Hardware based web filters are appliances that can be installed on a network inside a firewall to provide web filtering in a centralized place. The appliances also do not require the use of software to be installed on computers on the network making the appliances easier to configure and manage, especially in large environments.
Web filters not only block certain content from reaching a computer on the network, but the Web filters also log and generate reports based on the activity on the network. The activity report typically contains the computer or user activity including violations to the filtering policy. Web filtering reports for policy violations show web site activity as well as violating activity.
Web filters that block access for particular users or groups of users cannot block access to a domain that shares at least one IP address with another domain and that shares a certificate with another domain.
The Internet domain cannot be uniquely identified when the Internet domain has at least one IP address that is shared with another Internet domain and the Internet domain has a SSL certificate that is shared with another Internet domain. For example, the domain mail.google.com cannot be uniquely identified because mail.google.com shares a number of IP addresses with www.youtube.com and mail.google.com shares an SSL certificate having a domain name of ‘*.google.com’ with www.youtube.com. If either www.youtube.com and mail.google.com did not share at least one IP address or did not share a SSL certificate, then the IP address of mail.google.com could be uniquely identified and then mail.google.com could be blocked as required.