Web security is a critical concern for organizations of all sizes, as the internet remains a primary vector for cyber threats. This solution brief explores the integration of URL filtering and DNS security as a comprehensive approach to safeguarding networks and data from web-based threats.
Web-Based Threats: The internet is riddled with malware, phishing sites, and other cyber threats, making it easy for malicious actors to target your organization.
Data Leakage: Sensitive information can be unintentionally exposed through unauthorized web access, putting your organization at risk of data breaches.
Compliance: Regulatory requirements necessitate stringent control over web access, especially in industries such as healthcare (HIPAA), finance (PCI DSS), and more.
Balancing Productivity and Security: Enforcing web security without hampering productivity can be a challenging task.
Domain and URL filtering is a cornerstone of web and SaaS security. By implementing comprehensive Web filtering policies and controls, organizations can mitigate risks, protect sensitive data, ensure regulatory compliance, and promote a security-conscious culture. In an evolving threat landscape, robust Web filtering is essential for safeguarding digital assets and maintaining a resilient security posture.
URL Categorization and Filtering: Exium categorize websites based on content, and define policies to allow or block access to specific categories.
Real-time Threat Intelligence: Integrates real-time threat intelligence feeds to stay updated on known malicious domains, URLs, and emerging threats.
Granular Policies: Define and enforce granular access policies that control web access for different user groups, departments, or roles.
SaaS Security: Extend URL filtering to cloud-based SaaS applications to ensure that users comply with web security policies while using these services.
Logging and Reporting: Maintain detailed logs and reports to monitor web activity, access patterns, and security incidents, which can aid in threat detection and compliance.
Enhanced Security: URL filtering prevents access to malicious websites and reduces the risk of malware infections, phishing attacks, and other web-based threats.
Compliance: Adhere to regulatory requirements, reducing the risk of non-compliance-related fines and penalties.
Increased Productivity: Strike a balance between security and user productivity, ensuring efficient web usage without sacrificing protection.
Reduced Risk: Prevent unauthorized web access and data breaches, minimizing the potential impact of security incidents.
Exium enables workspace admins with multiple options to configure web security policies.
Web Policies |
Workspace level |
Group level |
User level |
---|---|---|---|
Web domains/ URLs policies |
√ |
√ |
√ |
Web Categories policies |
√ |
- |
- |
IP (Firewall) policies |
√ |
√ |
√ |
Admins can attach override policies at higher precedence. User level policies are at highest precedence, followed by the group level policies and finally workspace level policies are at lowest precedence.
Web Category Policies enable admins to configure ALLOW/BLOCK web categories.
You can define web category policies at workspace level which will be applied to all users in workspace. To create web category policies, Follow below steps
By default, some categories like Illegal Content, Hate Content etc. are blocked. If you want to change (BLOCK to ALLOW and vice versa) some of the web categories as per end customer requirements, please follow below steps.
Web Category policies gets applied to all users immediately after submitting.
You can define web category policies at each site level (where CyberGateway is deployed) which will be applied to all users in the site. To create web category policies, Follow below steps
By default, some categories like Illegal Content, Hate Content etc. are blocked. If you want to change (BLOCK to ALLOW and vice versa) some of the web categories as per end customer requirements, please follow below steps.
Web Category policies gets applied to all users in site immediately after submitting.
Web Domain Policies enable admins to configure ALLOW/BLOCK specific web domains.
You can define web domain policies at workspace level which will be applied to all users in workspace. To create web domain policies, Follow below steps
On Create Policy form, follow below steps
Web Domain policies gets applied to all users in workspace immediately after submit.
You can define web domain policies at group level which will be applied to all users in that group. To create web domain policies, Follow below steps
On Create Policy form, follow below steps
Web Domain policies gets applied to all users in that group immediately after submit.
You can define web domain policies at user level which will be applied to that user. To assign web domain policies to user, Follow below steps
You can define the policy as shown in above step. You can select “All” in policies table before creating the policy
To Assign the policy to User, follow below steps
Web Domain policies gets applied to that user immediately after submit.
IP (Firewall) Policies enable admins to configure ALLOW/BLOCK specific destination IP address (along with port/protocol).
You can define IP policies at workspace level which will be applied to all users in workspace. To create IP policies, Follow below steps
On Create Policy form, follow below steps
IP policies gets applied to all users in workspace immediately after submit.
You can define IP policies at group level which will be applied to all users in that group. To create IP policies, Follow below steps
On Create Policy form, follow below steps
IP policies gets applied to all users in workspace immediately after submit.
You can define IP policies at user level which will be applied to that user. To assign IP policies to user, Follow below steps
You can define the policy as shown in above step. You can select “All” in policies table before creating the policy
To Assign the policy to User, follow below steps
IP policies gets applied to that user immediately after submit.
When a user belongs to multiple groups and if the same domain is defined in multiple policies attached to multiple groups or workspace, the domain rule part of a group which has highest level of precedence will be applied. At workspace level, web domain policies will take precedence over web category policies.
We provide some examples below to clarify this. For all the examples, userA is assumed to be a part of a group groupA.
fifa.com
is Allowed at workspace level, for all users part of workspace (including userA), fifa.com
will be allowed and all other sports domains will be blocked.fifa.com
is Allowed at groupA level, for all users part of the groupA (including userA), fifa.com
will be allowed and all other sports domains will be blocked. For the users not in groupA, fifa.com
will be blocked.fifa.com
is Allowed at userA level, for userA, fifa.com
will be allowed and all other sports domains will be blocked. For all other users, fifa.com
will be blocked.fifa.com
is Allowed at groupA level and fifa.com
is blocked at userA level, for userA fifa.com
will be blocked, for all users part of groupA (excluding userA), fifa.com
will be allowed and all other sports domains will be blocked. For the users not in groupA, fifa.com
will be blocked.Exium provides Policy Precedency View (Generic Group level view and per user view) which will help admins to get an overview of all the policies placed in different groups and workspace level in the order of precedence.
To view Overall policy view, Click on Policy View under Users and Devices in left menu bar and select Group View tab as shown below
To view User level policy view, Click on Policy View under Users and Devices in left menu bar and select User View tab. Select a User from drop down as shown below
You can also use this page to test a domain at user level to check if that domain will be blocked for that user or not. In User View, you can enter a domain and see the result as shown below.
Create aggregate policies similar to blocked web categories at group level as shown below and add exceptions.
When policies are blocked as pert of enforcement of policies, those Blocked Threat/Policies are visible on admin console. For more details, refer Management of Blocked Threats/Policies document.
To learn more about implementing SASE for your organization and explore tailored solutions that meet your unique requirements, contact Exium at hello@exium.net for a consultation or demonstration.