Reply
DJ
Advisor
DJ
Posts: 32
Registered: ‎Thu 04-Feb-2010
0

How does web protection work?

Hello, 

 

A few of our security guys are asking how the sophos web protectiong actually works before implimenting it.

 

I know an LSP is created on the machines network stack to intecept traffic etc but im wondering how the client actually knows if the site is bad. Is a DB downloaded to the client or is each web request made sent to sophos via some sort of DNS or other kind of lookup. If its a DB downloaded does anyone have any idea on DB size etc?

 

Best Regards

 

Dave J

Executive VIP
QC
Posts: 4,319
Registered: ‎Mon 23-Nov-2009
0

Re: How does web protection work?

Hello Dave,

 

in short, it does DNS lookups for classifying sites (to block malicious ones).

When download scanning is enabled the content will be scanned "on the fly" (AFAIK the scan will also use live protection if enabled). There's no extra database involved.

 

Christian