Hybrid BGP and URL Filtering Systems are designed for the installation in large networks such as those used by carriers traditional single step URL filtering system would be impractical.
Purpose of Hybrid BGP and URL Filtering Systems
Hybrid BGP and URL Filtering Systems are scaled to a relatively big URL list (10.000.000 or so) so is more suitable for the blocking of illegal sites such as those containing terrorism or child sexual abuse images, etc.
How are Hybrid BGP and URL Filtering Systems Set Up
The system is set up as a BGP neighbor to a router that connects to the external Internet connection on the target network. It looks up the IP addresses of the URLs on the blacklist and advertises host routes for these to the target network with the filter as the next hop. Thus any web requests on the target network that try to access a site on the block list will be routed to the filter which will then inspect the URL. If a match is made to the block list then a blocking page is sent back to the browser, terminating the web session. If a match is not made then the request is forwarded unaltered to the destination site.
Advantages of Hybrid BGP and URL Filtering Systems
The main advantage of this system is that the amount of filtering capacity required is relatively small due to the fact that only the traffic that is going to the IP addresses relating to the block list is being inspected. This means that the system can be installed in large networks such as those used by large national ISPs and international carriers. An early example of this technology was a system created by British Telecom (BT) called Clean Feed. This is used by them to block access to web sites containing child sexual abuse images on their network in the UK
it uses external BGP so can be hosted externally to the target ISP network and one filtering node can support multiple ISPs.
TRscaler with hybrid BGP Technology does not use proxying and therefore does not have the transparency and scalability issues.