address. Ten and unlimited user configurations are available as options.

Network Address Translation (NAT) to performs all necessary address translations transparently. Therefore, clients need not even know they are accessing the Internet through the server. As a result, network administrators are able to give users any IP address for internal use and only use an "Internet assigned" address for external communications. This is particularly valuable given the shortage of Internet addresses, as well as the time and cost of obtaining multiple addresses.

A good way to explain how this works is to give a simple example:

A user on the local network wants to view a web page available at CNN's web site, www.cnn.com: the user enters the web address into their browser, which requests the page from the CNN web server.

This request is passed to the server, as this is designated as your connection to the Internet. The server does it's bit of magic and modifies the request from the browser of your internal machine to look like it comes from the server itself, then sends it to the CNN web server.

This request is fulfilled, and the requested page comes back. The server receives this returned piece of information, processes it, remembers who requested it on the local network, then sends it to that machine. The browser doesn't know any different, and neither does the web server. The server does this for all requests out onto the Internet from machines on the local network.

NAT has considerable advantages over traditional proxy based systems, such as:

	Speed Of Access - Because Vicomsoft's Internet connectivity server products processes Internet requests in real time, there is no performance difference from the client machine being directly connected, obviously within the limitations of the type of Internet connection.
	Client software support - Being true TCP/IP Router based, Vicomsoft's server products has no compatibility problems with any software running on the client machines, and requires no proprietary client configuration or software.

There is a table available providing a comprehensive comparison of Vicomsoft NAT solutions against traditional proxy servers.

If you want to know more about NAT, see the Vicomsoft KnowledgeShare document on NAT.

Almost any connection method can be used, including modem, cable modem, DSL, T1, leased line, Telco Return systems and the latest generation of wireless connectivity. Direct support for PPPoE (Point to Point Protocol over Ethernet) is included, without requiring any third-party client software, or special client configuration. With this flexibility also comes the ability to connect and route TCP/IP information between different network types, such as Ethernet Network, 802.11 Wireless Networks (such as Apple's AirPort) and Token Ring networks.

If you want to know more about Cable Modems or DSL, see the Vicomsoft KnowledgeShare resources on Cable Modems and DSL technology.

Shared Internet Access also acts as a Firewall, preventing unauthorized access back into the local network from the Internet.

If Shared Internet Access is not required - in the case of a purchased range of IP numbers for example - the server can be used as a true TCP/IP router for connecting to the Internet.

To many organizations, access to the Internet has become an essential part of everyday business. Any interruption to Internet access results in loss of productivity. Vicomsoft's Fallback Server was designed to remedy this. By having a second Internet connection ready to take over should the primary connection fail, maximum uptime is assured.

	Fallback – Assure availability of service in mission critical environments
	Fallback on connection by connection basis – Tailor fallback to your specific needs.
	User defined fallback order – Use more than one ISP for optimal availability of service.
	Use the same connection, but to different ISP – Optimize use of connection resources.
	Auto Recover – Failed connection can be automatically re-established if possible.

Description:
If you have a single Internet connection and it is interrupted, all of your users will immediately be deprived of Internet based services. Vicomsoft's Connection Fallback is designed to ensure optimal availability of service. With this feature enabled a second, designated connection is automatically opened should the primary connection fail. This works for all types of connections. T1 connections can be backed up with ISDN, or cable modems can be backed up with analog modems, for example. Fallback strategies can be developed with your available resources.

Benefit:
Tailor fallback to your specific needs.

Description:
Many users have connections to the Internet and to private WANs. Such users may require fallback on certain connections, but would not want valuable resources allocated to fallback for non-critical applications. By enabling Connection Fallback only on mission-critical connections, you can assure that your backup resources will be available when you need them.

Benefit:
Increased flexibility in configuring strategy for service availability.

Description:
Connections are opened in order of priority which can be set using a simple click-and-drag interface. Users can adjust the order depending on their own priorities to achieve an optimal fallback strategy.

Benefit:
Optimize use of physical resources.

Description:
Two different connections can use the same physical resource. For example, your primary connection may be a dial-up connection to your primary ISP. Your fallback connection could use the same modem to dial a different telephone number at the same ISP. This would solve problems limited to a specific telephone number, or server. Your fallback connection could also use the same modem to dial into an entirely different ISP, on a different backbone. Ensuring availability of service does not necessarily require expensive or sophisticated hardware.

Benefit:
Minimize manual intervention.

Description:
Many service interruptions are temporary. Your ISP telephone number may be busy, for example. When a connection becomes unavailable, the Connection Fallback function disables that connection for a limited period of time. If the connection is solicited after this waiting period, it is enabled again. This means that transient interruptions do not require the manual intervention of a network administrator, saving you time and optimizing use of costly human resources.

