Chapter 7: Securing the Network with Content Filters

Overview

When we talk about hardening network infrastructure, we often fall prey to looking at it from the perspective of keeping malicious users out of our network. We approach the subject with firewalls, access lists, and intrusion-detection/prevention mechanisms, which all do an excellent job of keeping people out of the network. However, we often overlook the value of hardening the network from the inside out.

Internet access is a way of life for many employees. It is something that is available to them that they often take for granted. For example, if they want to know what is happening in the world today, they can fire up their web browser and head over to www.cnn.com to get the latest news. Unfortunately, with equal ease the same employees can go to www.playboy.com, and suddenly the company finds itself in a situation where an employee s actions can result in financial liability on the part of the company. This type of misuse of resources can result in lawsuits due to the appearance that the company has created a hostile work environment. Even if things do not go to that extreme, this still results in a loss of bandwidth being available for legitimate resources. Thankfully, Internet content filtering can insulate our environment from these kinds of threats.

E-mail is also a way of life for many employees. In fact, for many companies, e-mail is a critical business resource that they cannot function without. At the same time, e-mail presents a huge potential for abuse. This abuse can come in many forms, but the most common are employees using e-mail resources for personal use, the influx of spam, and the ease in which viruses, Trojans, and worms can be spread via e-mail.

Instant messaging (IM) is another new aspect of Internet functionality that has quickly become an issues and needs to be addressed on corporate networks. On one hand, IM is instant access to people. It s like e-mail, but better. You need some information from someone? You can send them an IM and get a response faster than e-mail and without needing to make a phone call. For many sales organizations, IM is becoming a critical business process. At the same time, however, IM can be a pure timewaster as employees chat with their friends across the Internet (much to the relief of this book s author, I can assure you). IM also poses a distinct security problem because it is a very easy method for someone to share confidential information with external sources, and it s rapidly becoming a new source of viral infections, as evidenced by the recent Buddylinks AOL Instant Messenger worm.

A well-designed and implemented content-filtering solution provides us with a means by which we can mitigate all these threats and ensure that the Internet and e-mail do not represent a liability to the organization. In examining how to mitigate these threats, we are going to focus on the following content-filtering solutions:

• Internet content filtering

• E-mail content filtering