Technical Library | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Web Protection Frequently Asked Questions : What are filters, and how do they work?
What are filters, and how do they work?
Web Protection FAQ | Web Protection Solutions | v8.2.x, v8.3.x | 16-Dec-2016
Filters are one building block of web protection policies. The 3 types of filters define which categories, URLs, and protocols users can access. By adding filters to a policy, you define how clients at your organization can access the Internet.
*
Category filters list:
*
All of the categories available to your organization, including both Master Database categories and custom categories.
*
The action (like permit, block, confirm, or quota) assigned to each category.
Each category filter can assign a different action to each category. Your software includes 5 sample category filters that can be customized and used in policies, as well as a set of templates that you can use to create new filters.
*
Protocol filters list:
*
All non-HTTP protocols, including both Master Database protocols and custom protocols.
*
The action (like permit, block, or limit by bandwidth) assigned to each protocol.
Each filter can assign a different action to each protocol. Your software includes 3 sample protocol filters that can be customized and used in policies, as well as a set of templates that you can use to create new filters.
The components required for protocol management vary based on your subscription level:
*
(TRITON AP-WEB) Content Gateway offers protocol management for protocols that tunnel over HTTP. It can be used in conjunction with Network Agent to provide full protocol management.
The hybrid service does not enforce protocol filters.
*
(Web Filter & Security) Network Agent is required to enable protocol management.
Web protection software can block TCP-based protocol requests, but not UDP-based protocol requests. If an application uses both TCP- and UDP-based messages, and the original network request is made via TCP, any subsequent data sent using UDP is blocked since the initial TCP request is blocked.
*
Limited access filters are a restrictive list of permitted URLs that can be used in place of a category filter in web protection policies.
When a limited access filter is in effect, users can visit only the URLs in the list. All other sites are blocked.
If a URL that is permitted by a limited access filter becomes infected with malicious code, user requests to that URL are blocked as long as Security Risk categories are blocked in the Default policy. Check the category filter currently used by the Default policy to verify that all security-related categories are blocked.
See the Administrator Help for more information.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Web Protection Frequently Asked Questions : What are filters, and how do they work?
Copyright 2016 Forcepoint LLC. All rights reserved.