	Off-line Cache Library Retrieval – Browsing and retrieval of cached content
	Friendly Names – Catalog of cached content
	Off-line Cache Library Index – Catalog of cached content
	Catalog display filtering and Pagination – More extensive control of the Catalog of cached content
	Off-line Cache Library Administration – Management and control of cached content

Benefit:
Browsing and retrieval of cached content

Description:
The Vicomsoft WebCache module has an off-line mode which allows browsing of cached content without requiring online connection to the Internet. Web pages, images and movies may be retrieved and viewed with any browser, effectively creating an in-house content library. In a dial-up environment, cached content may be accessed without opening a connection. Because only local bandwidth is used, concurrent requests for the same content experience no performance degradation when compared with accessing the same content across the Internet.

Benefit:
Greater ease of browsing cached content.

Description:
The Off-line Cache Library allows you to view, select and browse the contents of the web caching server even when not connected to the Internet. This function has now been enhanced. Not all web sites have meaningful names. Further, much of the content that is delivered to your web browser through the web cache comes from secondary servers with no domain names, only IP addresses such as 192.168.10.23. When you are looking for something in the catalog, cryptic names or numerical addresses are not much help. Now you can attribute a user-friendly name to any host in the Cache Library, making content much easier to retrieve.

Benefit:
Catalog of cached content

Description:
A catalog of all cached content including web pages, images and movies may be viewed with any browser. This is of particular benefit to educators who wish to focus the attention of students on selected content. Web content is organized according to the originating site. User-friendly icons indicate the nature of the content. Icons change as content expires indicating that the content is still cached and available in off-line mode but will be updated if requested while in online mode.

Benefit:
Much more flexible display and retrieval of cached content.

Description:
The catalog now allows you to filter the display based on host name, file size and locked attribute. When the Off-line Cache Library has a large number of objects in it, this feature allows you to limit the number of entries you see. It is also ideal for cache maintenance. If your cache is getting full and you want to see only large items, or only locked items you may do so. Similarly, you could just display sites with names starting with the letter 'a', or ending with .org. The number of hosts listed per page can be adjusted by the user to suite their own preferences.

Benefit:
Management and control of cached content

Description:
Large or infrequently updated items such as movies or reference works may be permanently or temporarily saved as reference sources. The administrator can 'protect' cached content preventing deletion during automatic housekeeping tasks. Large items may be downloaded and cached outside peak periods, optimizing bandwidth use and freeing resources when they are most needed.

Please read our recommendations on respect for and compliance with third party copyright while using the Vicomsoft WebCache.

Vicomsoft's Internet connectivity solutions incorporate a secure Level Three Firewall, preventing unauthorized access into the local network from the Internet.

In the above diagram, if a machine on the Internet were to try and gain access to a client machine located behind the Firewall, the Firewall would stop it unless the configuration of the Firewall were changed to allow access to certain machines on the internal network using a feature called "Inbound Mapping".

The Firewall therefore stops possible attacks on your network and protects against the "Ping of Death."

Vicomsoft's Internet connectivity solutions give you:

	100% Firewall protection against people accessing your network from the Internet.
	The Firewall is active by default, therefore protecting your network from attack from day one of installation.
	Certain access from the Internet can be allowed into your network via an easy to use interface, offering the ability to run a web server or other Internet accessible service from behind the Firewall.

This major security feature offers headache-free protection of the local network from unwanted Internet users.

Professional firewall products catch each network packet before the operating system does, thus, there is no direct path from the Internet to the operating system's TCP/IP stack. It is therefore very difficult for an intruder to gain control of the firewall host computer then "open the doors" from the inside.

According To Byte Magazine*, traditional firewall technology is susceptible to misconfiguration on non-hardened OSes. More recently, however, "...firewalls have moved down the protocol stack so far that the OS doesn't have to do much more than act as a bootstrap loader, file system and GUI". The author goes on to state that newer firewall code bypasses the operating system's IP layer altogether, never permitting "potentially hostile traffic to make its way up the protocol stack to applications running on the system".

*June 1998

If you want to know more about Firewall Security, see the Vicomsoft KnowledgeShare document on Firewalls.

	Team connections – Increase throughput by using all your available bandwidth.
	Multiple connections, any type – Use any available connection, regardless of what type. Mix and match modem, ISDN, Cable modem...
	Combine Different ISP Connections – Use more than one ISP for optimal availability of service.
	Additional connections open on demand – Bandwidth becomes available as required, optimizing connection resources.
	You decide the order of connection – Maintain control over bandwidth allocation.
	Specify mail and news traffic destinations – Default connection for Mail and News traffic.

Benefit:
Increase throughput by using all your available bandwidth.

Description:
Usually, when a LAN is connected to the Internet it uses a single connection which may be via modem, ISDN, DSL, cable modem or even T1. Now Vicomsoft's new connection teaming server allows you to simultaneously use more than one connection. For example, if you have two or more modems and telephone lines, you can use them all! This dramatically increases your bandwidth to the Internet and speeds browsing. The number of simultaneous connections is limited only by your hardware.

If you want to know more about Connection teaming, see the Vicomsoft KnowledgeShare document on Bandwidth Aggregation and Connection Teaming.

Benefit:
Use any available connection, regardless of what type.

Description:
Vicomsoft's Connection Teaming Server lets you combine different types of connections. Combine not only analog modem connections, but mix and match modems, DSL, cable modems or other connection methods. Whatever type of connections you have, Vicomsoft's Connection Teaming Server allows you to benefit from them.

