Overview
Powerful Engines
Configurations
Internet Management
Application Control
Cloud Enablement
Advanced Filtering
Overview
EX Network Composer
EC Network Conductor
Mobile Client
XLi OS Version 9
MobileMonitor
Professional Services
Overview
Business
Health Care
Hospitality
Libraries
K-12 Education
Higher Education
Overview
Help
Resource Center
Legacy Products
Overview
Partner Login
Overview
Management Team
News Articles
Press Releases
Careers
Corporate Headquarters
Support
Sales
More Information

Filter Avoidance
View a demo! Get a quick quote Upcoming webinars
"Great customer service! Cymphonix responded quickly."
Network Administrator; Uinta School District

Filter Avoidance

 

See more on these topics>  Application Visibility> Web Filtering> Bandwidth Shaping> Granular Reporting> Network Security> 

 

No matter whose filter you’ve deployed, the appliances do no good if users can bypass them. Individuals commonly use filter avoidance techniques to bypass anonymously an organization’s content filtering and network monitoring tools.

 

Common filter avoidance technologies include:

 

  • HTTPS encrypted sessions
  • Nonstandard ports
  • IP address instead of DNS name
  • Web-based proxies (for example, proxify.org , www.xioi.info , unblockzweb.com )
  • Anonymous proxies
  • Encrypted HTTPS proxies
  • SOCKS proxies
  • SSH tunneling or port forwarding
  • DNS text-record tunneling
  • HTTP 1.1 connect tunneling (for example, Corkscrew and Proxy Chains)
  • Clients (for example, TOR, UltraSurf, FreeGate, GPass)

 

But you have a bigger problem than users just getting to inappropriate or objectionable content.   Once connected to the Internet through one of the many filter avoidance techniques, the Internet connection is typically live for all traffic a user sends.  In other words, all corporate transactions, financial data, intellectual property, or any other information the user sends to a corporate cloud resource or extranet also flows over an otherwise unsecure connection.  The owner or operator of the filter-avoidance service can copy and steal all data transmitted over this connection if the data are transmitted in an unencrypted form or transmitted to the filter-avoidance solution where it terminated the SSL tunnel.

 

How we do it better


Our Network Composer does several things other Secure Web Gateways can't because it's designed to sit in-line.  First, Network Composer sits in-line.  This means it can see all ports and all protocols and see everything traveling in and out of the organization. 

 

This arrangement means that port-hopping techniques that redirect traffic to ports that may not be watched in other solutions do not work in Cymphonix installations.  Other appliances monitor ports 80, 8080, 443, and maybe a few more.  We monitor those ports and all of the others.  All of them.  That way, we can see things that other filter solutions miss.

 

Anonymous Proxy GuardTM is a part of the XLi OS that enables Network Composer hardware to deploy Layer 7 application signatures with dynamic filter avoidance detection technology to find and stop the most sophisticated filter bypass techniques. Anonymous Proxy Guard scans traffic in real time and looks for telltale clues to infer whether traffic is using filter avoidance.

 

See more>