Web Filtering Gateway

In recent years, Internet have seen a great rise in its popularity and usage areas. People of all occupations and ages are on the internet, industries depend on it heavily, ant there are completeley new businesses that exist primarily in the internet. Companies depend heavily on internet usage, as a result most of the employees have access to the internet. Other than big companies, many other organizations are open to internet. Some examples are governmental bodies, schools and universities, non-profit organizations, hospitals, small offices. Examples are not limited to these, and the most common internet user is the home user.

The giant structure and variety of the internet makes it a valuable information source and communication medium. But any useful thing has some drawbacks, and internet is no exception. In fact ease of access and abundancy of uncontrolled traffic makes the internet a difficult place to stay safe. And a large organization is not only concerned with outside threats, but also inside threats which stem from workers or members. The workers or members of the organizations may visit sites or download files that may bring harm to the whole network of the organization. Some sensitive information may leak from the network to the outside world, either by a careless worker or one with a malicious intent.

Companies and organizations mostly used traditional firewalls, which does packet filtering by looking at easily extractable data, like IP adress or port of the communicating parties. This would be useful if the intent was to block and control some servers/protocols only. But the internet traffic around the world consists of web traffic mostly, distributed to a large number of servers in many different locations throughout the world. Traditional firewalls are not able to tackle with difficulties presented by such a gigantic network, especially in a corporate environment defined above. It is the content of the traffic, not the source/destination that should be checked to provide comprehensive control over the information flow. In a present day environment, where nearly the whole internet traffic is web traffic, blocking ports have little influence on the information security.

Our project aims to solve the most important problems of the modern day corporate and onrganizational network, by providing an application layer gateway; which will enable the network manager to control web traffic of the network in many different ways. Name of our project is IronCurtain and it will not only solve problems of big corporations and organizations, but also home users and small networks. IronCurtain will provide flexible control over the whole web traffic, user and group based control, extensive logging capabilities, and a configuration interface that is accesible from web. We plan to design and build IronCurtain so flexible, strong and easy to use, such that it will answer most of the modern day internet-based concerns.