Web URL Filtering vs. Web Data Protection
search cancel

Web URL Filtering vs. Web Data Protection

book

Article ID: 164722

calendar_today

Updated On:

Products

Web Security.cloud

Issue/Introduction

What is the differences between Web URL Filtering vs. Web Data Protection and when to use them

Environment

Symantec Web Security.cloud

Resolution

Web URL filtering enables you to control and report on your users' web browsing to comply with your corporate security policy or other requirements, for example Web URL Filtering can:

  • Allow a specific group of users to access a specific site.
  • Block all users except members of the Marketing department from visiting streaming media or social networking web sites within work hours.
  • Block downloads of specific Content Types: MIME Types and File Type.

The URL filtering policy rules are much faster to evaluate but with the tradeoff that there is a limited number of things that can be implemented using a URL filtering rule. When comparing the URL specified in a URL filtering policy rule to the web traffic that we receive, we compare it as if the URL was specified with a wildcard character at the end so specifying https://www.domain.com would get compared to the traffic received as if the URL filtering policy rule had been created for https://www.domain.com*.

Web Data Protection service enables you to monitor and block the information that your users share with web sites, for example Data Protection can

  • Check for references to your organization's products in the posts that your users make to social media sites.
  • Prevent a user from posting content to the web and display a notification message to the user.
  • Check whether a web request contains more than three unique credit card numbers and display a notification message to the user.
  • Check for file uploads that are of a specific type, such as video or audio type files and display a notification message to the user.

Data Protection policy rules are much more powerful but that flexibility comes with a performance trade-off in the engine that does the Data Protection policy evaluation. At the heart of the Data Protection policy evaluation engine (i.e. the Content Control engine) is a regular expression evaluation engine and the URL that is specified in a Data Protection policy rule is evaluated as if it was a regular expression. This mean that the customer is free to use regular expression syntax to reduce the number of distinct URLs that they would have had to normally specified with a URL filtering rule and if they specified https://www.domain.com then the rule would only trigger when the URL received contain exactly https://www.domain.com and nothing less, nothing more. This mean that if somebody wanted to create a Data Protection policy rule to replace a URL filtering rule then they would need to explicitly add the "*" wildcard at the end of the URL that they specified in the Data Protection policy rule to get the same behavior that they had with the URL filtering rule.  

Summary:

If you need to implement policy based on block/allow access to web sites you should be utilizing Web URL filtering since it will process these requests much quicker and more accurately.

If you need to implement policy based on the information shared in web sites you should be utilizing Web Data Protection. 

Powered by Wolken Software