How to filter malicious websites on a network?

Robbo777

Hi, i'm wondering how filtering of malicious websites is performed in a network? Obviously you have your stateful firewalls, but they don't account for users INSIDE the network who may connect to malicious sites or sites they shouldn't be on. I'm aware you can have individual rules on firewalls to block certain sites, but this isn't efficient and cant block potentially thousands of sites.

So i'm wondering what is implemented to do this? Is it some kind of software on the firewall or something with DNS?
Thanks for the help.

docrice

Depends. Most newer firewalls do more than traditional stateful inspection and add on URL filtering and categorization, file detection, SSL/TLS decryption (interception), along with the usual IPS functions. Other places might also use a separate forward proxy to perform that function.

JohnnyUtah41

opendns. and our sonicwalls have domain lists that are blocked from dell..known bad sites.