You may have heard of DNS filtering, but what about extending the definition of a filter to cover URLs as well? Despite similar naming and intent (i.e. to bolster your cyber defenses), DNS filtering and URL filtering are different in effectiveness and security potential. This is best explained with an example, so we’ll take Perimeter 81’s (an Israeli cloud and network security company) URL filtering feature as a specimen to put under a magnifying glass. Let’s see how it works in practice.
What is URL Filtering?
If you view security as a future endeavor, URL filtering will be a seven-mile step in preparing your cloud security for the challenges ahead. Why the emphasis on future challenges? It’s simple, a technology change that favors the cloud is global in scope, which means that the majority of security threats will come from this very environment.
This focus on inbound threats informed the design of Perimeter’s URL filtering feature – as it stands, it will allow IT and security departments (which are increasingly converging) to minimize the means through which their staff can access unwanted URLs.
How is it done? The first step is to strictly define and categorize the sites into allowed or blocked sites. This is done by managing URLs which, as we know, work like web addresses by pointing to the location of a network-based web resource you want to access.
Since not all websites are made of the same cloth when it comes to their security features and general desirability, some URLs simply pose a security risk and should have limited or completely closed access to those URLs.
This is where URL filtering comes in. With it, organizations can block hand-picked URLs and prevent them from loading on their network. Trying to access the filtered URLs by clicking on a link or manually entering their addresses will simply take the user to a page that tells them that said URLs and the content they lead to are blocked.
Why is it important to enable URL filtering?
In terms of (cyber)security, URLs act like backdoors to a home which is your security system – they can be open, fully open, closed or secure. Based on their trustworthiness, URLs are the avenues malicious actors use to sneak into your home network and wreak havoc. That’s why it’s important not to let your employees rely on their judgment when evaluating the quality of the URLs they open.
Sure, you can train them as much as you want and implement the most comprehensive security policy, but getting URL filtering features is the only way to have peace of mind. Let’s face it – the majority of URLs aren’t necessary to perform a job-related task, so feel free to block anything that isn’t related to your employee’s job.
The benefits of installing a URL filtering system are:
- You minimize your security exposure. This includes exposure to malware, data leaks, and other threats.
- You can maximize labor productivity. By limiting the number of URLs your employees can interact with, you avoid a source of stubborn distractions and procrastination.
- Your compliance efforts will also be boosted. Depending on how cybersecurity is regulated in your area, strengthening your defenses against network threats may actually be mandated by law.
How does URL filtering work?
Perimeter 81’s URL Filtering feature works by comparing current network traffic with what’s in a database of blacklisted stored URLs and allows or denies access based on those categories.
This database works based on the list of URLs with which you can group the websites you want to blacklist, such as those with porn, gambling or gambling content. Once the URLs are entered in database, different access policies can be assigned to them. The three main groups of these policies involve the following:
Blocked URLs – These sites are blocked entirely because they act as an unwanted distraction for your employees (like social media platforms), because they are insecure (malware infected sites), or completely unrelated to work in progress (entertainment portals) .
Allowed URLs – These URLs are whitelisted and typically cover sites considered essential to performing one’s job duties. These include email, sites relevant to workflows and productivity, and more.
URLs conditionally allowed based on security policy – These include vanity URLs that your IT and security department considers acceptable provided your employees log in and agree to have their activities monitored.
DNS Filtering vs URL Filtering
As a type of web filter, domain name system blocking has some security uses, but it has less potential for the level of granular control offered by URL filtering.
The reason for this is that a DNS filter installed to limit access to the site works based on resolving the DNS name and checking the IP address of the website. This leads to the blocking of all relevant URLs for a particular IP address, preventing you from fine-tuning access to a site’s sub-URLs. Ultimately, this means that different pages on a particular website cannot be set as an exception to the general blocking policy.
Instead, URL filtering is used only for a precisely defined URL, giving you more control over what can be viewed or blacklisted on a single website. Consider, for example, blocking access to Instagram using the DNS filter – your company’s Instagram account would also be blocked, although it is potentially necessary to perform day-to-day tasks. With URL filtering, however, your Instagram business profile would be free to access despite all other accounts being blocked.
Why Your Organization Should Use URL Filtering
The URL filtering feature, as offered by Perimeter 81, takes granular control over what your employees can see during their working hours to a new level. At a time when we are increasingly reliant on online resources and remote access to do our jobs, cloud and network security will require more precision than ever and the airtight security that comes with it will be your first line of defense.
We have also highlighted the best url filter software and the best business VPN