A virtual web content filtering appliance with SSL inspection is an on premise web filtering solution that allows you to monitor, control and protect your business and users from all web-borne threats. Virtual appliances for filtering web content are unobtrusive and sit behind your firewall, checking requests to visit websites against user policies.
Quick and easy to deploy, virtual appliances for filtering web content have a network auto-configure function. Once configured, they can be integrated with LDAP or Active Directory to accelerate policy creation. In larger organizations, multiple user policies can be created and assigned to different groups of users from a secure web-based management portal.
The initial advantages that a virtual web content filtering appliance has over a hardware web content filtering appliance are no set up costs, assured compatibility, and low maintenance overheads. When organizations start using virtual appliances for filtering web content, automatic software updates, scalability and flexibility also become important advantages.
The Significance of SSL Inspection
Secure Socket Layer (SSL) inspection is a vital mechanism for filtering encrypted websites – i.e. those starting with an https:// prefix. These websites are supposed to be guaranteed secure by the presence of an SSL certificate, and were first developed in 1995 to encrypt online credit card transactions. The padlock symbol was later added as a sign the content of “secure” websites could be trusted.
Because the content of secure websites is encrypted, appliances for filtering web content without SSL inspection are unable to examine the content and therefore cannot find anything that breaches the filter parameters or user policies. As websites with SSL certificates were trusted, this was not considered to be a problem and access to the websites was allowed by default.
However, once cybercriminals found a way of hacking into Certification Authority databases and creating their own fake SSL certificates, a problem materialized. By using fake SSL certificates, cybercriminals´ websites can evade detection by a web content filtering appliance. This allows them to deliver malware payloads to networks that are believed to be protected.
The problem was compounded in 2014 when Google announced it would elevate websites with SSL certificates in search engine results pages. Many social media sites have also encrypted their web pages to enhance the privacy of their users. Today, more than half of the most-commonly visited web sites in the world are encrypted and unreadable by appliances for filtering web content that lack SSL inspection.
Overcoming SSL Inspection Resource Usage
There is an issue some larger organizations have experienced after implementing a web content filtering appliance with SSL inspection. The inspection process can be a drain on CPU resources and limit memory availability. This issue can result in poor network performance if hundreds of users are sending simultaneous requests to the appliance to visit websites.
The way to overcome this issue is to “whitelist” the most frequently-visited secure websites – provided it is known for certain they definitely are secure. Because the websites are whitelisted, the web content filtering appliance will allow access to them without decrypting the content, comparing it against user policies, and re-encrypting it – eliminating the resource usage issue.
Whitelisting can also be used to create exceptions to general user policies for specific groups. If for example, a company wanted to prevent its employees from visiting Facebook during working hours, but had a Marketing Department that relied on social media to support its marketing strategies, an exception to the general user policies could be made exclusively for members of the marketing team.
This level of versatility is not uncommon in modern appliances for filtering web content. The appliance can be configured to block or allow access to websites in bespoke categories, by keyword, or by time. It can limit how much bandwidth is allowed per user or user group and identify when users attempt to circumnavigate user policies with the use of a proxy or anonymizer site.
SpamTitan´s Web Content Filtering Appliance
SpamTitan´s web content filtering appliance is WebTitan – a robust web filtering solution with SSL inspection that fits seamlessly into any hardware or virtual infrastructure. WebTitan is a low-maintenance virtual web content filtering application that includes phishing protection and malicious URL detection to protect networks from all web-borne threats – even encrypted ones.
SpamTitan´s web content filtering appliance uses a three-tier filtering mechanism for maximum protection against web-borne threats and versatility:
- The first tier is a “default” tier inasmuch as system administrators have no control over its operation. This tier checks requests to visit websites against blacklists of websites known to harbor malware, blacklists of IP addresses where spam email is known to have originated, and blacklists of websites who hide their true identity behind a proxy server or the whois privacy feature.
- The second and third tiers consists of keywords and category filters. These sort the three million most visited web pages into more than fifty category that administrators can block access to with the click of a mouse. The keyword filters enable administrators to fine-tune the filters parameters by blocking access to websites containing certain words without necessarily blocking access to all websites that fall within that category.
WebTitan regulates the online content users can access and provides network managers with a real-time view of users´ browsing activities. A full reporting suite offers predefined reporting options that can be searched by user, category or time. Reports can also be scheduled to provide historical activity data relating to behavior, security and bandwidth for network managers to identify trends.
If you feel that your organization could enhance its protection against web-borne threats with a virtual web content filtering appliance with SSL inspection, you are invited to contact us and request a free trial of WebTitan Gateway. Our team of Sales Technicians will be happy to explain what the trial consists of and answer any questions you have about appliances for filtering web content.
