1. Field of the Invention
The present invention relates generally to computer security, and more particularly but not exclusively to methods and apparatus for filtering computer network traffic.
2. Description of the Background Art
Computers coupled to the Internet may access websites to view various kinds of information. The websites, which are hosted on web servers, include one or more web pages that may be displayed on a web browser of a user's client computer. Each web page has a corresponding network address, commonly referred to as a URL (uniform resource locator), that allows a web browser to locate the web page. The web browser may be pointed to the URL to render the web page on the browser for viewing by the user.
URL filtering involves monitoring of URLs to identify those that belong to prohibited websites. The websites may be prohibited by policy or other reasons. For example, a corporate computer network may prevent viewing of web pages from pornography websites. In that case, a URL filter may be configured to block URLs belonging to pornography websites. When a web browser attempts to access one of the blocked pornography websites, the URL filter will recognize the URL and block the access.
URL filtering may be performed at a gateway of a computer network. The conventional approach to URL filtering at a gateway is as follows. A user employs a web browser to access a website. The browser accordingly connects to the website by way of the gateway. The gateway performs URL filtering on the website's URL, and forwards the browser connection to the website if a policy allows access to the website. The server hosting the website returns a set of URLs, which may be in HTML (hyper text markup language) form or gzipped file, along with the main content. The browser renders the main content and then extracts individual URLs from the set. For every extracted URL, the browser makes a separate HTTP (hyper text transfer protocol) connection to the appropriate server. Thus, if there are 25 URLs in the set, the browser opens 25 simultaneous HTTP connections. The gateway performs URL filtering lookup for each of the HTTP connections and takes appropriate actions (e.g., block, allow, etc.).
As can be appreciated, even when the gateway utilizes caching functionality to ensure that URL filtering lookups are done locally, each of the aforementioned HTTP connections consumes the gateway's computing resources, thereby affecting the gateway's performance.