Insights

December 8, 2015

Web Content Filtering And Security

Posted by

We now supply, as standard, a Web/Internet protection product. This protects machines on and off the network from gaining access to sites that are responsible for delivering malware, drive-by downloads, and other forms of threats. The recent Cryptolocker or Cryptorbit scam that encrypts files and holds you to ransom for the decryption key is a good example. It can also prevent access to many categories of sites if needed.


We are very strongly recommending this service to all new clients, and to date everyone is using it. Since we put it in place virus interceptions by the Endpoint Protection (Antivirus) software has dropped by 95%. The licencing is £1.70 per person per month.

We can set this service up for your network immediately. It is relatively easy to do and we can most likely do the configuration for free. We grant you full access and visibility to the console with your own log-on if needed.

Predict and prevent attacks before they happen

A cloud-delivered network security service, that delivers automated protection against advanced attacks for any device, anywhere.

The most important part of this service is protection against the following:

MalwareMalicious software including drop servers and compromised websites that can be accessed via any application, protocol or port.
Drive-by Downloads/ExploitsWebsites and files that are designed to run code without user intervention.
Mobile ThreatsThreats that are designed to infect or adversely affect mobile devices such as phones and tablets.
Suspicious ResponsePublic DNS entries that resolve to your internal network space. These are sometimes associated with DNS rebinding attacks, which allow malicious scripts to access your internal network resources.
Dynamic DNSSites that are hosting dynamic DNS services. This technology can be used by attackers as an evasion technique against IP blacklisting.
BotnetCompromised devices that attempt to communicate with hackers’ command and control servers via any application, protocol or port.
PhishingFraudulent websites that aim to trick users into handing over personal or financial information.
High Risk Sites and LocationsDomains and hostnames that are matching against our predictive security algorithms from the Security Graph.

There is also an Intelligent Proxy that enhances security by performing URL inspection of web traffic.

Categories

We leave some standard blocking category settings in place. These are as in the list below. We can leave these in place or remove them.

Standard Blocking Category List:

AdwareAlcoholDatingDrugs
GamblingHate/DiscriminationLingerie/BikiniNudity
PornographyProxy/AnonymizerSexualityTasteless
Weapons

If you want to get more restrictive we can add more categories from the following list. You may want to consider time-wasting things such as social networking for example, or bandwidth wasting things such as P2P/File Sharing, File Sharing or Radio etc.

Full Category List:

Academic FraudAdult ThemesAdwareAlcohol
Anime/Manga/WebcomicAuctionsAutomotiveBlogs
Business ServicesChatClassifiedsDating
DrugsEcommerce/ShoppingEducational InstitutionsFile Storage
Financial InstitutionsForums/Message boardsGamblingGames
German Youth ProtectionGovernmentHate/DiscriminationHealth and Fitness
HumorInstant MessagingJobs/EmploymentLingerie/Bikini
MoviesMusicNews/MediaNon-Profits
NudityP2P/File sharingParked DomainsPhoto Sharing
PodcastsPoliticsPornographyPortals
Proxy/AnonymizerRadioReligiousResearch/Reference
Search EnginesSexualitySocial NetworkingSoftware/Technology
SportsTastelessTelevisionTobacco
TravelTypo SquattingVideo SharingVisual Search Engines
WeaponsWeb SpamWebmail

Cloud-Delivered Network Security

Umbrella’s enterprise threat protection is powered by predictive Security Graph intelligence.

Umbrella reduces the risk and impact of security breaches by blocking malicious Internet connections. Unlike antivirus or sandboxes, we block known and unknown threats by malicious domains, URLs or IPs. And unlike pure proxies, we contain botnet callbacks from infected devices over any port, protocol or app.

Benefits

  • Stay Ahead of Attacks
    OpenDNS predicts attacks before they begin or cause damage. Security Graph combines our unique visibility of over 2% of the world’s Internet requests with big data analytics to see attacks as they’re being set up.
  • No Latency or Complexity
    Proxying every Web connection slows traffic, invades privacy, and can break sites. Based on intelligence, OpenDNS routes and proxies only connections that require deeper inspection below the domain-level.
  • Prevent Malware Infections
    Umbrella predictively blocks connections to malicious infrastructures, greatly reducing the risk of infections or the need for time-consuming cleanup.
  • Contain Botnet Callbacks
    Umbrella uniquely stops malware-infected devices from phoning home for new updates or to exfiltrate data. Since malware relies on domains as rendezvous points to connect to their botnet controllers, Umbrella is in a unique position to block that connection over any port or protocol.
  • Block Phishing Sites
    Don’t rely on your users to spot a phish. Umbrella protects against fraudulent Websites that attempt to steal their login credentials–often the same as those used to access corporate networks and cloud apps.

Further reading

  • Web Content Filtering and Security