Web Filtering History
Web filtering is a technology that can be used for all purposes and has been around for many years.
Client machines would also require a public certificate from an internal private CA to access encrypted https/443 traffic. This could be used to filter correctly with man-in the-middle technology. Thus, most IT departments have moved to inline web content filters which should catch all traffic at the edge of the network and filter as needed.This would, in theory, catch everything including client computers, guest networks, servers, and ALL network traffic, but only traffic that could beseen depending on encryption/decryption settings.If the userwasauthenticated to the network,the web content filter could even supply policies based on users and groups.Great,right?
IT was generally the primary focus of IT. It covered everything within the business’ four walls. This was the core of IT and it was where all the business was done.
Commonly, any remote working would require aVirtual Private Network(VPN)back into the corporate network for business data and thus IT would then U-turn the web traffic back out and catch the web content filter system inthe processprovidingthe security theyrequired.However, this double booked the HQ internet connection and thus split tunnel was another option used to have internet traffic go out using the local internet of the client’s device and only traffic for business data use the VPN.
In these situations, securityconcerns were casually pushed to the backburner.Data has long since moved from just inside the four walls of the HQ datacenter and now cloud, multi-cloud, and hybrid environments are the new normal asIT strategy continues to evolve.With this change and others, many businesses have just moved to client Endpoint Detection and Response(EDR)software to protect the local and remote client machineswhiledropping any antiquated web filtering technology.
Many IT departments have adopted the trust model and hope that end userwebtraffic is fine. Employees had signed an Acceptable Use Policy (AUP). IT departments have shifted to the trust model and hope that end userweb traffic is okay. Employees have signed an Acceptable Use Policy (AUP).
Web Content Filtering Is More Than Content Filtering
Web content filtering used to be the main focus for all known categories that had to be blocked. However, the web has moved away from simple http and https to micro apps and almost everything useshttps encryption.
More than half of all web traffic today uses https encryption. This means that traditional web filters are only 30% effective. We need to filter differently, not only for content but also for security.
DNS (Domain Name System-based web filtering) should now be the new direction in security. Products like Cisco Umbrella and WebTitan have been introduced to help you. Simply redirect your DNS servers to a new address and match your public IP with the configuration profile.
Nearly all external traffic, web and otherwise, uses DNS request. This new strategy will catch this traffic. You can block all outbound DNS traffic from your DNS servers, add filtering bypass sites and increase security for guest and internal users.
Web Content Filtering with Cisco Umbrella for RemoteWorkers
Since COVID-19 was earlier this year, most of the workforce has moved to remote locations. This lightweight software can be loaded on client machines either manually or with theCisco AnyConnect addon module if they already have VPN software.
This software can extend yourDNSfiltering wherever that computer goes.
Remote Users Can Use Web Content Filtering
Q & A
Q:Can I create different web policies depending on user location and time? We blocked Facebook when users were at work, but now that they are at home, the remote computer is considered part of the home.
A:With Cisco Umbrella, you can create policies based upon users, groups, device types and locations. This can allow for flexible content filtering policies, while still blocking malicious activity.
Q:Is it still blocked?