How the LucidView Enforcer works

Internet Content Filter

Technically speaking the LucidView Enforcer’s Content Filter is a “DNS based Content Filter” AND a “Firewall based Content Filter” in one solution, meaning that our Content Filter is extremely difficult to circumvent.

In other words, not only do we monitor and block Content according to your or your clients requirements, we enforce this Firewall rules.  These two features are combined in one product which you can make yourself.  See how here.

In addition, this means that non-DNS traffic, such as torrents, the dark web, and connections often used by hackers to gain remote unauthorised access to ransomware, can also be detected, reported on and disconnected.

Cloud Reporting

Raw log data (Netflow & Syslog) which contains connections metadata, is forwarded to the LucidView Cloud. 

The LucidView Cloud in turn processes this raw log data, and provides meaningful, human-readable reports, as well as a live dashboard.

Technically Speaking

This is the technical overview of how the Enforcer works.

LucidView provides a well commented install script for MikroTik routers. This script, in a nutshell, does the following:

VPN to LucidView

  • Creates a VPN to our cloud.
  • Sends raw log data to the LucidView Cloud.
    • Netflow and Syslog of DNS lookups are sent to the LucidView Cloud via the VPN created.
    • Typically Netflow and Syslog will take up less than 1% of the data line, if the line is saturated.
  • Configure your MikroTik Router as a DNS server for your Internal LAN and then set up a LucidView DNS server as an upstream forwarder via the VPN.

Allow LucidView Cloud access to your MikroTik (Optional)

For additional functionality (listed below)  you could create a user on the MikroTik router to allow the LucidView Cloud access your MikroTik to:

  • Do a DHCP name lookup — This is is useful in the Portal reporting section. (read only permissions needed)
  • Set the WiFi password (read and write  permissions needed)

All of the above is clearly commented in the actual configuration script provided via the MikroTik Enforcer Portal

How to make an Enforcer