Menu
homeConnection

Content filter. Free content filter for Linux and Windows

To allow the user to be online safely, we have developed special programs to filter traffic and web content.

How content filtering works

Viruses, theft personal information, network problems - all these are not empty words, but reality. That's why the main objective content filter - limit access to prohibited or malicious resources. This is achieved using lists of allowed/denied resources.

Every user needs protection, but children and teenagers need it especially badly. After all, many pages contain scenes of violence, erotica, advertising of harmful substances and alcohol. To protect yourself and your work computer from threats, you need to use a content filtering system.

Internet traffic filtering

Our company has developed a special mechanism for filtering Internet traffic, which will not only help maintain network access in working order, but also ensure the continuity and integrity of business processes. It allows you to control flows entering the local network, automatically reducing its load. This eliminates the problem of inappropriate access to third-party resources, irrational use network and working hours

An Internet traffic filtering system is necessary for different levels: For home use and for the corporate network. It exists in different forms:

  • utilities;
  • applications;
  • browser add-ons;
  • separate server.

The company "A-Real Consulting" is actively developing different ways ensuring network security, providing customers with a comprehensive solution. We have extensive experience in implementing Internet content filtering systems in schools and organizations.

Our content filter works based on web traffic data reported by the proxy server module. Then a check is made against the list of prohibited resources. This database includes several million sites divided into categories, which allows you to individually configure web content filtering parameters.

Users of the Internet Control Server filtering system simply need to ban a category, and all sites on this topic will automatically become inaccessible.

Content filtering also includes anti-virus modules, automatically checking all incoming traffic for malware. Our solution guarantees reliability and security, providing all the tools to manage network access.

Content filtering in schools and educational institutions

According to statistics, more than 100,000 educational institutions has access to the Internet, where students are exposed to a stream of aggressive and potentially dangerous content. Therefore it was approved and approved Federal System exclusion of access to Internet resources that are incompatible with the tasks of upbringing and education of students of the Russian Federation (SID).

In accordance with Federal Law No. 436 “On the Protection of Children from Information Harmful to Their Health and Development” and Federal Law No. 139 “On Amendments to the Federal Law “On the Protection of Children from Information Harmful to Their Health and Development”, installation of content filtering in an educational institution is a mandatory requirement.

Possible options

Internet filters can be configured in 2 ways:

  1. contact your Internet provider for help;
  2. install and configure specialized software.

In the second case, you will have to independently download and configure a content filter for a school or other organization. Our company offers to use the IKS Internet gateway with integrated SkyDNS. It is regularly updated and contains addresses of resources with information that is distributed in Russian Federation prohibited, i.e. complies with Federal Law No. 139 “On Black Lists”.

ICS functions for content filtering

  • organizing access only to reliable resources;
  • security from malicious objects that seek to enter the local network, carried out using a built-in firewall;
  • control of user access to the network;
  • keeping records of consumed traffic.

Advantages of the Internet gateway ICS

  • opportunity preliminary assessment and testing using a demo version for 35 days;
  • built-in Dr. Web;
  • built-in Kaspersky antivirus and antispam;
  • unlimited duration of the licensed version;
  • accessible training in the form of videos;
  • free full version Lite up to 8 users;

Setting up the ICS

Another advantage of ICS is the ease of installation and configuration. To do this you need to perform only 5 actions:

This is how easy it is to set up Internet filtering, ensuring full protection from external threats.


Type of organization

Select type of organization Educational institution State-financed organization commercial organization

Prices DO NOT APPLY to private non-governmental institutions and postgraduate institutions vocational education

ICS editions

ICS Standard ICS FSTEC

To calculate the cost of FSTEC, please contact the sales department

Delivery type

ICS ICS + SkyDNS ICS + Kaspersky Web Filtering

License type

New license Update license

Premium Update License License Extension

Number of users

License extension

C before users

In this article we will look at a multi-platform (Linux, Windows) solution for effective content filtering, its installation and configuration. This filter can be used in schools or other educational institutions.

Introduction

First, a little theory, if anyone is not interested, you can move on to the next chapter. What kind of filtration is there? Traffic filtering can be of two types: server and client.

How server filtering works

There is a dedicated computer, the Internet is configured on it, and this Internet is distributed to other computers via a local network. Filtering occurs on a dedicated computer. Famous programs to organize server content filtering:

For :

  • UserGate
  • Kerio
  • ISA Server
  • SafeSquid
  • Here you can enter many proxies on which you can organize filtering.

But there is one big drawback for solutions for Windows OS: almost all of them are paid, and if they are free, like MKF, then they require the installation of a paid product.

