Characteristic of Net.purum

The whole application is divided into three parts - server, administration and testing. The server part makes content filtering, using settings which are defined in the administration center. The testing part can be used for settings verification.


Users from local networks use a proxy server, from where the Net.purum filter is activated

Net.purum can block:

  • Infected files
  • Advertisements
  • Use of method POST
  • Cookies
  • Prohibited categories of web pages
  • Prohibited file extensions
  • Prohibited search terms i.e. in search engines
  • Specific language
  • Users who exceed a pre-set monthly data transfer size limit
  • Prohibited "Content-type" in a HTTP answer

Exactly what, and how to block, can be set very specifically for each user group.

Rules for blocking are sorted into categories. All users are included in groups and into each group, blocked categories can be assigned.

Blocked parameters can be set for groups of users, with additional settings for individual users. Furthermore there is a list of allowed servers (White list), a limit for size of transferred data and finally a limit for time spent with connection to Internet.

Net.purum contains two basic user groups:

  1. Spare-time(Each group has defined working time. When a user of any group is out of this time, then the Spare-time group is used.)
  2. Unknown users (A new user is always assigned into this group.)

Users can be defined by IP address or by login name. However, the login name can only be used when NTLM authorization is enabled for proxy server. Users can be imported from the Active directory.

There are 57 categories, which are grouped into folders.

Basic folders of categories:

  • Nudity
  • Ordering
  • Society / Education / Religion
  • Criminal Activities
  • Extreme
  • Games / Gambling
  • Entertainment / Culture
  • Information / Communication
  • IT
  • Drugs
  • Lifestyle
  • Private Homepages
  • Job search
  • Finance / Investing
  • Transportation
  • Weapons
  • Medicine

Each category contains certain phrases. These phrases define the categories, and could be: server addresses, rules for text censors, file extensions, search themes etc. All the phrases are stored in a database, and this database can be updated via the Internet. The recognition of categories is still constantly improving.

The administrator of the Net.purum system can use his own phrases for any category and these phrases also have the highest priority. If the same phrase already exists in a different category, then the administrator's settings are used.

The administrator of Net.purum can also create new categories, where he can, in turn, then define phrases (server address, extensions, Content-type etc.). New categories can be prohibited for any user group.

Blocked web pages can create very important feedback. Users can ask the administrator to allow a blocked server or blocked category, as the blocked page includes an easy wizard to submit a request to the administrator of the Net.purum system. The administrator will receive an email about each new user request and can immediately open a special program in which he can modify the configuration. The administrator can also see the pages which were trying to be accessed before the requested change, and comment to the user who sent the request.

Work with server address

Internal Net.purum databases contain server addresses. It means that if a database includes yahoo.com, then all the following addresses are matched: http://shopping.yahoo.com/, http://finance.yahoo.com/, http://finance.yahoo.com/bp.

As you can see, the content can be very different; therefore it is important to insert the exact server address where the content is of an expected category.

Structure of Net.purum

The main part of the whole system is the proxy server, where it is used by the web proxy filter - Net.purum filter (This is the server part of Net.purum). The server receives all user requests to access the Internet. The Net.purum filter reads the server address, content-type, file extension etc. and then analyzes the situation, and defines if user request should be allowed or blocked.

Rules are defined in the administration center for each group of users.

A very important part of this whole system is the Evaluation center. This center tries to improve the Net.purum database with phrases for each category, and furthermore this center receives user feedback. An improved database from the Evaluation center is in turn updated into all installations of Net.purum.

User interactivity

If Net.purum blocks a web page, the user can see the reason and if required, can then ask for unblocking.

There are two reasons for requests for unblocking:

  1. Working reason - this request is send to Net.purum administrator for local network
  2. Publishable content, or wrong web page categorization - this request is send to the Evaluation center

When a user fills in a request for a change, he can then see text from the blocked page. This text can improve the quality of the users request.

All allowed web pages are sent without change.

Antivirus protection

Certain downloaded files will be tested by the antivirus; the selection of those files depends on the file type.

Cookies and Referrer filter

Web browser cookies often contain unwanted information about the user. Net.purum can block cookies for selected categories, and the Net.purum administrator can, in addition, define server addresses where cookies will be blocked.

When users browse between web servers, the web server logs the location the user came from. Referrer information can be also deleted by Net.purum system.

Forms

Net.purum can block method POST. This method is used when a user sends information compiled in a web browser form. Web pages can be still be viewed, but users cannot send any data. It can also block web mail clients, because logins use usually method POST.

Reports

All user activity is stored in the Net.purum database. The Net.purum administrator can see very detailed information about users and reports can be generated immediately, or by schedule, in the administration center. Scheduled reports are exported into selected formats (for example into Adobe reader) and the results are sent by email.

Example of reports:

  • Size of transferred data for each user.
  • List of all visited pages sorted by access.
  • List of all access for defined period.
  • List of blocked pages for each user.
  • Net.purum configuration for all user groups.
  • List of all downloaded infected files.

Advertisement filter

Net.purum can block server addresses which are defined as advertisements, or it can block pictures with advertisement type and size. For example GIF with size 468x60 is usually advertisement.

Language blocking

Net.purum can recognize languages which are used in web page texts. We support German, English and Czech at this moment, and those languages can be blocked.

Text Censor

The text of web pages can by analyzed by the text censor. The text censor tries to assign text to a category, and if this category is blocked for the current user, the page is then blocked by Net.purum. The system can also block search themes, or file extensions.

"Content-type" blocking

In HTTP protocols, there contains an answer header with the line Content-type. This content-type defines several data types i.e. text, image, application etc. The administrator of Net.purum can define what Content-type will be blocked. For example: application/x-shockwave* will block applications from shockwave (FLASH).

User limits

Net.purum can set limits for each user. Each user can have a limit for transferred data, and a limit for time spent with an Internet connection.

If a user reaches any limit, then all access to the internet is blocked. However, each user will receive a warning email when 80% of that defined limit is reached. The administrator of the Net.purum system also receives message about users who are close to depletion.

Users can visit an information web page where their limits and current values can be viewed.

Allowed server addresses (White list)

An individual user can be allowed access to a list of servers which are not valid in the settings for other user group. An antivirus test is used for servers. The rest of the traffic is without white list limitation for servers. (Text censor, advertisement filter, cookies blocking, category blocking etc. is not used).

Net.purum also offers a global White list. Servers from the global white lists are allowed, without restriction, for all users.

Compression and Database backup

The database includes detailed information about each users activity. Obviously the size of the database grows quickly in large networks, so Net.purum also offers a function which can delete old data from the user activity log in the database. Before that operation, all the basic data about user activity (list of servers, size of transferred data and time spent with internet connection) is stored. The size of the database is therefore stable when Net.purum deletes the old records.

Net.purum can also backup the whole database periodically.