Benefit:
Use more than one ISP (Internet Service Provider) for optimal availability of service.

Description:
Unlike Multilink PPP, Vicomsoft's Connection Teaming Server does not require a compliant ISP. Each connection opened by the server uses standard PPP supported by the vast majority of Internet service providers. By combining connections to more than one ISP, you minimize the risk of being completely disconnected from the Internet. Interruptions in service often happen at the ISP level. If one ISP is momentarily "off the air", your other connections will remain operational. Your users may not even notice.

Benefit:
Bandwidth becomes available as required, optimizing connection resources.

Description:
Many telephone lines are multipurpose, being used for Internet connectivity as well as for fax or voice. In some cases, depending on the type of connection, and geographical region, connection time may be charged by the minute. In such cases, maintaining multiple open connections when demand for bandwidth is low would make inefficient use of resources. Vicomsoft's Connection Teaming Server allows you to define the threshold at which additional connections are opened and closed. For example you may set Connection Teaming to open a second connection whenever the first is utilised to 80% of capacity. When not needed, the second connection would close, freeing communications resources for other use, and in some cases saving money. Multiple connections may be linked this way, opening and closing as demand for bandwidth fluctuates.

Benefit:
Maintain control over bandwidth allocation.

Description:
The Connection Teaming Server's friendly graphical interface allows you to drag each connection up or down a connection priority list. Connections are opened in order of priority. This means that you have complete control over bandwidth allocation.

Benefit:
Ensure that mail and news traffic is routed to the correct server.

Description:
E-mail is sent through an SMTP (Simple Mail Transfer Protocol) server. Most ISPs do not allow mail to be sent through SMTP servers from outside their own domain. If you use Vicomsoft's Connection Teaming Server to accumulate bandwidth from more than one ISP, it will ensure that all email messages are sent through the correct connection to the correct SMTP server. It does this for NNTP (News) messages as well. The result is trouble-free use, and less manual intervention.

	Server-Based Web Caching – Faster web browsing for LAN-based users. With Efficient use of Internet bandwidth
	Transparent connection to the WebCache – No setup required for LAN client browsers
	Local and Remote Administration of WebCache – Administrator can administer the WebCache both from the server computer and optionally remotely using a browser
	Grant Administrator Privileges on server by server basis – Control users access to features
	Concurrent Caching and Delivery – Faster content delivery to LAN browsers

Benefits:
Faster web browsing for LAN-based users
Efficient use of Internet bandwidth

Description:
Normally, every time the same web page is requested by more than one user on the LAN, all the content must be delivered once again across the Internet with each user experiencing the often frustrating 'Internet delays'. The Vicomsoft WebCache module saves recently viewed pages on your LAN and then sends these pages when a request is made which dramatically reduces the time taken to redisplay the same page.

Detail:
Web content is delivered from remote web servers to users' browsers across the Internet. The faster this happens, the better for the user. However, between the remote web server and a user's browser the content may travel over many networks of varying size and complexity. For each element (text, graphic, video, sound) on a web page the browser must transmit a request and the server must deliver the content. Any delay in either the transmission of the request or the delivery of the content will increase the amount of time the user must wait. The total time required to display a full web page will depend on a number of factors which, for the sake of discussion we refer to as 'Internet Delays' and which include:

• the speed with which the remote server delivers web content
• the number of concurrent requests the remote server is responding to
• the way the remote site allocates bandwidth to serve requests
• available bandwidth from the remote site to the Internet backbone
• congestion on the Internet backbone
• available bandwidth and congestion between the ISP and the Internet backbone
• available bandwidth between the user's LAN and its ISP

Each time a web page is requested by another user on the LAN the content must be delivered once again incurring delays due to any or all of the above factors.

The Vicomsoft WebCache Module reduces Internet Delays by storing copies of the web content on the user's LAN. The WebCache dramatically improves web browsing response times through rapid delivery of frequently accessed web content from a high performance caching server. Delivery of content from the cache can be as much as five to ten times faster than from the Internet over a T1 connection, and over one hundred times faster than with a 56Kbps modem. Using the new WebCache frees bandwidth for the delivery of fresh content as well, significantly improving response time and efficiency for networks of all sizes.

If you want to know more about Web Caching, see the Vicomsoft KnowledgeShare documents on Web Caching.

Benefit:
No setup required for LAN client browsers

Description:
Traditionally, caching servers were combined with proxy servers and required manual configuration of client applications such as web browsers. Vicomsoft Internet connectivity server products are the first to combine the best features of NAT routing (which does not require LAN-client setup) with a web caching server using unique 'transparent connectivity' technology. Now, for the first time, users can benefit from caching while network administrators do not have to reconfigure each client browser. The setup experience is further enhanced when TCP/IP on each LAN client is configured to use the DHCP Server integrated in the Vicomsoft routers. This combination of features and technologies provide true 'plug-and-play' installation and use.

Benefit:
Administrator can administer the WebCache both from the server computer and optionally remotely using a browser.

