The next step in the evolution from hardware-based and software-based solutions for filtering Internet content is cloud-based web filtering software. Similar to the majority of cloud services, cloud-based web filtering software is convenient, trustworthy and scalable. It does not have the high costs of hardware-based solutions nor the high maintenance overheads of software-based programs; and, although all three solutions pretty much operate the same way, web filtering in the cloud has the best benefits.
Cloud-Based Web Filtering Software
Cloud-based web filtering software is operated from in the cloud rather than physically attached to – or downloaded to – your network. In order to log on to the service, you simply need to redirect your DNS server settings to point to our servers. The cloud-based software then implements itself automatically, and you can either begin filtering the Internet using the software´s default settings, or set up and apply your own user policies via the web-based management portal.
As with most solutions for filtering Internet content, cloud-based web filtering software deploys a three-tier mechanism to enhance defenses against online threats, improve productivity and stop users accessing inappropriate material:
- The first line of defense is SURBL and URIBL filters. These look at each request to visit a web page against lists of IP addresses known to lead to malware downloads, phishing attacks and spam emails. When a match is identified, the request to visit the web page is not allowed. The lists of IP addresses are automatically updated as new threats are spotted.
- Behind the “blacklists”, category filters can be used to stop users looking at websites in certain categories. Administrators may want to stop users visiting websites known to have a high likelihood of harboring malware (pharmaceutical and travel websites), those likely to affect productivity (gaming and social networking) or those including inappropriate material.
- Keyword filters can be employed used to fine-tune the category filters and stop users looking at websites containing exact word matches, specific apps or specific file extensions. This fine-tuning mechanism adds granularity to the Internet filtering process to set up Internet filtering without obstructing workflows.
Category filters and keyword filters can be switched on by individual users, user-group or company-wide according to your existing user policies. Most products for filtering Internet content can be integrated with management tools such as Active Directory in order to speed up the process of applying roles. Thereafter, administrators can review web activity in real-time via the management portal, or schedule customized reports by user, user-group, organization-wide, bandwidth usage, category or time.
Improve Network Performance with Cloud-Based Web Filtering Software
One unexpected benefit of cloud web filtering software is how it enhances network performance – or, strictly speaking, how it reduces the workload put on servers by other solutions for filtering Internet content. This is due to way in which encrypted web pages are reviewed by cloud-based web filtering software to deduce the nature of their content.
Most software for filtering Internet content use a process called SSL inspection to decrypt, review, and re-encrypt the content of “secure” web pages. SSL inspection is now an obligatory part of Internet filtering because hackers have been able to obtain fake SSL certificates and their malware payloads would avoid detection if it were not for SSL inspection.
A heavy workload is put on servers by hardware and software solutions for filtering Internet content is because there is such a high volume of encrypted web pages that need inspecting. Since Google revealed it would enhance the rankings of encrypted websites in search engine results pages, more than 50% of the most-visited web pages in the world are encrypted.
The decryption, inspection and re-encryption of half the world´s most-visited Internet pages place an incredible strain on servers. Often it will lead to delays in some web-based activities – i.e. email – or users will find Internet access is temporarily unavailable. Although cloud-based web filtering software also utilizes SSL inspection to figure out the content of encrypted web pages, the process is carried out on the cloud – eliminating the workload on network servers and allowed an Internet service with excellent latency.