An HTTPS filter is an Internet filtering mechanism that is capable of reading and scanning the content of encrypted websites – those starting with an https:// prefix. The main advantage an HTTPS filter has over other types of Internet filter is that it is more effective at blocking threats such as malware, ransomware and phishing that would go undetected by a filter incapable of inspecting encrypted website content.
An HTTPS filter is also more effective at preventing network users visiting websites containing material that contravenes acceptable use policies. Network administrators can set acceptable use policies for workplaces, for schools and for publicly-accessible WiFi networks, and be assured that network users will not be able to access prohibited content hidden within an encrypted website.
Why So Many Websites are Encrypted
Years ago, very few websites were encrypted. Only those needing to conduct conversations over secure connections used encryption to prevent confidential information being intercepted. Now, due to social media websites encrypting their members´ conversations and Google´s policy of enhancing the rankings of secure websites in its Search Engine Results Pages, half of the most visited websites are encrypted.
The growth in encrypted websites has been mirrored by a growth in criminal organizations using encrypted websites to deploy their malware payloads. Recent research found that 99.5% of encrypted websites with “PayPal” in their URL have been constructed with the sole intention of conducting phishing attacks. Many more fake websites exist for similar reasons.
One further online security problem is that the https:// prefix is no longer a guarantee a website is secure. Hundreds of supposedly secure websites have been discovered to have vulnerabilities that could be exploited by criminal organizations to host drive-by malware downloads and deliver ransomware to their unsuspecting victims. For these reason, an HTTPS filter is essential for effective online security.
The Workings of an HTTPS Filter
The workings of an HTTPS filter are not complicated, but they are effective. Whenever a network user types in a URL or clicks on a hyperlink, the filter checks the request to visit a web page against lists of web pages known to harbor malware and IP address from which spam emails have been sent – spam emails and phishing websites often sharing the same IP address.
Thereafter, the filter checks the request against its filtering parameters to see if the category of website has been blocked by an administrator. There are fifty-three categories of website (adult entertainment, drugs, pornography, etc.) into which more than six billion web pages are sorted. Network administrators can block access to all the web pages in one or more category with the click of a mouse.
Finally, the content of the web page is decrypted, read and scanned to ensure it complies with other administrator-controlled policies and is free of malware. This is known as the SSL inspection process. Administrators can further block access to websites by keyword, file type, bandwidth and IP address, and these policies can be applied to individual users, user groups or network-wide.
Avoiding Latency Issues during the SSL Inspection Process
Although the workings of an HTTPS filter leave SSL inspection process to the final stage of the filtering process, the decryption, inspection, scanning and re-encryption of encrypted websites can place a strain on CPU resources and negatively affect network performance. At times of peak web activity, the strain can result in slow Internet speeds and delays in the receipt of emails.
The solution to this issue is to use the filter´s whitelisting facility – a facility that allows trusted and frequently-used websites to bypass the HTTPS filter. This is a simple facility to take advantage of, and involves entering the URL of trusted websites into a special keyword field via a centralized management portal. It can also be of benefit to enter the organization´s email domain name.
By allowing trusted websites to bypass the filtering process, the filtering mechanisms have fewer websites to inspect, the strain on CPU resources is reduced, and network performance is improved. Network users will be unaware that their Internet service is being filtered, until they try to visit a website that is harboring malware or which contravenes the network´s acceptable use policies.
Test Out the Advantages of an HTTPS Filter for Yourself
If you are looking for an effective HTTPS filter to protect your network from web-borne threats and enforce acceptable use policies, you are invited to contact us and request a free trial of our WebTitan Internet filters. WebTitan has been designed to provide a robust defense against web-borne threats such as malware and ransomware and to protect network users from phishing attacks.
Easy to implement and configure, WebTitan integrates with management tools such as Active Directory for the speedy setting of user policies. Our HTTPS filters are compatible with all operating systems, scalable up to 6,000 users and available in a choice of deployment options:
- WebTitan Gateway is a software-based Internet filter with SSL inspection that is installed behind a network´s firewall to provide a robust defense against web-borne threats.
- WebTitan Cloud is a cloud-based HTTPS filter with exceptional granularity and ease of use, plus - being cloud-based - it has an extremely low maintenance overhead.
- As the name suggests, WebTitan Cloud for WiFi is an appropriate Internet filtering solution for wireless networks and the devices that connect to them.
To find out more about our invitation to try a WebTitan HTTPS filter for free, do not hesitate to get in touch with our team of Sales Technicians, who will be happy to answer any questions you have about SSL inspection, explain the terms and conditions of our offer, and guide you through the process of registering for your free trial.