Description:
The Vicomsoft WebCache module has both local and remote administration capabilities. For local administration it incorporates a built-in easy-to-use administrator's interface accessed on the server computer where it is installed. The administrator can optionally enable the remote administration facility which allows administration to be done using a web browser.

Benefit:
Allow users to administer individual servers related to their job function.

Description:
The Vicomsoft WebCache now allows the administrator to grant sub-administrator access privileges. These can be granted selectively for the WebHeader Server, the Web Caching Server, the Off-line CacheLibrary, and the Local TCP Server Locator. Now you can grant access to administrative functions for one server whilst retaining control of the others.

Benefit:
Faster content delivery to LAN browsers

Description:
The Vicomsoft WebCache module incorporates innovative design that provides concurrent delivery and caching of incoming data as well as concurrent delivery to multiple LAN clients. This exclusive multistreaming technology assures faster delivery of both cached and fresh content compared with traditional proxy servers which sequentially cache content before delivering to clients thereby introducing noticeable delays. Vicomsoft technology ensures that fresh content is delivered with no additional delays while at the same time providing the benefits of caching.

	DNS Caching - Minimize delays and time-outs experienced during Internet sessions
	Local DNS Server - Facilitate access to local hosts by using host names rather than IP addresses
	DNS/DHCP Integration - Enjoy the use of host names while retaining the benefits of dynamic address allocation

Benefit:
Minimize delays and time-outs experienced during Internet sessions

Description:
A web browser gets its content by making a request to a remote web server. The remote web server is contacted by the browser sending the official Internet Protocol (IP) address of the remote server. It is difficult for people to remember the long numeric IP addresses such as 195.224.81.4 so a system was devised that would allow users to enter a text name (Domain Name) that would be automatically converted to an IP address. The services required to perform this conversion are called Domain Name Services (DNS). The software that performs them is called a DNS server. When a Domain Name is entered into a browser, a designated DNS server looks into its previously saved list to see if it can match the name against an IP address. (This process is called a DNS lookup). If the DNS server is located at your Internet Provider's site or elsewhere on the Internet, the lookup and reply can sometimes be delayed due to other demands and/or bandwidth congestion. In cases where a dial-up connection must be established before the lookup can be processed, a time-out may sometimes occur.

One solution to these delays is to store a copy of domain names and their corresponding IP addresses in a computer on the LAN. This is called DNS Caching which feature is now integrated into Vicomsoft's Internet connectivity server products. Responses to DNS lookups are cached, with any repeat lookups served from the server rather than having to get them across the Internet. This eliminates many delays and speeds up browsing for the end user. The feature is completely transparent in operation and complies with Internet standards to ensure the integrity of cached DNS data.

Benefit:
Facilitate access to local hosts by using host names rather than IP addresses

Description:
People often wish to access 'servers' on other computers directly connected to their own network as well as to servers across the Internet. People prefer to use a text host name rather than an IP number to access these LAN-servers as well.

EXAMPLE: Fictitious company SmartCo has three computers on its LAN. Tom, using computer 1 wishes to publish data on his personal web server, Dick, using computer 2, wishes to publish data on a departmental web server and Harriett, using computer 3, maintains an FTP site.

In a typical network environment, the network administrator at SmartCo would assign a private IP address to each of these three computers. For example, Tom's computer might have the address 192.168.81.4, Dick's computer might have the address 192.168.81.6 and Harriett's computer might have the address 192.168.81.8. Because these are private IP addresses they would be unknown to DNS servers on the Internet. A user on the LAN would therefore need to remember the IP address of each of these computers in order to access any of these computers.

The integrated Local DNS Server allows any user on SmartCo's LAN to simply type 'http://tom.smartco.com' or 'ftp://harriett.smartco.com' into their browser and be able to access these servers. The users would not need to know any IP addresses. Their browser would send a DNS lookup request to the local DNS server which would return the appropriate address.

Benefit:
Enjoy the use of host names while retaining the benefits of dynamic address allocation

Description:
In the above example users were able to access LAN servers that had been assigned a fixed IP address. Many administrators however prefer the benefits and flexibility provided by the built-in DHCP server which automatically allocates dynamic IP addresses as they are needed.

The two objectives of (a) using dynamically allocated IP addresses and (b) being able to access LAN computers by name rather than by IP Address are both achieved as a result of the unique DNS/DHCP integration in the Vicomsoft products.

Previously, a local DNS server would maintain its own list of static IP addresses. In a DHCP administered network however, a separate dynamic address list is maintained and updated by the DHCP server.

Vicomsoft's seamless DNS/DHCP integration now makes it possible for the DNS server to resolve names, such as tom.local, on the dynamic address list. With separate DHCP and DNS server products this would not be possible. The Vicomsoft Dynamic Local DNS however, allows computers to be moved, renamed or have new addresses assigned with no effect on network configuration. Both DHCP and DNS servers can be fully utilised on the same LAN, a major advantage for any network administrator. Administration is further enhanced by operating systems implementing names in their control panels (such as Windows 95/98/NT and MacOS 8.5). Such operating systems can provide their names to the DHCP server and the Dynamic Local DNS.

