Together, URLfilterDB and ufdbGuard offer a unique set of features, all aimed at protecting your private network and reducing network bandwidth usage. These features include:
- URL filtering
- Advertisements blocking
- HTTPS proxy tunnel protection
- Blocking adult images produced by search engines
- Controlling HTTPS usage
Read on to find out how each of these features work for you…
There are three methods available to block unwanted web content:
- Content scanning: this method blocks access to web pages based on the occurrence of “bad” words in the content.
- Artificial intelligence: a variant on content scanning, intended to render more accurate results.
- Blacklists: this method blocks access to web pages based on their being listed in a website category to be blocked.
URLfilterDB uses the last method as the fastest and most accurate method for URL filtering available.
Navigate to our product comparison
page to find out
why and how using a blacklist filtering method makes URLfilterDB superior to competitor’s products.
Blocked content categories
URLfilterDB blocks up to 24 categories of unwanted web content:
- Adult & sexually explicit
- Audio & video
- Dating & Personals
- External Applications
- Finance & Investment
- Hacking & Warez
- Peer-to-peer (P2P)
- Violence & Hate
- Web Proxies & Tunnels
- Weblogs & private sites
- Web-based email
Generally, "consumer websites" like chat, news, forums, webmail etc. have
a large quantity of advertisements (also known as "banners").
These consume a lot of network bandwidth.
A study at a large university showed that MSN and Yahoo webmail were quite popular with the network users.
From the top-25 of URLs that were processed by the web proxy, the #1 was an MSN banner,
#2 was a Yahoo ad, and a total of 11 URLs were advertisements.
In total, 44% of the bandwidth was consumed by mostly advertisements!
As these advertisements can generally not be cached (i.e. temporarily stored
on the web proxy to increase browsing speed and reduce bandwidth usage),
all advertisement contents are retrieved from the web server each time they are accessed,
consuming bandwidth whenever they are displayed.
Advertisements can take various forms, such as popup windows, tracking URLs,
and tracking cookies.
The URLfilterDB advertisement category includes URLs to block these techniques.
URLfilterDB uses a large list of known advertisement URLs to block advertisements.
You may opt to block any advertisements on a site, while still allowing access to the site itself.
The benefits are twofold: you save on your bandwidth and
employees spend less time looking at and following advertisements.
HTTPS proxy tunnel protection
HTTPS is a protocol that implements a strong encryption layer around the HTTP protocol.
Data sent across the Internet using HTTPS is secure and cannot be decrypted and
read by any eavesdropper.
This makes HTTPS a useful protocol for secure online transactions.
Unfortunately, the HTTPS protocol also poses a security risk.
As it encrypts all data sent between a client and a webserver, antivirus software
cannot read the data exchanged to detect any viruses.
HTTPS can also be used to set up a so-called "proxy tunnel"
between a workstation on a protected network and any system on the Internet,
thus opening up your network for unlimited and unauthorized data and document transfer.
These proxy tunnels can also be used with reverse port forwarding (using SSH)
to build an unauthorized connection from any system on the Internet into a protected network.
Setting up a communication channel between an insecure environment and
a private network is fairly easy.
Most proxy server products (Squid,
Netcache, iPlanet, etc.) do not guard against these proxy tunnels.
Also, firewalls offer no protection against proxy tunnels.
ufdbGuard helps to protect you network against proxy tunnels by probing URLs that use HTTPS!
Blocking adult images produced by search engines
Searching for images with search engines like
, Yahoo, and MSN
may allow users to view adult images.
These cannot be blocked in a simple way, since it would be undesirable to block all images
from a search engine.
Several search engines offer a safe-search*
feature, which blocks most adult images.
Setting the safe-search parameter in ufdbGuard enforces the safe-search policies of these search engines.
The default value for the parameter is ON.
The safe-search feature enforces safe searches for the following search engines:
A9, Alltheweb, Ask, BuscaMundo, Dogpile, Excite, Foxnews, Google,
Hotbot, Infospace, Live, Lycos, Metacrawler, Metaspy, MSN,
Webcrawler, Webfetch, ya.com, Yahoo.
Controlling HTTPS usage
Usually, websites that use HTTPS for legitimate reasons use a signed SSL certificate and
a fully qualified domain name for maximum security and a clear identification of the website.
In contrast, untrustworthy websites that use HTTPS will use self-signed SSL certificates and
an IP address instead of a domain name.
Therefore, ufdbGuard can be configured to control access to HTTPS websites using 2 settings:
By default, these settings are set to “ON” in the ufdbGuard.conf file.
We recommend to keep these settings.
In case that a legitimate website uses an IP address in the URL, or an SSL certificate that
is not signed by a trusted authority, just add this site to the locally trusted websites.
To keep the database with URLs to be blocked up to date, ufdbGuard has a feature to
recognize URLs that are not yet part of the URL database.
These URLs are uploaded to be included the next day's URL database.
SafeSearch is a trademark of Google.