Phishing and ransomware attacks have increased and so too has the sophistication of attacks. The cybersecurity defenses that were once effective at blocking threats now need to be augmented with additional security solutions such as a business web filter.
In this post, we will explain how a business web filter works, why a DNS-based web filtering solution is now recommended, and how web filtering can greatly improve your organization’s security posture.
What is Web Filtering?
Web filtering is a technical control for preventing individuals from accessing certain types of Internet content, which is why web filters are commonly known as content control software. Internet Service Providers (ISPs) use web filtering to prevent their customers from accessing content that is illegal in their country. Schools use web filters to prevent students from accessing age-inappropriate web content such as pornography to prevent minors from coming to harm.
A business web filter is used to reduce legal risk by blocking illegal web activity and for improving productivity by blocking access to web content that serves no work purpose – dating, gaming, gambling, and social media sites for instance. Increasingly, the main reason for using a business web filter is for cybersecurity to prevent malware downloads and for blocking access to other malicious web content, such as web pages hosting phishing forms or exploit kits.
What is a DNS Filter?
A DNS filter is a type of business web filter that uses the Domain Name System or DNS. The DNS a decentralized system for finding computers that are reachable across the Internet and other Internet Protocol networks.
When a URL or domain is entered in the address bar of a web browser, for the content to be loaded and displayed the browser must find out where that content is hosted, which could be on any computer anywhere in the world. The DNS is often referred to as the phonebook of the Internet, as when a web request is made through a DNS query to a DNS server, a procedure is initiated that will find the corresponding IP address and provide it to the browser to allow the content to be located.
DNS filtering works at this stage of web requests, with filtering taking place before the IP address is provided to the browser. If the policies of the business web filter do not permit the content to be viewed, the IP address of the web resource will not be provided. Instead, the browser will be directed to a locally hosted block page which will explain why the web request could not be satisfied.
A business DNS filter will provide domain-level filtering and will block access to certain blacklisted domains, but also URL filtering, where specific URLs are blocked without blocking access to the entire website. Content-based controls can also be applied, where certain types of websites are blocked, and some DNS filters support keyword-based filtering, where the content of a web page is scored based on the presence of certain keyword and the content will be blocked if a certain threshold is exceeded.
Benefits of a DNS-based Business Web Filter
There are several benefits of using a DNS-based business web filter over other forms of content control. Filtering using the DNS is incredibly fast, so there is no impact on page load speeds as there is with other forms of Internet control. Small delays in Internet speed can have a big impact on employee productivity.
DNS filtering is provided as a cloud-based service, so there is no need for any on-premises hardware and there is the benefit of the scalability of the cloud which means no restrictions on capacity. The service can be scaled up to protect any number of new users. Generally, there is no need to download any software onto individual devices. All that is needed is to make a change to your DNS servers and make your DNS queries through the service provider’s servers.
If you want to protect remote workers as well as on-premises users, you can download a client onto remote workers’ devices and the business DNS filter will apply controls no matter where the Internet is accessed.
What Will a Business Web Filter Block?
You should choose a business web filter with granular controls to allow precision control of web content down to the individual user level. A solution that integrates with directory services such as AD and LDAP will make this as easy as possible.
You should choose a solution that has extensive threat intelligence feeds, to ensure rapid protection against zero-minute threats. The ability to block downloads of certain file types is useful for preventing unauthorized software installation and for blocking malware. It is useful to check user review sites and to choose a solution that is easy to use and has a low management overhead.
With such a solution in place you will be able to:
- Block malware and ransomware downloads
- Prevent users from visiting phishing websites
- Block exploit kits that exploit vulnerabilities
- Block access to illegal and undesirable web content
- Restrict access to websites that use a lot of bandwidth to ensure everyone enjoys reasonable Internet speeds
- Block downloads of software installers to control the use of ‘shadow IT
- Block command-and-control callbacks from malware-infected devices
- Enforce Internet usage policies
- Improve employee productivity
Summary
The key to defending against modern cyber threats is to take a defense in-depth approach to security and implement multiple overlapping layers of protection. In addition to standard cybersecurity measures such as a firewall, spam filter, and antivirus software, a web filter should be considered to block the web-based component of cyberattacks.