Administrators are not always sitting next to their servers. The ability to monitor and administer a server from anywhere is often appreciated. The Softrouter can be monitored and administered from anywhere on the LAN, or even over the Internet by an authenticated user. MacOS servers may be administered from Windows machines and vice versa.

	Remote server monitoring - Authorized users are allowed to monitor a Vicomsoft server product from local or remote computers.
	Remote server administration - Administration of the server does not require physical proximity.
	Remote monitoring and administration authentication - Monitoring and administration of the server requires authentication.
	Multiple degrees of restriction on remote administration - Achieve the balance between security and flexibility that is best adapted to each user's requirements.
	Remote administration disabled by default - Improved security.
	Cross-platform administration - Cross-platform networks may have the server installed on one operating system and the Vicomsoft Administrator Console on another.
	Administration from multiple locations at no extra cost - Install remote Administrator Console on more than one computer without incurring additional costs.

Benefit
Authorized users are allowed to monitor the server from local or remote computers.

Description
The Administrator Console provides full access to monitoring functions by authenticated users from a local or remote computer. An administrator may wish to grant the right to monitor routing traffic to certain personnel without granting the right to modify settings. This can be accomplished using remote monitoring. Since monitoring rights are granted separately from administrative rights, and administrator may allow selected users to see routing traffic and settings without rights to modify settings.

Benefit
Administration of the Server does not require physical proximity.

Description
Server settings may be administered by authorized users from any computer that can access it using the TCP/IP protocol. Routine tasks such as modifying Internet filter or DHCP settings may be performed by an authenticated administrator from anywhere on the LAN or even remotely over the Internet.

Benefit
Monitoring and administration of the server requires authentication.

Description
Rights to monitor and administer the server are granted by the administrator via user name and password. Unauthorized users cannot see or modify server settings. The rights to modify settings are granted separately from the rights to see settings, alleviating concerns that a user with rights to monitor the server may manage to change settings.

Benefit
Achieve the balance between security and flexibility that is best adapted to each user's requirements.

Description
There are four degrees of restriction on remote administration which may be combined to achieve the desired level of control. Administration may be restricted to:

1. The same computer as the server. This inhibits remote administration entirely.

2. The same local subnets as the server. This restricts use of the Administrator Console to computers on local area networks directly connected to the server.

3. Specified ranges of IP addresses. This enables administration from a remote location or from a LAN computer but restricts it to a single specified IP address or range of addresses. Attempts to tamper with the server from other IP addresses will fail.

4. All IP addresses. An authenticated user could perform administration tasks from any local or remote IP address.

Benefit
Improved security.

Description
Remote Administration is disabled by default at installation time. It is necessary for the user to have administrator status in order to enable it. There is therefore no risk that an unauthorized user gain access to remote administration functions by error. Remote administration must be explicitly enabled.

Benefit
Cross-platform networks may have the server installed on one operating system and the Administrator Console on another.

Description
The Vicomsoft Internet server is available on both MacOS and Windows platforms. Many users have the server on one operating system, and need to administer it from the other, on the LAN or from a remote site. In this case, the Vicomsoft Administrator Console does not need to be installed on the same operating system as the server. A server running under MacOS may be administered from a Windows machine and vice versa.

Description
An administrator may wish to administer or monitor the server from more than one location, or there may be more than one person with monitoring or administrative authority. Administrators may install and use more than one copy of the Administrator Console without incurring additional licence fees.

DHCP stands for Dynamic Host Configuration Protocol, and allows client machines to obtain their TCP/IP network configuration information from the Vicomsoft's DHCP Server automatically, instead of requiring manual setup. This reduces considerably the work required to set client machines up, and reduces the likelihood of configuration errors.

Vicomsoft's DHCP Server provides this configuration service to TCP/IP client systems, such as Windows 95/98/NT, MacOS & UNIX.

The DHCP Server can hand out up to 1024 simultaneous client addresses. DHCP clients are issued with addresses on one hour lease (this default can be adjusted if required), renewable during the lease period. BootP clients (e.g. MacTCP) are issued addresses indefinitely.

When a client needs to start up TCP/IP operations, it broadcasts a request for address information. The DHCP Server assigns a new address and sends it to the client together with the address of a router or gateway on the same network as the DHCP Server and the subnet mask for that network. This information is acknowledged by the client, and used to set up its configuration.

The DHCP Server is fully configurable, and allows for the allocation on TCP/IP information dynamically, or using preconfigured tables of information, allowing for the maximum of flexibility.

Click on one of the images below to see an example of the DHCP Server setup screen:

Windows	MacOS

This diagram shows the manual configuration screen of the DHCP server, with the two ranges of IP numbers that have been configured to be allocated. A facility exists for allocating specific IP addresses to specific clients, if necessary.

If you want to know more about DHCP Server, see the Vicomsoft KnowledgeShare document on DHCP.

Because all of the TCP/IP configuration information is issued by the DHCP server, the client configurations are extremely easy, with NO manual configuration requiring any IP numbers.

This reduces any chances of client misconfiguration and ensures maximum compatibility with any client applications. There are no proprietary third-party configurations required at any step.

