How to filter malicious websites on a network?

Robbo777Robbo777 Posts: 330Member
Hi, i'm wondering how filtering of malicious websites is performed in a network? Obviously you have your stateful firewalls, but they don't account for users INSIDE the network who may connect to malicious sites or sites they shouldn't be on. I'm aware you can have individual rules on firewalls to block certain sites, but this isn't efficient and cant block potentially thousands of sites.

So i'm wondering what is implemented to do this? Is it some kind of software on the firewall or something with DNS?

Thanks for the help.

Comments

  • MooseboostMooseboost Senior Member Posts: 767Member ■■■■□□□□□□
    UTM solutions are geared towards this, specifically content filtering. How that works varies from vendor to vendor and services used but for the most part it checks either against a cloud or local based filter for either reputation or category.
    2019 Certification Goals: OSCE OSWE
    Blog: https://hackfox.net
  • Codeman6669Codeman6669 Posts: 227Member
    as Mooseboost said UTM. (Universal threat management) he pretty much nailed it no need to say more lol
  • cyberguyprcyberguypr Senior Member Posts: 6,708Mod Mod
    ** Unified **
  • james43026james43026 Posts: 303Member
    For example, the Palo Alto firewalls that I have in place at work, use what is called wildfire, which will scan for known websites that may be malicious, and will try to prevent access to these websites, it does this be scanning HTTP headers.
Sign In or Register to comment.