Users spend increasing time on the web, surfing their favorite sites, clicking on email links, or utilizing a variety of web-based SaaS applications for both personal and business use. While incredibly useful to drive business productivity, this kind of unfettered web activity­ exposes organizations to a range of security and business risks, such as propagation of threats, possible data loss, and potential lack of compliance. Traditionally, companies have used URL filtering as a tool to prevent employees from accessing unproductive sites. With today’s URL filtering, firms enable secure web access and protection from increasingly sophisticated threats, including malware and phishing sites. ### How Does URL Filtering Work? URL filtering technology compares all web traffic against a URL filtering database, permitting or denying access based on information contained therein. Each website defined in the database is assigned to a URL category, or group, that firms can utilize in one of two ways: 1. Block or allow traffic based on URL category. Create a URL Filtering profile that specifies an action for each URL category and attach the profile to a policy. This includes categories for malware or phishing sites. 2. Match traffic based on URL category for policy enforcement. If the goal is for a specific policy rule to apply only to specific web traffic categories, add the category as match criteria when creating the policy rule. URL filtering is enabled through local database lookups, or by querying a master cloud­-based database. Local lookups on a limited, but frequently accessed, number of websites­ ensure maximum in-line performance and minimal latency for the most frequently­ accessed URLs, while cloud lookups provide coverage for the latest sites. To account for firms’ unique traffic patterns, on-device caches store the most recently accessed URLs, with the ability to also query a master database in the cloud for URL category­ information when an on-device URL is not found. ### Stand-Alone URL Filtering Is Insufficient Stand-alone URL filtering deployments, however, don’t have the right mechanisms to adequately control web browsing and prevent threats. They cannot coordinate actions and lack application visibility and meaningful integration with other required solutions to protect against the different attack stages and threat vectors. For example, phishing sites may be detected through an IPS or even a sandbox, but with stand-alone URL filtering, the lack of communication between sandbox, IPS and URL filtering technologies may result in inadequate protection of the URL request.