For Linux:

  • DansGuardian
  • Mindwebfilter
  • and etc.

These programs are free. But they are more difficult to configure.

How client filtering works

On each computer where content filtering is needed, a program that does this is installed and configured. Examples:

Windows

  • censor;
  • netpolice;
  • KinderGate and others

Linux

Theory

Now let's talk about something quite simple. free way content filtering, but still quite effective. Over the years I have tried many methods of content filtering, but this one has proven itself to be one of the best and simple solutions. It can also be used together with any of the other methods as a supplement.

What do we need for this?

  • Any OS: windows or ;
  • Browser Mozilla Firefox or browsers based on it that support Firefox plugins and extensions;
  • Internet connection.

How it works?

U Mozilla browser Firefox has many add-ons. Based on such additions, we will do content filtering.

Description of add-ons

The first addition on our list is WOT

WOT (Web of Trust) is a free browser add-on that warns the Internet user about potentially unsafe web pages while searching for information or making purchases. WOT is compatible with browsers such as Internet Explorer, Mozilla Firefox, Opera (version 11 using an extension) Chrome. Wikipedia

This plugin also has parental controls. Using this plugin we will perform content filtering.

Second addition. Adblock Plus

Adblock Plus- an extension for browsers and other Gecko-based software: Mozilla (including mobile), Mozilla Thunderbird, Mozilla Suite, SeaMonkey, Songbird and Mozilla Prism, which allows you to block the loading and display of various page elements: overly intrusive or unpleasant advertising banners, pop-ups and other objects that interfere with the use of the site. Wikipedia

Today, connecting a corporate network to the Internet from a technical point of view is enough simple task, which is solved without any problems. Lack of use policy in the company global network employees can lead not only to a noticeable decrease in their productivity, but also to an increased risk of damage to corporate information system malicious software with all that it implies.

Today, connecting a corporate network to the Internet from a technical point of view is a fairly simple task that can be solved without any problems. However, there is also Organizing time. The absence of a company policy on the use of the global network by employees can lead not only to a noticeable decrease in their productivity, but also to an increased risk of damage to the corporate information system by malware with all the ensuing consequences. And this is not to mention the fact that uncontrolled access to the Internet means increased costs for paying for the communication channel.

Internet policies can solve all of the problems listed above. It should describe which sites employees can visit, for what purposes they can access the global network, and a number of additional conditions, for example, exit time is limited, etc. It is clear that it is not enough to develop such a policy and let all employees become familiar with it. Even if you force them to sign a pledge to comply with the rules, it will not help. People will still communicate on Odnoklassniki or others in social networks, download music, visit dubious sites, etc. To make the policy for using the global network operational, you need special software - an Internet filter that can limit the actions of employees on the Internet in accordance with the established policy.

It is worth noting that today there are two types of Internet filters. The first includes those that are tied to proxy servers and are, as it were, an extension for them. The second type is “independent” products that work on their own and do not depend on how the Internet is “distributed” on the corporate network. Each option has its own advantages and disadvantages. Today we will compare and analyze several Internet filters of different types.

One thing to do here important notes. From our review we specifically excluded even world-famous, but not adapted for Russian market products. The fact is that such Internet filters cope well with English-language resources, however, they have some problems with Russian-language sites. Meanwhile, it is web projects on native language are the most popular in our country. And don’t even look at the developers’ statements that “our product supports more than 50 languages.” It is important not only and not so much the number of languages, but the volume and quality of categorization of the database of sites in Russian.

– this is quite interesting solution to implement corporate Internet use policy. However, it should be noted that it is additional module to a well-known and popular product in our country Kerio Control . This is a system that is used for comprehensive solution tasks of connecting a corporate network to the Internet. That is, it can only be used in conjunction with Kerio Control.

At first glance, this is a serious drawback of this product, which significantly limits the scope of its application. However, this approach There are also noticeable advantages. The point is the close integration of the Internet filter, proxy server and protection into a single whole. This distinguishes it from “piling” one system on top of another. Firstly, managing such an “economy” is much easier, and this affects not only the stability of operation, but also the cost of maintaining the information system, and, secondly, integration allows for general monitoring and obtaining common system reports.

But let's get back to analyzing the possibilities. Perhaps the most important of them is the system for blocking access to different sites depending on the category they belong to. For this purpose, a special database consisting of 53 headings is used. In principle, this number of categories is quite enough to fine-tune the access rights of employees and be sure that they use the Internet for business and not for personal purposes. It is noteworthy that the configuration can be carried out either individually for users or for entire groups of them.

