Home > Security Channel Tips > Information Security Threats > Filter URLs to reduce information security threats
Security Channel Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

INFORMATION SECURITY THREATS

Filter URLs to reduce information security threats


Al Berg
03.20.2007
Rating: --- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


Get strategies for controlling the URLs that enter and exit your customer's network, and mitigate risks posed by hackers, worms and spyware. Value-added resellers (VARs) and security consultants who follow the guidance in this tip will learn how to filter URLs to increase network security without creating annoying obstacles. This tip originally appeared on SearchSecurity.com.

The role of the lowly URL has really grown over the past few years. Originally, URLs (Uniform Resource Locators) were simple tools to help point your Web browser at the Web page of your choice. Today, they are a highly extensible meta language allowing remote computers to exchange executable content and commands, and a conduit for client/server data. Therefore, controlling the URLs that enter and leave your customer's network is an important way to reduce risks posed by hackers, worms and spyware.

Here are three ways filtering URLs on their way out of your customer's network can make them safer:

Filtering inbound URLs can really ruin a hacker's day -- and we security professionals just love to ruin hackers' days. Here are

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Antimalware Strategies and Techniques
How to recession-proof your information security business
Malware removal without antivirus software
Email filtering: Choosing a content filtering tool for your customer
Polymorphic malware attacks and in-line scanning
Use hosted email filtering for virus protection
Re-route virus traffic to the bit bucket
Content filtering: An integrated approach
How to use an ISA Server as an SMTP filter
Use egress filtering to prevent DoS attacks
Antivirus software patch management

Computer Viruses, Worms and Malware
Trend Micro's Worry-Free Business Security 6.0 extends partner opportunities
Agilex partners with HBGary to offer security forensic, assessment services
What is the future of antivirus or antimalware software?
Checklist: Five steps to assessing a customer's antivirus protection
Top security book excerpts of 2007
Virtual honeypots: Tracking botnets
Tracking botnets
Defending against bots
Case studies
Botnets summary

Information Security Threats
UTM appliances bundle security, give VARs multiple revenue streams
Remote vulnerability scanning: Process, roles and responsibilities
Data breach prevention techniques: Helping customers avoid data breaches
Full disk encryption: A hot opportunity for VARs
Top security tips for solutions providers
Common injection attacks
Checklist: Five steps to assessing a customer's antivirus protection
Polymorphic malware attacks and in-line scanning
Use hosted email filtering for virus protection
Re-route virus traffic to the bit bucket

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


two ways to control the URLs entering your network: Whether you filter inbound URLs, outbound URLs or both, there will be times when the filter blocks legitimate traffic and your users are going to get upset. Make sure you have a plan for the exceptions. You should also have a process that allows users to report filtering problems, and resolve them quickly and consistently, so the business manager will not see security as a business obstacle.

While URL filtering is not a complete solution to the problems posed by malware and inappropriate content, when properly used, it is a key component of a "defense in-depth" strategy for corporate networks.

About the author
Al Berg, CISSP, CISM, is the Director of Information Security for Liquidnet (http://www.liquidnet.com), the #1 electronic marketplace for block trading and the fifth fastest growing private company in America according to Inc. Magazine's 23rd annual Inc. 500 list of the fastest growing privately held companies in America.

This tip originally appeared on SearchSecurityChannel.com sister site SearchSecurity.com.

Rate this Tip
To rate tips, you must be a member of SearchSecurityChannel.com.
Register now to start rating these tips. Log in if you are already a member.




DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

HomeNewsTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogsEvents
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2006 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts