Even though the amount of web-borne threats, such as malware, ransomware and phishing, is so great some people still question the need to use software to block websites.
It is quite possible their perception of software to prevent websites dates back to the early days of Internet filtering, when – admittedly – hardware-based Internet filters were complicated to manage and often incorrectly configured due to this.
However, Internet filtering solutions have changed significantly over the past few years. Virtual filters and cloud-based filters have replaced the individual device filters from ten years ago, and the solutions are more versatile than before. Software to block websites is now very low maintenance and effective – preventing millions of viruses reaching millions of networks annually.
There are also business advantages of software to block websites. As Starbucks and McDonalds have shown, implementing Internet filtering solutions to create a family-friendly browsing environment can attract trade. Companies can eliminate “cyber-slacking” in order to improve productivity, and also avoid HR issues by preventing access to inappropriate or offensive online material.
The tools that help safeguard networks from web-borne threats consist of blacklists, SURBL phishing protection software, malicious URL detection software and anti-virus software. These mechanisms block requests to view websites known to harbor malware, websites that hide their true identity behind proxy servers, and websites set up for the aim of executing phishing attacks.
One additional mechanism – SSL inspection – reviews the content of encrypted websites for the presence of malware or any content that does not comply with acceptable use policies. Sadly the https prefix of encrypted websites and the padlock symbol are no longer acceptable signs that a website is secure. Many encrypted websites have been constructed to install malware payloads on unprotected networks.
Every threat identified and blocked is tracked on a management portal. Network managers can pull reports from the portal to recognize who has been trying to access unsafe websites or to identify gaps in the software’s setup – for example, allowing users to access anonymizer web services or allowing Internet traffic to get through non-standard ports.
Whereas network managers have little control over the mechanisms that help safeguard networks from web-borne dangers, they have complete discretion over the online content network users can access. Online content access is managed using a series of category filters (pornography, online gambling, P2P file sharing, etc.) keyword filters and bandwidth filters that can be set with the click of a mouse.
Each of these filters can be set for specific users, user groups or network-wide depending on the requirements of the company. Different filtering parameters can be applied to different user groups simultaneously or at unique times – providing versatile control of network user Internet access without blocking access to business-critical webpages or web applications.
For additional fine-tuning of the filtering parameters, network managers can whitelist trusted websites or web applications. This feature permits the whitelisted website or application to bypass the filtering mechanisms but should be used sparingly in case trusted websites or applications are hacked and used as vehicles to deploy malware installs.
Copyright © 2020 ComplianceHome