Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

Proxy softwares can bypass your web filtration in the network, how can you block them ?

user-image
Question added by Mostafa Khamies Dakam , Network Specialist , Libyan Fertilizer Company
Date Posted: 2013/12/12
Mostafa Abdo
by Mostafa Abdo , Senior Infrastructure and Security Architect , Devoteam

any new application filteration Firewall can inspect into packets, and does this task.

Suleman Hasib
by Suleman Hasib , System Administration Manager , Freelancer

I'd rather say L7 is the best possible solution.

Saqib Mehmood
by Saqib Mehmood , Technical Team Lead/Safety Supervisor , Xchange Technology Group

A good "Web Application Firewall" can perform this task operating on Reverse Proxy or Transparent Proxy Mode. Vendor names and support for diferent modes vary,so please check each product for specific detail for a particular mode before buying.

Omid Raghimi
by Omid Raghimi , Senior Cyber Security Engineer - Incident Response (DFIR) , Lloyds Banking Group

Except using Firewall with the capability of application level filtering, using a proxy server will easily solve the issue. (considering that firewall is used for more hard stuff - but it is a good all in one option as well) 

Options that it (proxy Server) will gave you:

  • Categorizing different web traffic like Shopping (ebay, amazon), annonymity (Tor, Proxy softwares etc.)
  • specifically blocking/allowing a desired category
  • black/White listing web activities 
  • blocking single URL, Domain or a complete FQDN
  • detailed logs about the activities of each user/device 
  • port filtering associated with web requests
  • ... (list goes on depending on the need)

just as a good example for an enterprise network BlueCoat is one of the best solutions for large infrastructures. 

other proxy servers are available as well: simplest and most affordable is within Windows Server environment (NT,2000,2003,2008,2012) 

 

Hope it Helps

Omid

Imad Aldhfiri
by Imad Aldhfiri , Head of Cybersecurity Risk Monitoring , Saudi Aramco

Next Generation of Firewall will take care of that issue

Mostafa Khamies Dakam
by Mostafa Khamies Dakam , Network Specialist , Libyan Fertilizer Company

Beside the L7 Applications, some Hardware based Firwall can do this job

Application (Layer7 Filters) as others mentioned would be the best way to go.

More Questions Like This