Content Filtering
Table of Contents
Content Rating System (ISS OrangeWeb Filter)
WinRoute provides a wide range of features to filter traffic using HTTP and FTP protocols.
Here are the main purposes of HTTP and FTP content filtering:
-
to block access to undesirable Web sites (i.e. pages that do not relate to employees' work)
-
to block certain types of files (i.e. illegal content)
-
to block or to limit viruses, worms and Trojan horses
HTTP protocol
Web pages filtering:
-
access limitations according to URL (substrings contained in URL addresses)
-
blocking of certain HTML items (i.e. scripts, ActiveX objects, etc.)
-
filtering based on classification by the ISS OrangeWeb Filter module (worldwide Website classification database)
-
limitations based on occurrence of denied words (strings)
-
antivirus control of downloaded objects
FTP protocol
control of access to FTP servers:
-
access to certain FTP servers is denied
-
limitations based on or file names
-
transfer of files is limited to one direction only (i.e. download only)
-
certain FTP commands are blocked
-
antivirus control of transferred files
Content filtering requirements
The following conditions must be met to ensure smooth functionality of content filtering:
-
Traffic must be controlled by an appropriate protocol inspector.
Note: An appropriate protocol inspector is activated automatically unless its use is denied by traffic rules. For details see chapter Definition of Custom Traffic Rules.
-
Connections must not be encrypted. SSL encrypted traffic (HTTPS and FTPS protocols) cannot be monitored. In this case you can block access to certain servers using traffic rules (see chapter Definition of Custom Traffic Rules).
Note: If the proxy server is used (see chapter Proxy server), It is also possible to filter HTTPS servers (e.g. https://www.kerio.com/). However, it is not possible to filter individual objects at these servers.
-
FTP protocols cannot be filtered if the secured authentication (SASO) is used.
Note: WinRoute provides only tools for filtering and access limitations. Decisions on which Web sites and file types will be blocked must be made by the administrator (or another qualified person).