In the process of operation, it not only blocks access to sites of undesirable topics, but also collects statistics on visits to web projects by category. In this way, the administrator or person in charge can find out exactly where Internet traffic is being spent and what employees are spending their time on the Internet on. Based on the collected statistics, a special module Kerio Star(centralized analysis and reporting system) can generate Various types reports.

In addition to directly filtering sites by category, the Internet filter usually requires some other restrictions, for example, setting permissions to access the Network depending on the time of day, prohibiting downloading files of a certain type, etc. However, all this is missing. The fact is that all these possibilities have already been implemented in Kerio Control, so there is no need to duplicate them in the Internet filter.

Thus, it is a tool for “categorizing” access to the Internet. He has no other options. However, they are not needed, since they are all implemented in the “main” product - Kerio Control.


SurfControl products are also quite well known both around the world and in our country. Among them, SurfControl Web Filter occupies a prominent place. Although, in fact, this is not one product, but a whole series of solutions for different platforms: Windows, Novell, Microsoft ISA, Citrix, Cisco, etc. It is noteworthy that SurfControl Web Filter products include both purely software and hardware solutions. Although, despite external differences, they are all similar in their capabilities and purpose. Therefore, we will consider the most popular option - SurfControl Web Filter for Microsoft Windows. As the name suggests, it is not tied to a specific platform and can perform its “responsibilities” regardless of which proxy server is used in the corporate information system.

SurfControl Web Filter for Microsoft Windows is presented in full software solution. This product is integrated into the corporate network and constantly works in “listening” mode network traffic. It immediately contains several tools for implementing Internet use policies. The main one is limiting access to sites based on their subject matter. For this purpose, a dynamic database consisting of 45 categories is used. However, it is necessary to note one very important point. The fact is that the basic package of SurfControl Web Filter does not include “accelerated” updating of the web address database. According to the developers themselves, in this case the period for categorizing new sites ranges from a week to several months. Therefore, all users are invited to subscribe to additional service– RuFilter. In this case, regular updating of the database is guaranteed, as well as checking all sites visited by company employees, but unknown to the system, within three days.

In addition, SurfControl Web Filter for Microsoft Windows includes a number of other tools for restricting employee access to the global network. These include setting a schedule for working on the Internet, entering different policies for different times of the day, a limit on consumed traffic, etc. Usually all such features exist in the proxy server, but if for some reason corporate system they are not used, you can use them in SurfControl Web Filter.


– company development Entensys Corporation, known in our country for its proxy server UserGate Proxy&Firewall. This system appeared on sale recently - it was introduced only this year. However, its database has existed for a long time and is actively used in the proxy server. Therefore, the basis itself cannot be called a new product. It was simply taken from the proxy server and put into a separate product. – platform-independent Internet filter. It can be installed either before or after the DNS server. But anyway this product

works regardless of the composition of the corporate information system. The main purpose is to restrict user access local network to sites of certain categories. For this, as in other Internet filters, a categorized database is used. However, it is not located locally, but on the developer’s site, that is about the use of cloud technologies. When requests are received, it contacts the remote database and receives a response from it. The advantage of this approach is the guaranteed relevance of the data and the absence of the need to update it. By the way, in total the database contains more than 500 million records (according to the developers), divided into 82 categories.

Additionally, a “white” and “black” list of sites is implemented, as well as linking specified rules to a schedule. With their help, you can make your company's Internet use policy more flexible. You can also note the system for collecting statistics and generating reports. With its help, you can clearly see which sites employees visit and how rationally they use access to the global network.

Let's sum it up

Today we looked at three Internet filters different types. Which one is better? It is impossible to answer this question unequivocally. In each specific case it is necessary to take own solution. So, for example, if a proxy server is deployed and running on a corporate network Kerio Control, That the best option will be product purchase . Their close integration in terms of management and reporting will significantly simplify and reduce the cost of implementation and maintenance.

If the task is to create a new local network or connect an existing one to the Internet, then it is better to take into account all the needs in advance and immediately use a proxy server with an integrated Internet filter. In this case you can use Kerio Control with or product UserGate Proxy&Firewall, which already includes the functionality we reviewed today.

If corporate network is already connected to the Internet, and the proxy server you are using does not have the necessary functionality, you will have to implement a platform-independent Internet filter. In its quality, you can use it, which combines cloud technologies and a very large database of sites, optimized for use by Russian-speaking users.

Over the past ten years, schools in Russia and the CIS have been periodically covered by a wave of inspections by the prosecutor's office regarding the educational institution's compliance with Federal Laws FZ-436 (“On the protection of children from information harmful to their health and development”) and FZ-139 (additions to FZ-436 and a number of legislative acts on restricting access to illegal information on the Internet).

