What is content filtering?Content filtering is a process involving the use of software or hardware to screen and/or restrict access to objectionable email, webpages, executables and other suspicious items. Companies often use content-based filtering, also known as information filtering, as part of their internet firewalls. A common security measure, content filtering helps companies execute corporate policies on the use of information systems -- for example, the filtering and blocking of employee access to social media platforms. Show
Additionally, parents often use web filtering to screen and/or exclude content their children have access to from a home computer. Filtering software can screen content for anything that is objectionable or criminal, including online porn, hate sites, illegal content and social media. However, one drawback of content filtering programs is that it is easy to unintentionally block access to content that should not be blocked.
How does content filtering work?Content filtering works by identifying content patterns like objects within images or text strings that indicate undesirable content that must be restricted or screened out. Enterprise networks incorporate content filters in various ways. Network administrators can configure firewalls, mail servers, routers and domain name system (DNS) servers to filter unwanted or malicious content. Network administrators can install filtering software on dedicated servers or incorporate hardware appliances on the network. Cloud-based content filtering is also growing in importance as is mobile content filtering. Information filtering should be a factor for mobile and other devices, whether they are corporation- or employee-owned as well as for devices used at home, particularly by children. Content filters usually specify character strings that, if matched, indicate undesirable content that should be screened out. The following are types of content filtering products:
These filters can be configured to exclude undesirable types of content or content that violates companies' acceptable use policies. Content-based filtering products often include software programs or hardware devices that filter content. Subscription services also provide updated blocklists of potentially malicious IP addresses and domains. A content filter screens out objectionable, offensive, illegal and unwanted content, while permitting acceptable content.Benefits of content filteringContent filtering is important because it protects individuals and organizations against potentially harmful content. Additionally, content filtering does the following:
Although content filtering is a key component of enterprise network security, it is not a complete network security strategy. Content filtering works best when combined with other security measures, such as firewalls, multifactor authentication (MFA) and effective authentication mechanisms, like Kerberos. Built into most major operating systems, Kerberos is a protocol for authenticating service requests between trusted hosts across untrusted networks like the internet. Content filtering works best in conjunction with other security measures such as Kerberos, MFA and firewalls.Types of content filteringContent filters work in tandem with allowlists or blocklists:
Content filters use the following mechanisms to restrict inbound content:
Hardware vs. software vs. cloud-based content filteringWays to enable content filtering include the following:
Content filtering in enterprises may use a single approach or may combine two or more of the mechanisms listed above. Existing network security systems, such as firewalls, may already be configured to block content. Other software systems can enhance that function, as can dedicated appliances and cloud-based content filtering systems for different departments, locations and business units. For network security, firewalls are considered a bare minimum to protect enterprises from attacks. Find out how inbound and outbound firewall rules can help keep unwanted content and intruders out of the network. See also: IT security threat management tools, services to combat new risks, the 3 types of DNS servers and how they work, best practices for a modern threat management strategy, 9 essential elements of network security and stateful vs. stateless firewalls. This was last updated in April 2022 Continue Reading About content filtering
Dig Deeper on Application and platform security
What is not true about DMZ?Which statement regarding a demilitarized zone (DMZ) is NOT true? It contains servers that are used only by internal network users.
What can be used to hide information about the internal network?You can use the firewall proxy servers, SOCKS server, or NAT rules to provide internal users with safe access to services on the Internet. The proxy and SOCKS servers break TCP/IP connections at the firewall to hide internal network information from the untrusted network.
What is used in scheduling a load balancer?To effectively schedule the routing of requests from a client to the respective servers in an optimized way, several load balancing methods are used such as round robin, least connections, adaptive balancing, etc.
Which of the following is true regarding firewalls?Firewalls are filters network traffic which follows a set of rules and can either be used as hardware or software device. They are often categorized as network or host-based firewalls. Network firewall filter traffic between two or more networks while host networks run on host computers.
|