With the Internet being a big part of most people’s lives, any Wi-Fi connectivity is a benefit for customers. This includes industries such as transportation where customers can take advantage of a bus’s Wi-Fi connection that provides Internet access to riders. With so many different customers using corporate Wi-Fi, it’s imperative that administrators take steps to protect the network from malicious content and cyber attackers. One way to protect bus fleet Internet connections is using DNS-based content filtering.
High-Bandwidth Applications Waste IT Budgets
Bus fleets have several benefits to a traveler, but large fleets that provide Internet connectivity are a major draw for customers. These are especially beneficial for customers and travelers that need to ride long distances for their destination. Internet connectivity gives travelers a way to spend time on games and applications from a smartphone, laptop or tablet.
Small applications such as checking email or using data for text messages are light on a Wi-Fi’s bandwidth usage, but high-bandwidth applications can be a problem when several people are using the same limited bandwidth for Internet communication. High-bandwidth applications should be filtered to provide a good experience for all users that run applications over a Wi-Fi connection.
What you consider “high bandwidth” depends on a corporate baseline and the IT budget that supports costs for public bus Wi-Fi. An organization’s IT administrators must determine the type of applications that will be blocked versus which ones are acceptable. Several conditions should be considered such as if the application could expose a vulnerability in the Wi-Fi or customer devices. Another issue is if the application could be used for malicious purposes. Finally, IT administrators should consider if the application will take all bandwidth from others on the bus Wi-Fi.
IT costs are usually the biggest issue for organizations. High-bandwidth applications can cause IT costs to skyrocket, which could hurt a yearly budget. Some examples of high-bandwidth applications that administrators could consider to filter include:
- Video streaming
- Online games
- Large file downloads from possibly malicious sites
- Adult content
- Account takeover tools
- Compromised IoT devices susceptible to DDoS attacks
This list isn’t exhaustive, but it covers some of the main applications that can waste bandwidth and increase IT data costs. It also covers the applications that can compromise the integrity of the network and allow attackers to use bandwidth for malicious purposes.
The goal of an IT person this situation is to provide open public Internet access for legitimate travelers while blocking malicious content or unnecessary data transfers. This can be done using a DNS-based content filtering system.
DNS-Based Content Filtering
IT administrators have several options to block content. Most traditional methods are partially effective, but DNS-based content filtering lets administrators block high-bandwidth applications and malicious content such as phishing or attack sites with malware downloads. This method blocks most of the content even if an attacker is able to bypass traditional content blocks. DNS-based content filtering takes advantage of the DNS protocol that every application uses when it connects to the Internet.
When a user connects to the Wi-Fi service, they also have a name server configured. This name server performs DNS lookups when a user connects to an application over the Internet. The DNS process sends a domain name to the name server, and then the name server sends back the IP address associated with the application server. DNS is a critical component in Internet processes, so it’s an unavoidable way of using the web unless a user remembers the IP address. Even if the user uses the direct IP address of an application server, an IT administrator can block it from being usable on a private network.
By using DNS-based content filters, IT administrators can block a majority of sites that could exhaust network resources. Since any application that connects to the Internet must use DNS resources, an organization has a direct way to block unwanted content including any application that might take up too much bandwidth.
Should an attacker switch to phishing, some email servers won’t catch direct email messages. These phishing emails could have links to them that take a user to a website where downloadable malware could be available, or the site asks for the user’s credentials. Using DNS-based content filtering, even if an attacker switches the attack vector, the URL would still be blocked when the user clicks on it.
With DNS-based filtering, administrators can stop these applications before they reach the network, saving the organization from malware but also costly resources and data bills.
If your business would like to take control over the online activities conducted over your Wi-Fi network, enforce acceptable use policies and provide a safer browsing experience for all your network users, we invite you to try our Wi-Fi software filter, WebTitan. A free trial offer will give you the opportunity to evaluate WebTitan Cloud for Wi-Fi in your own environment and see first-hand the benefits of implementing WiFi filtering software.
Summary of Features of WebTitan Cloud for Wi-Fi
- 100% cloud-based.
- No software downloads necessary.
- No need to purchase hardware.
- Control web filtering settings from multiple routers via a single web-based administration control panel.
- Protect customers from phishing websites, malware, and other Internet threats.
- Protect your network from unwelcome users and compromised apps.
- Dual antivirus engines and regular software updates.
- Allows the creation of policies and policy exceptions via whitelisting and cloud keys.
- Supports dynamic and static IP addresses.
- No restriction on devices, bandwidth, or the number of hotspots.
- Our Wi-Fi filter software has imperceptible latency.
- Highly granular controls allow extensive control over Internet content.
- Includes a full suite of on-demand and schedulable reports.
- Can be supplied as a white label product to MSPs with a range of hosting options.
- Includes a host of APIs to integrate the solution with auto-provisioning and billing systems.
WebTitan for Wi-Fi is designed to be simple and cost-effective so you can get full-featured Wi-Fi protection on your fleet of vehicles quickly and easily. To find out more, please contact our helpful and friendly team of security experts today.