Web Filters - Controlling Site Content
Employees have to have access to the internet to have access to information. For a long time, the major problem with internet browsing was inappropriate content or time-wasted on web surfing. Now, there are even bigger dangers on the internet as network security improves and hackers and scammers focus on having victims come to them.
There are two old threats - malware (malicious software) and identity theft - are getting new traction as criminals get savvier about evading network security. Hackers take advantage of fringe sites, like pornographic or gambling sites, to load malware onto a computer through pop-ups, downloads, or just by visiting the site. Viruses can crash individual computers or the whole network, compromise data, even hijack your network to use for spam or virus campaigns. Even more mainstream shopping sites can load spyware on a computer. Spyware lurks in the background of the computer, difficult to detect or eliminate. It monitors user patterns, like sites visited, and sends the information to a third party, which can be resource-intensive.
Web filters help deal with another threat, which is identity theft through phishing and pharming sites. Phishing involves sending an email that is apparently legitimate - such as changing a password at a well-known banking site - and has the user follow a link to a fake site. When users log into the fake site, the site records steals their personal data, without users ever realizing it. The same principle is true for pharming sites; they use a slightly off URL and wait for someone to mistype the real URL. They impersonate the legitimate site and steal user information as its entered.
Both of these threats depend on users going to their sites. Since outbound requests are rarely controlled, hackers and scammers don't have to worry about circumventing your network security. This is why web filters are so important.
Web filters need to be able to recognize threats from phishing/pharming sites, shopping sites with spyware, and fringe sites with malware, while still providing flexibility in how and what kind of content is blocked and access to necessary business sites. These kinds of web filters should be content-aware and organically identify internet threats. These web filters are very similar to EdgeWave's iPrism.
iPrism: Context-Relevant Web Filters
Many networks depend on reacting to internet threats by using the firewall to control the network and virus scanners to find malware. But reactionary responses will not defend against emerging internet threats. Firewalls usually only review inbound traffic and have manual restriction lists of IP addresses. Virus scanners locate viruses only after the system is infected.
These deal with problems after they happen. iPrism web filters take a different approach. The iPrism web filters work on the network perimeter to filtering content, operating as a network bridge and identifying threats in outbound request traffic as well as inbound. Web filters monitor all traffic, including requests originating from your employees, and even information in instant messages, are compared against a constantly updated database to catch threats as they emerge. Sites in the database are divided into categories, and categories are blocked rather than specific sites. As new sites come up in blocked categories, the sites are immediately blocked without your having to make any changes to iPrism.
iPrism web filters site content in two ways:
- Combined automatic and human-reviewed keyword web filters. This identifies the content on the page, but, since every page is reviewed by people, it also accounts for context; sites aren't excluded because of having chicken breasts on a menu or offering free newsletters for accounting services.
- Web filters and URL blocking. Specific URLs are categorized in the database, rather than entire sites, allowing fine-grained access control since web filters apply to individual pages; even if some pages of a site are blocked for content, others on the same site can still be allowed. It also goes beyond content filtering since it can block access to phishing or viral sites that may appear legitimate.
iPrism web filters include a real-time override so if a necessary page is ever blocked, a user can enter a password and access it immediately. Additionally, users can't circumvent the system by using IP addresses rather than URLs - the IP is mapped to the URL and still blocked.
iPrism addresses the two biggest problems with web filters: blocking users from going to questionable sites and identifying those sites quickly. And because iPrism web filters use a proprietary database, iPrism does it all without lags in information or your having to reconfigure and update it.