Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

----- Original Message -----

From: "Simon Westlake" <> 
Sent: Tuesday, February 13, 2018 9:54:27 AM 
Subject: Re: [AFMUG] Content filtering - Trustwave 

HTTPS content filtering should be easy, assuming they have a database of sites 
to filter, and they're not doing it on the fly. For TLS <= 1.2 at least, you 
can use to get the 
hostname that the client is attempting to connect to. 

Last I read, TLS 1.3 is encrypting/getting rid of SNI, which means if/when TLS 
1.3 comes into play, all bets may be off. I think Procera is looking into 
things like machine learning and DNS inspection to try to deal with this, but 
it is a constant back and forth. 

On 2/8/2018 12:40 PM, Randy Cosby wrote: 

Also ask about how they filter HTTPS (i.e.: over 73% of the sites in America).

From: Af [ ] On Behalf Of Adam Moffett 
Sent: Thursday, February 8, 2018 10:33 AM 
To: ; 
Subject: Re: [AFMUG] Content filtering - Trustwave 

Thanks for the tip! I'll be sure to ask them in the engineering call next week. 

------ Original Message ------ 

From: "Cassidy B. Larson" < > 


Sent: 2/8/2018 11:48:11 AM 

Subject: Re: [AFMUG] Content filtering - Trustwave 


Ask them about IPv6. I’ve been asking for years. No movement, no plans. They 
say I can bridge v6 through it and block all v6.. but that’s not a solution. 


On Feb 8, 2018, at 9:30 AM, Adam Moffett < > wrote: 

Unrelated to Chuck's thread, we started talking internally about offering 
content filtering as a value add. 

An initial conversation with Trustwave seemed promising, and I'm supposed to 
have a follow up to discuss tech details later. 

But does anybody still do this? Is there still consumer interest? How much 
are/were you selling it for? 



Simon Westlake | CEO (702) 447-1247 

Reply via email to