Internet Filtering
The Internet filtering module provides administrative control over Internet use and downloaded data. The module can block potentially unsafe resources and, when necessary, websites that are not work-related.
To examine the safety of the websites requested by users, it employs reputation services, content types (photo, video, text, etc.), special UserGate-provided morphological dictionaries, as well as URL and Useragent black and white lists that the administrator can use to block or allow certain browser types. NGFW supports the creation of custom black and white lists, content types, morphological dictionaries, and Useragents that can be applied as rules to users and user groups.
Selective Ad Blocking
Even otherwise safe websites can still contain undesired images in banners that the resource owner has no control over. UserGate solves this problem by blocking banners and protecting users from unwanted content.
Safe Search Activation
NGFW allows you to forcibly activate the safe search feature for Google, Yandex, Yahoo, Bing, Rambler, and Ask search engines, as well as the YouTube portal. This protection can be highly effective, for example, at filtering responses to image or video content requests. You can also block search engines where safe search is not implemented.
Social Network App Blocking
In NGFW, you can block games and other apps for the most popular social networks, such as Facebook. Administrators can allow the general use of social networks while controlling and restricting unproductive activities.
Code Injection into Webpages
The Inject Script feature enables you to insert the desired code into all web pages viewed by users. This capability can be used to obtain various metrics, hide certain web page elements, and show ads or other information.
SSL Traffic Inspection
In addition to plain traffic, the UserGate platform supports filtering of encrypted traffic (HTTPS, SMTPS, POP3S) by decrypting it using the MITM (Man In The Middle) technique, signing it with a trusted root certificate, and re-encrypting it after analysis. You can configure selective traffic filtering --- e.g., exclude resources in the "Finance" category from decryption.
VPN and Web Portal
A VPN (Virtual Private Network) is used to set up virtual logical networks that operate on top of other networks, such as the Internet. UserGate supports two types of VPNs, Remote Access VPN (client/server model) and Site-to-Site VPN (server/server model).
Для создания защищенных туннелей используются протоколы L2TP/IPsec или IKEv2/IPsec. UserGate has its own VPN client, UserGate Client, and also supports working with standard clients for the majority of popular operating systems, including Windows, Linux, Mac OS X, iOS, Android, and others.
The web portal (SSL VPN) can be used to provide secure access for company employees to internal web resources, SSH servers, and terminal servers without the need to install a dedicated VPN client, using only the HTTPS protocol.