Categories Topics
Description
Proxy (Internet access)

Overview
Internet Proxy devices are standard controls used to filter, block and log internet user access to websites. Many proxy vendors provide the capabilities to ensure certain types of websites are restricted by category or by specific URL that may not be commensurate with company policies. Such websites may also have a higher likelihood of users downloading malicious content to company systems. Many proxies have filtering capabilities to protect internet downloads of malicious software.

Guidelines

Also, known as "forward proxies", internet proxies should be implemented to control internet access and is a core component of sound network security.

The organization's systems and networks should be configured to ensure internet outbound traffic is routed through an approved proxy to prevent access to unauthorized channels or websites and to protect systems from malicious software and unauthorized disclosure of sensitive information. In addition, browser settings on workstations should also be configured so that internet outbound access can only be done via an authorized proxy device and to ensure users cannot change proxy settings to bypass network controls.

Servers should generally not be allowed internet access by default, unless it's specifically authorized (e.g. for connectivity to vendor subscription services like patching). Server proxy access can also use a "white list" process: where a specific website link needs to be authorized such that a defined system will only be allowed to connect to the whitelisted or approved site (and no others) to perform a business service. Access should also be authenticated using an application or service account for audit/accountability and to ensure access is only allowed to approved destination sites.

 
News Articles
PowerShell threats surge: 95.4 percent of analyzed scripts were maliciouswww.symantec.com12/8/2016
Symantec, Blue Coat integrate threat intelligence operations, researchwww.zdnet.com10/26/2016
Blue Coat: SSL Visibility Appliance web based vulnerabilitiesisc.sans.edu5/31/2015
Think tank presses Blue Coat over censorship concernswww.computerworld.com1/16/2013
New Targeted Attack Destroys Data At Middle East Energy Organizationwww.darkreading.com8/16/2012
Six in Tokyo slammer after Android smut scamwww.theregister.co.uk6/18/2012