Everything Instant On

Backend logic on how Web Content Filtering works

  • 1.  Backend logic on how Web Content Filtering works

    Posted 12-17-2019 06:10 PM


    • Let us consider an example, where News & Media being blocked on one of the Networks.

    Blocking Network & Media CategoryBlocking Network & Media Category

    • The Clients connect to the Wireless Network and initiates multiple traffic based on the various Applications running on that Client Device.
    • Initially, when a Client Device requests for a website, the AP will spoof the DNS request to see the website URL requested.
    • The AP will check its cache to see if the requested URL is already categorized.
    • If the AP does not have the category information for the URL requested by the Client Device, the AP will raise a request to https://aruba.brightcloud.com.
    • AP uses HTTPS to reach aruba.brightcloud.com to categorize the websites requested by the Client Devices.
    • It is hence not possible to capture the communication that happens inside the HTTPS traffic.

    AP resolving IP address of aruba.brightcloud.comAP resolving IP address of aruba.brightcloud.com


    AP communicating with brightcloud through HTTPSAP communicating with brightcloud through HTTPS

    • Until the web traffic categorized by aruba.brightcloud.com, the APs will categorize the Website as Unknown and the Clients will be able to access the websites.
    • Once the AP receives the web classification for that website, and if the client traffic matches the blocked category, the APs will block the Client Traffic.

    Access DeniedAccess Denied

    • If not, the AP will forward the client traffic to the Webserver and provide the Website requested by the Client Devices

    Allow AccessAllow Access