Overview
Powerful Engines
Configurations
Overview
EX Network Composer
EC Network Conductor
XLi OS Version 9
iPhone Reporting App
Professional Services
Overview
Business
Health Care
Hospitality
Libraries
K-12 Education
Higher Education
Overview
Help
Knowledge Base
Resource Center
Legacy Products
Overview
Partner Login
Overview
Management Team
News Articles
Press Releases
Careers
Corporate Headquarters
Support
Sales
Register for a Webinar
Watch an Online Demo

Filter Avoidance
See for yourself
To tour, participate in a Webinar or schedule an on-site evaluation.
See More >
"The key is that anyone in management can easily use this application. It's not only for technical staff. The ability to monitor and shape applications and employees in real time is highly compelling as businesses seek for further productivity gains and hedges against corporate liability."
Vice President; IPSoft

Filter Avoidance

 

See more on these topics>  Application Visibility> Web Filtering> Bandwidth Shaping> Granular Reporting> Network Security> 

 

No matter whose filter you’ve deployed, the appliances do no good if users can bypass them. Individuals commonly use filter avoidance techniques to bypass anonymously an organization’s content filtering and network monitoring tools.

 

Common filter avoidance technologies include:

 

  • HTTPS encrypted sessions
  • Nonstandard ports
  • IP address instead of DNS name
  • Web-based proxies (for example, proxify.org , www.xioi.info , unblockzweb.com )
  • Anonymous proxies
  • Encrypted HTTPS proxies
  • SOCKS proxies
  • SSH tunneling or port forwarding
  • DNS text-record tunneling
  • HTTP 1.1 connect tunneling (for example, Corkscrew and Proxy Chains)
  • Clients (for example, TOR, UltraSurf, FreeGate, GPass)

 

But you have a bigger problem than users just getting to inappropriate or objectionable content.   Once connected to the Internet through one of the many filter avoidance techniques, the Internet connection is typically live for all traffic a user sends.  In other words, all corporate transactions, financial data, intellectual property, or any other information the user sends to a corporate cloud resource or extranet also flows over an otherwise unsecure connection.  The owner or operator of the filter-avoidance service can copy and steal all data transmitted over this connection if the data are transmitted in an unencrypted form or transmitted to the filter-avoidance solution where it terminated the SSL tunnel.

 

How we do it better


Our Network Composer does several things other Secure Web Gateways can't because it's designed to sit in-line.  First, Network Composer sits in-line.  This means it can see all ports and all protocols and see everything traveling in and out of the organization. 

 

This arrangement means that port-hopping techniques that redirect traffic to ports that may not be watched in other solutions do not work in Cymphonix installations.  Other appliances monitor ports 80, 8080, 443, and maybe a few more.  We monitor those ports and all of the others.  All of them.  That way, we can see things that other filter solutions miss.

 

Anonymous Proxy GuardTM is a part of the XLi OS that enables Network Composer hardware to deploy Layer 7 application signatures with dynamic filter avoidance detection technology to find and stop the most sophisticated filter bypass techniques. Anonymous Proxy Guard scans traffic in real time and looks for telltale clues to infer whether traffic is using filter avoidance.

 

See more>