Network Appliances: Content Filter

Video Activity

Network Appliances: Content Filter This lesson discusses the content filter. A content filter is a network appliance that is able block traffic based on rules and filters. Traffic needs to flow through a device and it can be evaluated in different ways such as keywords in the URL or the category of web sites. Content filters can be used in many dif...

Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

31 hours 29 minutes
Video Description

Network Appliances: Content Filter This lesson discusses the content filter. A content filter is a network appliance that is able block traffic based on rules and filters. Traffic needs to flow through a device and it can be evaluated in different ways such as keywords in the URL or the category of web sites. Content filters can be used in many different environments such as parental controls and office productivity to prevent employees from spending too much time on certain web sites. Content filters can be hardware, software or cloud-based.

Video Transcription
so our next device is going to be a content filter. Now, a constant filter essentially blocks certain traffic or blocks access to certain websites based on specific rules or specific filters that we have set up now. One thing that we need to indicate is that our traffic needs to flow throughout that device
in order to provide extensive built in order.
Provide proper functionality. If we have a device that's just sitting off on the edge of our network trying to filter traffic, that's not gonna work because our traffic actually has to go through that device some way between one in point to the other in order for it to be filtered properly
and that traffic may be able to be evaluated in different ways. We may have devices that that filter based on keywords in the URL or may have different websites that are categorized as different types of websites, different severity of different categories of websites.
We may have different filters that are based on the type of traffic that we're trying to push through with the tri types of ports that we're trying to connect to where the tripe of protocols that were trying to use.
So these different filters may work in different ways, not just necessarily blocking certain you are else but blocking keep. But, like we said, blocking keywords, protocols, sports and things like that
and that could be used in many different environments that could be used for parental control environments. If you want to control what's being seen in your house, you can use them as parental control devices. You can use them as office productivity devices. You can set them up in offices in order to prevent people from spending time on certain websites
and not essentially not working.
Or you could just use them for your own security in orderto help prevent your devices from going out certain websites inadvertently on not in causing issues by connecting or downloading certain files or malware or seeing things that you don't want to see. So you may just set him up for your own uses.
And these content filters can be hardware, software or even cloud based.
They may they could be installed on the in point computer. That could be our actual devices that we have installed on our network that air traffic flows through, or they could be cloud based resource is that we actually go through. We send our traffic through before we connect to our end point.
let's take a look at our little network here where we have all three of those implemented. We have a hardware, software and a cloud based solution,
so we have our two in point client computers. And let's say this is gonna be a parental control setting, that our parental control environment, this is a This is a home and we want to have a little bit of parental control. Parental restriction on what are what are 10 year old seize on their computer that we got them for their birthday. So
on the actual computer are itself. We actually install some parental control settings. We may use the some built in Windows parental control settings or Web browser parental control settings. Or we may install additional third party software, which axes parental control settings.
They have a They have a persistency module, so it can't be uninstalled by the person the computer that we're setting it up on
if they don't have, unless they have an administrative password to uninstall it and maybe we can manage it from our computer and we can actually go in. And we can see if there's many a any alerts set by the person using the computer trying to visit certain websites on See if there's been any
alerts triggered that we need to. We need to check up on and see why those why that computer tried to connect to those sites.
So we have our third party software based content filter,
we want then we have another solution that we can implement,
which is going to be on our router. So
let's say this router has the ability to provide content filtering. It's able to filter certain websites. It's able to filter certain categories of websites. So when we enable the content filtering on on our router, so even if the software doesn't catch it, or maybe the person uses a different device in order to connect to the Internet,
the router itself is going to Philby filtering all of the traffic that goes through it.
So if it if it sees anything, if it catches anything, it's going to filter that, and it's not going to allow it through.
But let's say somehow we even get past that we were able Thio are that's that this router doesn't work properly. The content filter doesn't work properly.
Let's say our next step is we route our traffic
through our cloud based solution here. So what do we mean about routing our software through our our traffic through this cloud based solution?
Rather than rounding all of our traffic through this cloud based solution, which would be similar to a proxy server, what we're going to do is we're actually going to set up our D. N s on our router and set up our D. N s on our client computer to point to this cloud solution and then set up filtering on the firewall inside of our router
to not allow de NS requests
from our client to another source. That's not this. That's not this computer right here. That's not the server right here. So remember our d N s requests our domain name service requests and essentially, they resolve host names to I P addresses.
So if we want to go to www dot
cyberia got I t
A. D. N s server is going to receive that www dot cyber dot I t and then tell us what the I P addresses because our computer needs to connect to an I P address.
So that's what a D. N s server does now. Most D. N s servers that are out on the Internet are just going to give us They're gonna give us any answer they're not gonna filter. They're not going to say, Oh, no, you can't have that. They're going to say, OK, you want to know the the address of facebook dot com? Here's the i p address of facebook dot com.
Well, there are cloud based the NS solutions that we can set up an account on
point our computer towards that D N s and then say we don't want to allow facebook dot com So we look up the way, try to resolve www dot facebook dot com and that D N s says no.
I'm not gonna resolve that for you. I'm going to send you here, and this is just gonna be a page that says you aren't allowed to visit this website. Contact your network administrator.
that's what a cloud based content filter could do for us. So we set up our routed to point to this D n s. So all being s requests are routed to this D. N s server out on the Internet. And if we if we set up an account with this service that's provided out on the Internet for us, and if
our client computer is trying to connect to any website that we're not going to allow
than that did this and the software doesn't catch it in our router and our router content filter doesn't catch it, then this cloud based content filter may actually catch it for us. So
what's the benefit of this cloud based solution over our router or over our software? Well, this cloud based solution may be a lot more robust if it's a cloud based solution that is very well maintained than it may have more updated signatures than our router or our software. May it, depending on how often we update these.
So our cloud based solution may
every every 12 hours have new signatures, have new definitions for certain websites on what's allowed and what's not allowed, based on the categories that we put in that are allowed and not allowed so
essentially with our content filters, we could implement one of these, or we could implement a couple or we can implement all three, just depending on how our network is and how locked down and how filtered our network needs to be.
So that's gonna be our content filters. In a nutshell. Remember, they're going to block traffic based on our set rules and filters based on our set categories of what's allowed or not allowed. Our traffic has to flow through that device in order for it to work properly. If we had a cloud based D. N s here and we set up
router to point to a
different D. N s server, then this wouldn't do us any good because our traffic, our requests, have to flow through the devices in order for the content, filter, toe work
and that we can evaluate in different ways. And it can be, ah, hardware, software or even cloud based content. Filtering service is
Up Next
CompTIA Network+

This CompTIA Network+ certification training provides you with the knowledge to begin a career in network administration. This online course teaches the skills needed to create, configure, manage, and troubleshoot wireless and wired networks.

Instructed By