Overview of URL Access Control Parent topic

The InterScan Web Security Virtual Appliance can control URL access based on Web Reputation feedback, the URL Filtering module, or the combination of both. The combination of Web Reputation and the URL Filtering module is a multilayered, multithreat protection solution provided by IWSVA.
The URL Filtering module grants or denies Web access based on the category to which a URL belongs. Web Reputation grants or denies Web access based on whether the requested URL is a phishing or pharming threat, has hacking potential, or has a reputation score that deems it untrustworthy. Both the URL Filtering module and Web Reputation are controlled by specifications you make in policies.
When a user attempts to access a Web site, the following events occur:
  • IWSVA checks the requested URL against the URL blocking list and trusted URL list.
    If the URL is found on the URL blocking list, the request is denied. If the URL is found on the URL trusted list, access is granted and no form of access control is done.
  • If the URL is not on the blocked or trusted list, then IWSVA sends the requested URL to Web Reputation for processing.
  • From a remote database, Web Reputation retrieves the appropriate URL rating for the URL.
    The rating can either be "high," "medium," or "low." The sensitivity level you specify determines whether or not IWSVA blocks the URL.
    If the URL is found on an approved URL list included in a virus scanning policy, then IWSVA skips the antiphishing and antipharming detection for this URL.
  • Web Reputation then determines if the requested URL is a phishing or pharming threat and if so, flags the URL accordingly.
  • The final process of Web Reputation is to determine the category of the URL.
    The category information is used later by the URL Filtering module.
  • Web Reputation returns to IWSVA the URL rating, any phishing or pharming flags, and the URL category.
  • If a URL is flagged for phishing or pharming, then IWSVA blocks access to the Web site.
  • Next, if you are using the URL Filtering module, then this module uses the Web category information for the requested URL to determine if access is permissible.
    If the URL is found on an approved URL list included in a URL Filtering policy, then the URL bypasses the category filtering and proceeds to the final step in URL access control.
    If the category of the requested URL is permitted in the URL Filtering policy, then the URL is passed on to the final step; otherwise, the URL is blocked.
  • Finally, based on the Web Reputation URL rating, IWSVA determines if the requested URL is below or above the sensitivity level specified in the scan policy.
    If the URL is found on an approved URL list included in a virus scanning policy, then IWSVA skips the sensitivity level checking for this URL.
    If the rating falls below the sensitivity level, then the requested URL is blocked. However, if the rating is above the sensitivity level, IWSVA grants access.
See also: