Content Filtering Methods for Mobile Devices
In this time of BYOD (Bring Your Own Device) to work, IT teams must create security policies and systems that allow these personal devices to access relevant files, while maintaining network security. The first requirement is to develop detailed security requirements for each type of device—smartphone, PDA, tablet, laptop, etc. These requirements can include data encryption, special password configuration or limiting applications
Networks incorporating BYOD connections pose real-time threats to network security and enterprise-wise policy changes must be rapidly deployed to address vulnerabilities. Web content filtering is a key component in enterprise and service provider cybersecurity policies.
Web content filtering is an in-line service offered by enterprise security administrators and service providers that filters and controls the web content that can be accessed by organization business units and retail subscribers. This filtering blocks universally objectionable content and filters inappropriate websites or web pages according to access controls dictated by government policies.
Common filtering mechanisms include:
- URL blacklisting
- Category-based URL filtering
URL blacklisting compares every URL requested to a database of known URLs that are denied. If a match is found, the request will be discarded or redirected. The list of blocked URLs can be obtained from the URL rating companies such as Google, Symantec, NCMEC, etc.
Similarly, a whitelist database may also be maintained by which access to some sites is always allowed regardless of the subscriber and site recognition.
Category-based URL filtering
Category-based URL filtering restricts access based on the URL’s category ratings. Each subscriber has a unique list of restricted categories. The requested URL category may be determined from the static categorization database or requests may be inspected and dynamically rated. Examples of restricted categories that might be restricted are:
In the content filtering diagram below, the network routers along with other subsystems handle both web content filtering and subscriber sessions by comparing user requests to the optimized databases. The session handler checks the URL in every request with the optimized database according to the subscriber profile. It may also optionally perform a deep packet inspection to categorize or rate the web content.
Typically an external EMS handles synchronizing the databases and updating them by pulling new versions from NCMEC, Symantec, Google or other URL categorizing source optimizing the format and pushing the new data to the appropriate routers.
Velankani Communications Technologies, Inc. has provided enterprise solutions and mobile technologies to leading telecommunications equipment manufacturers and service providers for over 25 years. Our carrier-grade solutions are deployed in large networks and upgraded through multiple releases. We understand real network behaviors and have the subject matter expertise needed to make the appropriate technology, design and tool choices.
For more information, contact or Rekha Poosala ().