Click on one of the images below to see how easy TCP/IP configuration is:

Windows	MacOS

Other TCP/IP configurations can be made using various platforms, but as long as the client system follows TCP/IP standards, they should be compatible. Contact Vicomsoft if you require further information on configuration issues with other systems.

	Local TCP Server Locator - Know exactly what TCP servers are active on the LAN at any given time. No need to manually probe individual IP addresses. No need to remember URLs of local servers or be informed of changes.
	Browser viewing of server locator -Proximity to the host that is running the Vicomsoft server product is not necessary to view list of servers.
	TCP Server Locator configuration list - List only the types of server that you want your users to see. Specify which ports you wish the server locator to probe.

Benefits
Know exactly what TCP servers are active on the LAN at any given time.
No need to manually probe individual IP addresses.
No need to remember URLs of local servers or be informed of changes.

Description
The TCP server locator allows users to see a list of all web, FTP or other servers on the LAN without having to manually probe individual IP addresses, or ask their colleagues what URL to use. Each computer on the LAN is periodically checked to see what servers are active.

Benefit
Proximity to the host that is running the Vicomsoft server product is not necessary to view list of servers.

Description
The list of TCP servers may be viewed from any web browser such as Microsoft Internet Explorer, or Netscape Navigator. This means that any LAN user with a web browser can immediately view a list of all of the TCP servers on the LAN. Since the servers are listed as hyperlinks in the web browser, end users need only click on the links to visit the servers.

Benefits
List only the types of server that you want your users to see.
Specify which ports you wish the server locator to probe.

Description
The TCP Server Locator can be configured to check specific port numbers and which types of server may be listening at each port. A typical configuration would probe standard, or well-known port numbers for common server types. These are port 80 for web servers and port 21 for FTP servers. Any server listening on port 80 would be listed as a web server, and any server found to be listening at port 21 would be listed as an FTP server. For technical reasons however, it may be necessary to attribute non-standard port numbers to certain servers. Administrators may accommodate this situation by specifying any combination of port numbers and server types for total flexibility. An administrator may also configure the server locator to probe for less commonly used servers such as Telnet.

	Standards based HTML WebHeaders – Any content that can be placed in a web page can be placed in a WebHeader.
	WebHeader templates for rapid creation of text messages – No special knowledge of web page formats or HTML required. Use to quickly post time-sensitive announcements.
	WebHeaders can incorporate hyperlinks – Users may point and click through to other web pages on other sites. The WebHeader may draw users to view additional information.
	Alert Notices – used to ensure users see messages. They won't go away until acknowledged!
	Carousel of Notices – Increase impact by rotating multiple notices.
	Style Helper – ease of use in creation of eye catching WebHeader notices. No need to learn HTML!

Benefit
Any content that can be placed in a web page can be placed in a WebHeader.

Description
The WebHeader is a web page in its own right and occupies its own separate frame. This means that text, graphics, fields, buttons or anything else that can be put into a web page can be put into a WebHeader. Third party web page editors may be used to create WebHeaders and advanced administrators may use Javascript or specific browser plug-in features as well. There is a WebHeader Simulation available to let you experience how WebHeaders are viewed by users.

Description
The WebHeader function includes templates allowing the administrator to create messages in less than a minute. Not only does this make it possible to create WebHeader messages without any knowledge of HTML, it includes animated graphics, colored backgrounds and text which the administrator can add at the click of a mouse to ensure that messages are noticed.

Sample of some of the backgrounds and textures:

 

Benefits
Users may point and click through to other web pages on other sites.
The WebHeader may draw users to view additional information.

Description
Because each WebHeader is a reduced-size web page, it can contain hyperlinks to other web pages. Administrators may "advertise" in-house services or events. Users can then click on the WebHeader to display specific web pages containing complementary information. There is a WebHeader Simulation available to let you experience how WebHeaders are viewed by users.

Benefit:
Use to disseminate one-time notices.
Won't go away until acknowledged.
Allows use of in-your-face notices.

Description:
There are many times when an administrator wishes to post a message and to be sure it is read. Alert WebHeaders do just that. They continue to appear until dismissed. Once it is dismissed, the server will not deliver it to that particular computer any more. This is useful for delivering notices that need only be read once. It also allows the administrator to create large, full page in-your-face notices that can be read and then dismissed.

Benefit:
Increase impact by rotating multiple notices.

Description:
The new enhanced Vicomsoft WebHeader Server allows you to define a carousel of WebHeader notices to be displayed in rotation. Each time a users' browser displays a new page, a new WebHeader notice will be displayed. There is no limit on the number of WebHeader notices you may put into the carousel.

Benefit:
Greater ease of use in creation of WebHeader notices.

Benefit:
Enhance WebHeader notices with styled text and background colors.

Vicomsoft's fully featured PPP (Point-To-Point) server incorporates secure log-in options via PAP, CHAP and RADIUS authorization.

This offers the possibilities for remote networks and users to have TCP/IP access to local mail servers, access to databases, web servers or other Intranet services. If the local network has a connection to the Internet, either using a Vicomsoft solution or by other means, then that connection can be shared with remote access users, if required.

Remote users can connect to the local network, and access local TCP/IP based resources, such as email facilities or Web servers.

