IT-Laguna

Web traffic refers to the flow of data between a website and its visitors. In a nutshell, here’s how web traffic works:

1. User initiates a request: When a user types a website URL into their browser or clicks a link, they send a request to the web server hosting that website.
2. Domain Name System (DNS) lookup: The user’s request is sent to a Domain Name System server, which translates the URL into an IP address corresponding to the web server.
3. Establishing a connection: Once the IP address is obtained, the user’s browser establishes a connection with the web server using the Hypertext Transfer Protocol (HTTP) or its secure version (HTTPS).
4. Server processes the request: The web server receives the user’s request and performs the necessary processing. This may involve retrieving data from a database, running scripts, or generating web pages dynamically.
5. Server responds with data: The web server generates a response based on the user’s request, which typically includes HTML, CSS, JavaScript, and other assets required to render the web page.
6. Data transmission: The server sends the response back to the user’s browser over the internet through a series of network routers and switches.
7. Rendering the web page: The user’s browser receives the response and starts rendering the web page. It interprets the HTML, applies styles with CSS, executes JavaScript code, and displays the content on the user’s device.
8. Additional requests: As the web page loads, the user’s browser may send additional requests for images, stylesheets, scripts, or other resources referenced in the HTML.
9. Completion and user interaction: Once the web page is fully loaded, the user can interact with the content, click on links, input data, or submit forms, resulting in further requests and web traffic.
10. Tracking and analytics: Websites often use tools like Google Analytics to track web traffic, gather statistics, and measure user engagement.

This is a simplified overview of how web traffic works. The process involves a complex interaction between a user’s browser and the web server to deliver the requested content and provide an interactive browsing experience.

L7 filters in mikrotik

HTTP✔️HTTPS✖️

Suitable for: SOHO only

Done properly wouldnt use 100% of cpu, but will use a ton. so for small routers or huge networks is a no go.

Layer 7 filters, also called application layer filters, inspect and filter network traffic at the application layer. They understand and analyze application-level protocols like HTTP, FTP, SMTP, or DNS.

These filters analyze packets and make filtering decisions based on attributes like URL, file type, or user agent. They can also detect and block potential threats, like malware or unauthorized access attempts.

However, layer 7 filters require significant computational resources, especially CPU power. Analyzing each packet at the application level demands more processing power compared to lower layer filters.

Implementing layer 7 filtering in a high traffic network can strain the CPU. To ensure good performance, enough processing power or specialized hardware may be needed.

While layer 7 filters offer granular control and enhanced security, their resource requirements should be considered when implementing them.

WEB proxy in mikrotik

HTTP✔️HTTPS✖️

Done properly wouldnt use 100% of cpu, but will use a ton. so for small routers or huge networks is a no go.

Suitable for: SOHO only

A proxy filter, implemented through web proxies or dedicated proxy servers, acts as an intermediary between client devices and web servers. It intercepts clients’ requests and applies predefined filtering rules and policies to control web traffic. By analyzing the requests, the proxy server can block or allow specific URLs, content types, file extensions, or keywords. If the content is allowed, the proxy server establishes a connection with the web server on behalf of the client, retrieves the requested information, and sends it back. Proxy filters enable organizations to enforce browsing policies, restrict access, monitor usage, and enhance security by scanning web traffic, providing a seamless and controlled web browsing experience.

Dedicated proxy server

HTTP✔️HTTPS✔️

Can filter all the requests, using dedicated server will increase the troughput capacity, also will allow https filtering

Suitable for: Small bussines

Existing routers and firewalls can easily forward web traffic to a dedicated proxy server. This allows for efficient filtering and monitoring of web activity in a corporate environment.

A proxy server can be hosted on-premise or in the cloud, depending on specific requirements. On-premise hosting offers control and quick response times, while cloud hosting provides scalability and flexibility.

The setup is reliable and scalable thanks to redundant hardware configurations and failover mechanisms. It can handle increasing web traffic by adding more proxy servers, ensuring uninterrupted access to web resources.

Dedicated NGFW

HTTP✔️HTTPS✔️

Robust Reliable and easy to maintain

Suitable for: Goverment and Corporate

A next-generation firewall (NGFW) can be deployed as either a physical or virtual appliance. It serves as a dedicated solution for web filtering, similar to appliances like Fortigate, Meraki, or Sophos.

NGFWs use block-filter definitions that are updated from the vendor’s cloud. This ensures that the firewall stays up-to-date with the latest threats and can effectively block websites by categories and specific rules, like blocking certain file extensions.

Automatic filter updates are a key factor because they keep the firewall’s blocking capabilities current and effective against emerging threats. It is important to note that using an NGFW for web filtering usually requires a license to access its full features and functionality.