How to filter malicious websites on a network?

Hi, i'm wondering how filtering of malicious websites is performed in a network? Obviously you have your stateful firewalls, but they don't account for users INSIDE the network who may connect to malicious sites or sites they shouldn't be on. I'm aware you can have individual rules on firewalls to block certain sites, but this isn't efficient and cant block potentially thousands of sites.

So i'm wondering what is implemented to do this? Is it some kind of software on the firewall or something with DNS?
Thanks for the help.

Find more posts tagged with

Comments

Mooseboost

UTM solutions are geared towards this, specifically content filtering. How that works varies from vendor to vendor and services used but for the most part it checks either against a cloud or local based filter for either reputation or category.

Codeman6669

as Mooseboost said UTM. (Universal threat management) he pretty much nailed it no need to say more lol

cyberguypr

** Unified **

james43026

For example, the Palo Alto firewalls that I have in place at work, use what is called wildfire, which will scan for known websites that may be malicious, and will try to prevent access to these websites, it does this be scanning HTTP headers.