Then, in 2008, these laws did not yet exist, but the Ministry of Education and Science had already provided educational institutions with website filtering programs. Filters blocked Internet sites with pornographic and nationalist content, information about drugs, and calls for terrorist activities. Later in 2012, Roskomnadzor ordered Internet providers to block access to sites from the Unified Register of Prohibited Sites it created, which is constantly updated.

Sanctions based on the results of inspections applied and continue to apply to those educational institutions that do NOT have content filters installed on the Internet. This is checked simply: an employee of the prosecutor's office enters the address of a suspicious site or a potentially dangerous phrase into the search engine of the school computer. If the site opens, the verification fails.

“MBOU “Kara-Chyraan Secondary School” ... is connected to the Internet. The prosecutor's audit established that in the computer science classroom high school Content filters are not installed on computers. Consequently, students from school computers through Yandex can access pages of sites containing extremist and terrorist materials, information promoting drug use... the school director was fined 5 thousand rubles.” (Website of the prosecutor's office of the Republic of Tyva, 2015).

“...The prosecutor's office of the Puchezhsky district of the Ivanovo region reported that it found unhindered access to the Internet on computers at the MBOU DO "IMC"... the director of the institution was fined 5,000 rubles, the very entity- in the amount of 20,000 rubles.” (Website of the prosecutor's office of the Ivanovo region, 2013).

On June 18, 2014, the Tatarstan court imposed a fine of 20 thousand rubles on the director of the school where he was open access to extremist sites... It was found that school internet allowed students to access sites officially considered terrorist or extremist. Prosecutors accused the school management of violating the law “On the Protection of Children from Information Harmful to Their Health and Development.”
The prosecutor's office of the Nemsky district of the Kirov region has taken measures to limit the access of students of educational institutions to sites containing prohibited materials...submissions have been made to school directors raising the issue of punishing persons guilty of non-compliance Federal Law..." (Website of the prosecutor's office of the Kirov region, 2014).

Every year, several hundred such official messages appear across the country!

Imagine the surprise of law-abiding school principals when they too came under sanctions from the prosecutor’s office! For what?

It turns out that the filtering programs from the Ministry of Education and Science do not provide adequate protection. Perhaps because they are not updated, and sites on the network are multiplying at the speed of light. Responsibility for access to dangerous content lies with the school principal.

There are more and more messages like this on the Internet:

“At the time of prosecutorial inspections at MBOU Pervomaiskaya Secondary School, MBOU Yasenkovskaya... (22 schools are listed) from school computers connected to the Internet, there was Free access to sites containing information about the manufacture of explosive devices, narcotic drugs and psychotropic substances... At the same time, the content filtering tools installed in these educational institutions did not provide necessary protection from the information... 265 officials were brought to disciplinary liability.” (Website of the Tula Prosecutor's Office, 2015).

But this is not the only problem. In addition to the fear of school principals of being subject to sanctions, even while complying with the law, there is also the indignation of teachers who find it difficult to work due to content filters.

Slow Internet at school is also associated with filters

Filters can also be set at the ISP level, but then the school cannot control the filtering settings. As a result, potentially harmful information is blocked as much as possible “just in case.” This is similar to Soviet times, when they were afraid to tell any joke or poem, so as not to go to prison.

Content blocking in schools is already reaching the point of absurdity: literally everything is closed. Common opinions among teachers:

“It is impossible to download even harmless materials for lessons: photographs of nature, educational games, crossword puzzles, or even the text of the Russian anthem.”

“Due to monstrous content filters, the Internet in schools is very slow. Especially in the regions. One website page can take half an hour to load. And this is in the 21st century!”

As a result, teachers download materials from the Internet at home, spending personal time on this, or buy them with their own money personal modems and bring them to school. And children have unlimited access to any content from their smartphones! What should I do? Install specialized programs, thanks to which suspicious content will be filtered, teachers will be able to work fully, and children’s surfing on social networks will be under control.

There is a solution: programs designed specifically for schools

Today's security systems market offers a choice of several ways to bypass unwanted information from the Internet.

Special children's browsers. Filters content only for children. They are more suitable for home use, as they solve only one problem: not showing prohibited content to children. Settings for other users are not possible.

Programs built into the software. Protects a specific computer, and not the entire network (for example, parental control mode in Windows).

Filters from the Internet provider. These are online services with maximum blocking (you read about them above).

Software gateway. It works on the principle of a firewall. With good configuration, it is able to filter content efficiently without losing connection speed. Does not require installation costs and is easy to maintain (even by a non-professional).

