Add 'Uncategorized' to Category Filters
Many malware attacks and other vulnerable websites (such as those used in zero day attacks) show with no website category affiliation.
I have seen three zero days in the last week that were not blocked nor categorized, and would think this is an easy fix for doing new threat evaluation.
Can you guys please add a category for 'un-categorized' (or whatever you want to call it) to the domain reporting tab?
Thanks!
-
Too late.
Duplicate of https://support.opendns.com/entries/21679895-Block-sites-that-are-not-that-are-not-present-in-your-database and others.
-
Hi Jeff,
We have some advanced security categories as part of our enterprise/business product lines, meant especially for preventing and defending 0 day threats, and threat evaluation. That kind of advanced filtering aren't part of what the OpenDNS consumer software was designed to do. You're welcome to try a 14 day free trial (with all the features) to check this out. It also allows easy creation of your own block lists.
http://www.opendns.com/enterprise-security/packages-and-pricing/
Best,
Matt
-
Hi Jeff,
My apologies!! This post is in the OpenDNS Community, rather than the Umbrella community, which was my oversight (and I should have checked your account).
I'll have a look at the ticket, if you could expand a bit more on your feature request? Could it be summarized as "If OpenDNS doesn't know about this website (no category at all), then block", sort of a pseudo-allow list?
Best,
matt
-
Apologies for not being clear and posting in the wrong forum.
I just want to know if you guys can add a category in the reporting options for "uncategorized domains". I don't want an auto block anything, that's wayyy to aggressive.
I just like to be able to review the uncategorized domains so I can ensure that no zero days, spyware, etc. are leaking through the filters unnoticed.
Right now i don't believe there's a good way to report on uncategorized domains.
Thanks
-
Hey Jeff,
I'm going to agree w. you on the 'way too aggressive', that kind of "Block everything I don't know about" approach doesn't work with CDNs that constantly change to deliver the content embedded in most sites these days.
It's a good idea though, I'll check to see if this is something we can deliver and let you know.
Best,
Matt
-
So you want two new features .... an unknown category that is going to break CDN's and all sorts of other domains and websites that aren't categorized yet, but likely have nothing to do with malware or malicious sites, and a pseudo-bypass feature that allows users to click through on domains that aren't yet categorized. Would you like this on the free service, or one of the pay services? Who will provide support to all of the users who start complaining that the "internet is broken" when they can't get to websites because the CDN that is behind the scenes and generally not visible or categorized is blocked?
-
I would like to be able to block uncategorized traffic as well. We have a large number of PCs that we don't want to be able to "surf" the internet. We only want to allow them to some specific approved internet resources. The CDN concern is not an issue. An example of this would be a point of sale system that would only need to be able to access the internet for processing credit cards.
Microsoft licensing also allows for licensing computers as an "Industry Device", which is much cheaper than licensing other workstations under the Microsoft VLA. However, to do this the company needs to "employ technically enforced policies or architecture to operate only when used with the Industry Program functionality".
Couldn't OpenDNS give the option and just flag it as "Not Recommended" or something like that? -
The ability to filter uncategorized websites specifically is not something that's planned at the moment, but it is possible for users with "Whitelist only" packages to toggle that filtering settings and then allow the domains they want allowed. We don't often recommend this as a strategy because it will impact many websites that the user doesn't intend to filter, but it is an option for those users who want this ability.
-
I've used other vendor based solutions that had "uncategorized" filters and they worked well for my needs. I wish umbrella at least had the option for those of us that it may work for....understanding that it may break a lot of things for some folks but having the option is essential. We get phishing campaigns all the time that have links that are not caught by umbrella even though we have all of the security categories checked along with blocked "newly seen", "phishing attacks" and all of the other security categories blocked.
Please sign in to leave a comment.
Comments
14 comments