The PPP server can support multiple dial-up users, limited only by the hardware configuration of the actual host machine: If fitted with multiple serial interfaces, then multiple remote users can dial-in and connect to the local network simultaneously, enabling the server to act as multiport remote access server.

If an Internet connection is available, then remote users can access the Internet through the PPP server.

At the core of each Vicomsoft Internet connectivity solution is an industrial strength TCP/IP Router, with performance only previously available in complex, expensive hardware routers.

Capable of routing TCP/IP information between almost any installed configurations of Ethernet cards or communications interfaces, the Router component of the server allows for the ultimate in flexibility in a network environment.

The server is not simply connected to the Internet: it can support the interconnection of different TCP/IP networks, from different types and speeds through to local or remote networks and offers a full Remote Access Server with dial-in support, limited only by the number of available connections.

It can interconnect Local Area Networks (LANs) to LANs, using different media and speeds.

It can interconnect Wide Area Networks (WANs), and combinations of LAN's to WAN's.

MacOS based Internet connectivity solutions support MacIP and Localtalk networks, enabling full support for older or specific Apple installations.

Vicomsoft's Internet connectivity solutions follow all recognized industry standards, supporting RIP (Routing Information Protocol) and the ability to use manually-defined routing tables, enabling the Solution to function in complex networking environments with complete compatibility.

When using RIP, the Vicomsoft solutions build routing tables automatically from information exchanged with other routers on the TCP/IP network. This feature happens transparently, but can be monitored if necessary with a "Routing Tables" display.

Click on one of the images below to see an example of active routing tables:

Windows	MacOS

These examples show all current routes that will be used, together with the number of Hops (number of routers) required to reach the desired destination network.

Manual routing table entries can be made, giving complete flexibility.

Click on one of the images below to see an example of the manual routing table building screens:

Windows	MacOS

There are three types of specific access control available in Vicomsoft's Internet Connectivity Servers, in addition to the Time Controls and CyberNOT site filtering options.

Windows	MacOS

Internet Filters provide specific restrictions to be placed on accessing Internet sites, by domain name or IP address. Wildcards are supported to block out specific ranges of sites.

Windows	MacOS

Host Access rights restrict specified connections on the server. Each connection has its own access rights control section, providing comprehensive management of connected networks.

Windows	MacOS

Protocol blocking allows you to define which Internet services, such as FTP, email or news groups, are accessible to your users.

The Internet contains a wealth of valuable information as well as information that some might find objectionable. Parents and teachers in particular would like to enrich learning experiences of children by allowing them access to the Internet and its valuable information, some of which is only available on the Internet. Counterbalancing their desire to make information widely available to children is the concern of many parents and teachers to children being given uncontrolled access to information that the parents and teachers deem to be inappropriate, such as pornography or violent content.

Since neither a parent nor a teacher can always be present to control and monitor what a child or student might be doing, it was necessary to develop a method of providing such control in an unattended mode.

Microsystems Inc. have, over the past several years, worked with a team of professionals including both teachers and parents to create and maintain a list of sites that they believe parents and teachers might wish to prevent children from seeing. Their list that includes such sites is aptly named: CyberNOT.

Vicomsoft's advanced Host Access Control functionality is password protected to a designated administrator. This functionality allows the administrator to selectively prohibit access to specified sites. In addition, we have extended the capability of Host Access Controls by licensing the 'CyberNOT' list from Microsystems and incorporating support for it in our servers.

When an administrator of a Vicomsoft server product activates the 'CyberNOT' list, no LAN users (i.e. the computers on the network) using applications such as web browsers, newsgroup clients or FTP clients, will be able to access prohibited Internet sites through the server.

With the benefits of central control and simple administration, Vicomsoft's Internet connectivity servers' CyberNOT feature gives the teacher or parent complete peace of mind. Once it is set up and activated it is transparent to LAN users, and the administrator need take no further action.

Vicomsoft's Internet connectivity servers can be applied in mixed-platform environments, and protect LAN clients using any operating system - Mac OS, Windows 3.1, Windows 95/98, Windows NT, Unix etc.

Being server-based, the CyberNOT content filtering cannot be bypassed by users, offering a very secure environment. This has major advantages over solutions that install on the users' machines themselves, which can be disabled or are open to possible 'hacking' by more determined users, or relying on a component of a web browser that can be bypassed by simply downloading and using a different web browser.

The CyberNOT list created by Microsystems Inc. is regularly updated and users of Vicomsoft's server products will be able to download updated lists on a regular basis from the Vicomsoft site.

The CyberNOT list has its prohibited sites listed in categories which include:

• violence / profanity (graphics or text)
• partial nudity
• full nudity
• sexual acts (graphic or text)
• gross depictions (graphic or text)
• intolerance (graphic or text)
• satanic or cult (graphic or text)
• drugs / drug culture (graphic or text)
• militant / extremist (graphic or text)
• sex education (graphic or text)
• questionable / illegal & gambling (graphic or text)
• alcohol & tobacco (graphic or text)

This allows the administrator (e.g. teacher or parent) to selectively allow or prevent access to any or all of the categories simply by ticking a category.

