Welcome to the Proxy Update, your source of news and information on Proxies and their role in network security.

Friday, September 24, 2010

What You See Isn't Always What You Get

In any discussion about proxies or Secure Web Gateways, there's always a discussion about how effective and complete a vendor's URL categorization happens to be. This is important because an organization's policy enforcement, and the prevention of malware into the company is dependent on this categorization. It's not surprising then, that various vendors continually seek out ways to show up one another in the URL filtering realm, with missed URLs or incorrectly classified URLs.

It's hard not to be taken in when you're shown a popular URL and then told, by the way a particular vendor doesn't classify it correctly. Recently I was told that Blue Coat mis-categorized the URL, "http://www.facebook.com/playboy#!/playboy?ref=ts" as only Social Networking and missed the category Adult/Mature Content, but of course correctly identified "http://www.facebook.com/playboy" as both categories.

While it's true if you plug in just the URL "http://www.facebook.com/playboy#!/playboy?ref=ts" into a test for Blue Coat's URL categorization, you'd only get Social Networking, you actually have to dig a little deeper to see the truth behind this statement. If an end-user actually tried to visit this URL through a browser, that's not really the site they would visit, that's because when you go to this URL, you're actually visiting (courtesy of AJAX) "http://www.facebook.com/playboy?ref=search&__a=4&ajaxpipe=1&quickling[version]=293384%3B0", a URL that is categorized correctly (and blocked correctly if you have Adult/Mature Content blocked), even though the address bar will continue to show "http://www.facebook.com/playboy#!/playboy?ref=ts".

All this just goes to show, you need to take what one competitor says about another with a grain of salt and do your own testing to make sure the solution you pick fits your needs.

No comments: