How to filter malicious websites on a network?
Robbo777
Member Posts: 331 ■■■□□□□□□□
in CCNA & CCENT
Hi, i'm wondering how filtering of malicious websites is performed in a network? Obviously you have your stateful firewalls, but they don't account for users INSIDE the network who may connect to malicious sites or sites they shouldn't be on. I'm aware you can have individual rules on firewalls to block certain sites, but this isn't efficient and cant block potentially thousands of sites.
So i'm wondering what is implemented to do this? Is it some kind of software on the firewall or something with DNS?
Thanks for the help.
So i'm wondering what is implemented to do this? Is it some kind of software on the firewall or something with DNS?
Thanks for the help.
Comments
-
Mooseboost
Member Posts: 778 ■■■■□□□□□□
UTM solutions are geared towards this, specifically content filtering. How that works varies from vendor to vendor and services used but for the most part it checks either against a cloud or local based filter for either reputation or category. -
Codeman6669
Member Posts: 227
as Mooseboost said UTM. (Universal threat management) he pretty much nailed it no need to say more lol -
james43026
Member Posts: 303 ■■□□□□□□□□
For example, the Palo Alto firewalls that I have in place at work, use what is called wildfire, which will scan for known websites that may be malicious, and will try to prevent access to these websites, it does this be scanning HTTP headers.
