Backend logic on how Web Content Filtering works

Employee
Employee

Backend logic on how Web Content Filtering works

 

  • Let us consider an example, where News & Media being blocked on one of the Networks.

1 Configuration.JPGBlocking Network & Media Category

  • The Clients connect to the Wireless Network and initiates multiple traffic based on the various Applications running on that Client Device.
  • Initially, when a Client Device requests for a website, the AP will spoof the DNS request to see the website URL requested.
  • The AP will check its cache to see if the requested URL is already categorized.
  • If the AP does not have the category information for the URL requested by the Client Device, the AP will raise a request to https://aruba.brightcloud.com.
  • AP uses HTTPS to reach aruba.brightcloud.com to categorize the websites requested by the Client Devices.
  • It is hence not possible to capture the communication that happens inside the HTTPS traffic.

2 DNS.JPGAP resolving IP address of aruba.brightcloud.com

 

3 aruba brightcloud.JPGAP communicating with brightcloud through HTTPS

  • Until the web traffic categorized by aruba.brightcloud.com, the APs will categorize the Website as Unknown and the Clients will be able to access the websites.
  • Once the AP receives the web classification for that website, and if the client traffic matches the blocked category, the APs will block the Client Traffic.

4 Deny Access.JPGAccess Denied

  • If not, the AP will forward the client traffic to the Webserver and provide the Website requested by the Client Devices

5Allow access.JPGAllow Access

Regards,
Krishna Prasad
Labels (1)