Employee Internet Monitoring & Web Filtering Software Solutions

Background
Pearl Echo users exist on both sides of the firewall. Internal users should not have to loop back through the firewall to accommodate monitoring and controlling external users. External users may travel (roam) in and out of the internal network.

Solution:
Pearl Echo supports Fully Qualified Domain Names (FQDN) in the 'External Address' network setting. Roaming users can easily be accommodated by creating a split DNS infrastructure.

Split DNS requires that the same DNS zone exist on name servers inside of the network and outside of the network. This provides the appropriate IP address information for internal network clients inside of the firewall as well as external network clients outside of the firewall.

A roaming user must use name servers that provide access to the external zone information when the user is outside the network. The name servers must also provide access to the internal zone information when the user is inside the network.

For example, the zone database on the external zone would look like this:

corp.net
echo A 222.222.222.1
web A 222.222.222.2
ftp A 222.222.222.3

The zone database on the internal zone would look like this:

corp.net
echo A 192.168.0.1
web A 192.168.0.2
ftp A 192.168.0.3

When external network clients resolve the name echo.corp.net they will get the public IP address of the Pearl Echo Server (222.222.222.1). When internal network clients try to access echo.corp.net, they will connect to the server using the internal, private IP address of the server (192.168.0.1).

To configure Pearl Echo to work with your FQDN:

1. From the Options Menu select Network Settings.
2. Click the Advanced Button (Pearl Echo Internet Security must be Off)
3. Enter the FQDN in the External Address box.