eG Monitoring
 

Measures reported by FgFnWebFilterTest

Web filtering is a means of controlling the content that an Internet user is able to view. With the popularity of web applications, the need to monitor and control web access is becoming a key component of secure content management systems that employ antivirus, web filtering, and messaging security. Important reasons for controlling web content include:

  • lost productivity because employees are accessing the web for non-business reasons

  • network congestion - when valuable bandwidth is used for non-business purposes, legitimate business applications suffer

  • loss or exposure of confidential information through chat sites, non-approved email systems, instant messaging, and peer-to-peer file sharing

  • increased exposure to web-based threats as employees surf non-business-related web sites

  • legal liability when employees access/download inappropriate and offensive material

  • copyright infringement caused by employees downloading and/or distributing copyrighted material.

As the number and severity of threats increase on the World Wide Web, the risk potential increases within a company's network as well. Casual non-business related web surfing has caused many businesses countless hours of legal litigation as hostile environments have been created by employees who download and view offensive content. Web-based attacks and threats are also becoming increasingly sophisticated. Threats and web-based applications that cause additional problems for corporations include:

  • spyware/grayware

  • phishing

  • pharming

  • instant messaging

  • peer-to-peer file sharing

  • streaming media

  • blended network attacks.

The methods available for monitoring and controlling Internet access range from manual and educational methods to fully automated systems designed to scan, inspect, rate and control web activity.

Common web access control mechanisms include:

  • establishing and implementing a well-written usage policy in the organization on proper Internet, email, and computer conduct

  • installing monitoring tools that record and report on Internet usage

  • implementing policy-based tools that capture, rate, and block URLs.

The FortiGate unit applies web filters in a specific order:

  • URL filter

  • FortiGuard Web Filter

  • web content filter

  • web script filter

  • antivirus scanning.

The FortiGate firewall blocks the URLs that are mentioned in the URL filter list. The firewall is not only capable of blocking the URLs but also blocks the applets, cookies and Activex controls of the URLs in an active manner. Administrators can keep track on the number of hits to the blocked URLs using the FgFnWebFilterTest test.

By closely monitoring the FortiGate firewall, administrators can figure out the number of HTTP/HTTPS URLs that were blocked by the firewall as well as the number of applets, cookies and ActiveX controls of the URLs. This way, unwanted URLs can be blocked and the bandwidth consumption can be kept under check thus helping administrators maintain a prudent infrastructure at ease!

Outputs of the test : One set of results for the target firewall being monitored.

The measures made by this test are as follows:

Measurement Description Measurement Unit Interpretation
Http_url_blocked Indicates the number of HTTP URLs that were blocked by the firewall. Number  
Https_url_blocked Indicates the number of SSL enabled HTTP URLs that were blocked by the firewall. Number  
ActiveX_blocked Indicates the number of ActiveX objects that were blocked by the firewall. Number  
Applet_blocked Indicates the number applets that were blocked by the firewall. Number  
Cookie_blocked Indicates the number of cookies that were blocked by the firewall. Number