Hardware and software system. Reliable way filtering using network traffic switches. Requires professional maintenance and large investments in equipment. Suitable for private schools.
It can be seen that for schools more suitable ways filtering is a software gateway. But you can’t buy just any one! It is important to choose the right one. Below we provide a small cheat sheet for choosing a software gateway provider for a school.

How to choose a software gateway provider for your school

● Special “sharpening” for schools. A content filtering program should be developed in collaboration with school administrations, and not according to the speculative ideas of developers.
● FSTEC Certificate. In 2016 federal Service on technical and export controls approved the requirements for firewalls, which oblige all educational institutions to install only certified software.
● Technical support. It would be good if the manufacturer not only provides uninterrupted technical support, but also trains school staff in working with the software ( system administrator, computer science teacher).
● Separate access. The gateway must be able to separate access to the Internet for different categories users: students, teachers, school administration, school guests.
● Flexible settings. This is the ability to create your own lists of prohibited sites, configure the allowed time for accessing the Internet and create personal access policies.
● Social media monitoring. This option is a significant advantage. With open but controlled school wi-fi, children will definitely use it, saving their mobile traffic. A gateway with social network monitoring will help control children’s “surfing” and identify potentially dangerous groups on social networks. So the school will turn from a Cerberus that only prohibits and blocks, into a “social worker” that helps teenagers with their problems (cruelty, suicide, drugs, etc.).

Surprisingly, even in 2018, only a few meet these requirements. Partly because get FSTEC certificate– the task is not easy. And that’s good, because that’s what the certificate is for, to give the green light to the best. Today it's just a few Russian companies. Their software gateways have differences:

SkyDNS.School from Skydns. Supports services dynamic DNS. High-quality filtration. Flexible settings that just need to be done on one device from the local network for it to appear on all devices. The company also has a secure search engine, poisk.skydns, which can be added to your main browser. From all search engines The request is redirected to this address.

Traffic Inspector. Version for schools from Smart Soft. The company specializes not only in safe internet, but also on saving costs to ensure this security. The gateway has blocking by terms, more than 100 filtering categories with combination, flexible settings by groups and individual users. There is staff training. The only supplier on the list who has implemented social media monitoring in the gateway.

X for schools and universities from the Internet Control Server company. Ready sets of rules for educational institutions. Various functionality. Lists of the State Drug Control Service and the Ministry of Justice. Easy installation, video tutorials on setup.

Conclusion

WITH modern systems content filtering, we can confidently say that the days are gone when, in response to a request from a representative of the prosecutor’s office to “walk for half an hour while I check on you,” the computer science teacher turned pale and speechless. Or I didn’t lose it, because I knew that there was practically no Internet at school, only an internal website.

Today, by purchasing a filtering program from a supplier who has developed it specifically for a school, you can provide fast, secure Internet, monitor children’s behavior on social networks, easily pass an inspection by the prosecutor’s office, and even relieve yourself of responsibility if problems arise during the inspection. So far, all the nuances of the situation are taken into account only by one of the products most adapted for schools - Traffic Inspector.

Web threats lie in wait for any Internet user, which causes them to gradually become a rather serious problem, especially for schools and libraries. These institutions provide access to the Internet to children, whose job security has been declared one of the most important tasks at the international level.

On the one hand, the use of the Internet by teachers and lecturers in the learning process makes it possible to make classes more interesting for students, on the other hand, it can lead to visiting resources that are not particularly desirable for children, which is contrary to a number of laws and regulations. In addition, viruses contained on dangerous sites can become a real headache not only for technical specialists servicing the school (or library) network, but also for the entire teaching staff.

Meets all the requirements of Federal Law-436 of the Russian Federation "On the protection of children from information harmful to their health and development", Federal Law-139 of the Russian Federation "On black lists", Decree of the President of the Russian Federation N761 "On national strategy actions in the interests of children for 2012 - 2017".

Computer classes with public access The Internet is used by children not only during lessons. IN similar cases Along with other dangers, there is a risk of unwanted acquaintances, often leading to the child being stalked on the Internet by scammers or pedophiles.

How it works?

An effective Russian Internet filter is KinderGate Parental control , successfully implemented in thousands of schools and libraries. The product ensures safe browsing and helps minimize inappropriate web surfing. The Internet filter combines the following Internet filtering mechanisms in its work:

  • blocking by site categories;
  • content filtering using DCI technology (including for Web resources 2.0);
  • safe search (Google, Yandex, Youtube, etc.);
  • white and black lists (including the RosKomNadzor Register, resources from the Ministry of Justice list);
  • blocking banners and pop-ups;
  • load control certain types files.

More detailed information O functionality product presented in