Web filtering

When the users of your network submit requests for web access, Web Gateway filters these requests, according to the web security policy that is implemented.

The filtering also covers responses that are sent back from the web as well as embedded objects sent with requests and responses.

Default web filtering

Web filtering includes several fields of web security. Some of them are covered by default rule sets on Web Gateway.

  • Anti-malware filtering — Protects your network against viruses and other malware.

    Filtering is performed based on the results achieved by scanning web objects, for example, files sent from a web server in response to a request.

  • URL filtering — Controls access to web objects based on evaluating their URLs.

    URLs are categorized and can be allowed or blocked according when categories are considered to convey inappropriate content.

  • Media type filtering — Controls access to web objects based on recognizing the media types that they belong to, for example, to exclude downloads consuming overmuch bandwidth.

The following process enhances web filtering to allow for a better user experience:

  • Global whitelisting — Excludes objects that are not considered a risk to web security from web filtering to ensure that users can access them.

A default rule set is also provided for this process after the initial setup.

Extended web filtering

Web filtering can be extended by running filtering processes in additional fields of web security.

  • HTTPS filtering — Filters web traffic that is secured under HTTPS.

A rule set is provided for this filtering process after the initial setup, but it is not enabled by default.

To set up more filtering processes, you can import rule sets from the built-in or the online library, or create individual rules that you insert in existing rule sets.

For example, you can import rule sets to cover these fields of web security:

  • Application filtering — Controls access to applications.
  • Data loss prevention — Ensures that sensitive data is not allowed to leave your network.

There is no default or library rule set for the following process, but you can set it up by creating individual filtering rules and inserting them in other rule sets.

  • Streaming media filtering — Controls access to streaming media.

You can also modify existing rule sets or create rule sets of your own to cover any field of web security in the way you consider most appropriate.