The server's 'Internet Filters' function also allows the designated Administrator to override the supplied CyberNOT list if required; to permit access to any specific sites on the list, and to deny access to sites not on the list.

More information on the CyberNOT list and the criteria for inclusion of Internet sites on the list can be found on Microsystems' web site.

There are a number of reasons why some companies and businesses might also wish to use the general Internet filters and the 'CyberNOT' functionality in particular to control access to sites that some might find objectionable. From a purely practical point of view, a company might not wish its employees wasting time and company resources on what is obviously not work-related Internet access. Additionally, control may be desired on access that could cause offense to other employees or even leave a company open to liability, for example by virtue of sexual, illegal or intolerant content.

There are many reasons why an administrator may wish to restrict access to the Internet at different periods during the day. It may be necessary to conserve bandwidth for other purposes. Some administrators may simply wish to restrict the total time that users may spend on line. Vicomsoft's Timed Access Controls give you the flexibility you need to achieve this.

	Limitation of online time per day - Encourage user discipline. Prevent excessive online time.
	Time of day access restriction - Restrict Internet access at certain times of day. Maintain control of Internet in absence of supervisory personnel.
	Manual override of timed access controls on server host computer - Provides privileged administrator access.

Benefits
Encourage user discipline.
Prevent excessive online time.

Description
Timed Access Controls allow an administrator to set a single limit on the Internet connection time for each day of the week. Online time is accumulated for each computer (IP address) on a 24 hour basis. Once the maximum amount of online time for a particular day has been exceeded by an individual computer on the LAN, that computer will not be able to access the Internet until the next day.

Example
A 30 minute limit could be set in the Time Controls for every weekday. This allows computers on the LAN to each have 30 minutes online time to access the Internet every weekday. Once a computer has exceeded the 30 minute limit, it will be denied further access to the Internet until the next day. However, other computers on the LAN will be able to access the Internet until their 30 minutes have been used up.

Benefits
Restrict Internet access at certain times of day.
Maintain control of Internet in absence of supervisory personnel.

Description
Internet access may be granted or denied to the whole LAN for different periods of the week. Timed Access Controls allow an administrator to permit or deny access during each of 48 periods of one half hour per day of the week. Educators in particular will appreciate the ability to close the Internet connection to students during periods when other work is being done, or after hours.

Benefit
Provides privileged administrator access.

Description
The administrator can choose to allow the server computer unrestricted access to the Internet during periods when other LAN users are denied.

This table shows the main features available in the Vicomsoft Internet Gateway and SoftRouter. Click on a    or    to find out more about a specific feature.

	RapidCache	SoftRouter	Internet Gateway Small Office Suite	Internet Gateway Professional Suite	Internet Gateway Enterprise Suite
Internet Sharing Server Features
Internet Sharing with Five simultaneous connections	-			-	-
Internet Sharing with Ten simultaneous connections	-				-
Internet Sharing with Unlimited simultaneous connections	-
Fallback Server	-
CacheLibrary
Firewall Security	-
Performance Features
Connection Teaming	-
Web Caching Server
DNS Caching	-
Local Network Server Features
Remote Monitoring and Management
DHCP Server	-
TCP Server Locator	-
WebHeader Server	-
Remote Access Server	-
TCP/IP Router	-
DNS Server	-
Mac IP / LocalTalk (MacOS Only)	-
Access Controls
User Defined Filter	-
CyberNOT Filter	-
Timed Access Controls	-
Access Rights	-

Key:

Standard feature

Optional additional module

-

N/A

Microsoft^® Windows™

Vicomsoft SoftRouter:
	Pentium 100 processor or better
	Windows 95/98/NT4/2000 SP3
	Highly optimised 32bit application for Windows NT/95/98/2000
	Runs as a service under Windows NT
	32M bytes RAM
	Up to 6M Bytes available disk space
Plus requirements below for the WebCache Server Module:
	Pentium 100 processor or better
	Windows 95/98/NT4/2000 SP3
	32M bytes RAM
	At least 100M bytes available disk space for practical use
Vicomsoft Administrator Console:
	Pentium 100 processor or better
	Windows 95/98/NT4/2000 SP3
	32M bytes RAM
	3M bytes available disk space

Macintosh OS

Vicomsoft SoftRouter:
	PowerPC (Including G3, G4, iMac), 68040
	Highly optimised application for PowerPC
	System Software 7.5.3 - 7.6, 8.x, 9.x
	Open Transport 1.1.1 or later
	6M bytes free RAM
	Up to 6M Bytes available disk space
Plus requirements below for the WebCache Server Module:
	PowerPC (Including G3, G4, iMac), 68040
	System Software 7.5.3 - 7.6, 8.x, 9.x
	Open Transport 1.1.1 or later
	5M bytes free RAM
	At least 100M bytes available disk space for practical use
Vicomsoft Administrator Console:
	PowerPC (Including G3, G4, iMac), 68040
	System Software 7.5.3 - 7.6, 8.x, 9.x
	Open Transport 1.1.1 or later
	3M bytes free RAM
	3M bytes available disk space