how the lucidview enforcer works

How our Internet Management Modules work

To make use of any (or all) of the LucidView Enforcer Modules, one needs to convert your MikroTik router into an “Enforcer”. The “Enforcer” is what we call a MikroTik router that has run the “Enforcer Profile configuration script”

The “Enforcer Profile configuration script” is created via the LucidView MikroTik Portal and it is specifically designed for MikroTik RouterOS.

Feel free to register for 30 days free access to the LucidView MikroTik Portal where you can create as many “Enforcer Profile configuration scripts” as you wish. If you have already registered, feel free to login in to the LucidView MikroTik Portal over here.

Activating the Modules for your Enforcer

By default only the Content Filter Module, and the Reporting modules are enabled for every Enforcer profile. To activate the others, please activate via the LucidView MikroTik Portal. Please see FAQ here on how to do this.

 

 

How it Works Overview

 

Technically Speaking

This is the technical overview of how the Enforcer works.

Once registration has been completed, you will be able to create your first Enforcer profile. Each Enforcer profile created has an accompanying configuration script, which needs to be downloaded and applied to the MikroTik.

LucidView provides a well commented configuration script for MikroTik routers. This script, in a nutshell, does the following:

VPN to LucidView

  • Creates a VPN to our cloud.
  • Sends Netflow data, which is Metadata ONLY on all  the connections going via the MikroTik router. Click here for more information.
    • Netflow and Syslog of DNS lookups are sent to the LucidView Cloud via the VPN created.
    • Typically Netflow and Syslog will take up less than 1% of the data line, if the line is saturated.
  • Configure your MikroTik Router as a DNS server for your Internal LAN and then set up a LucidView DNS server as an upstream forwarder via the VPN.

How Content Filtering works

Dns level filtering and

Syslog and netflow are processed in the cloud, firewall rules are sent back to the enforcer to block any connections that are in contravention of the content filter policy.

How reports work

Syslog and netflow are collected in the LucidView cloud. This meta information is then processed, and enriched by the LucidView cloud processing systems to offer meaningful reports.

Allow LucidView Cloud access to your MikroTik (Optional)

For additional functionality (listed below)  you could create a user on the MikroTik router to allow the LucidView Cloud access your MikroTik to:

  • Do a DHCP name lookup — This is is useful in the Portal reporting section. (read only permissions needed)
  • Set the WiFi password (read and write  permissions needed)

All of the above is clearly commented in the actual configuration script provided via the LucidView Enforcer Portal

Click on the button below for step by step instructions, videos and PDF guides on how to build an Enforcer from your MikroTik Router..

How to Make an Enforcer