Netsweeper Glossary

 A comprehensive guide to web content filtering terminology.


Artifical Intelligence. The ability of a computer or other machine to emulate human thinking and learning processes. Netsweeper’s artifical intelligence engine has the capacity to keep pace with the massive growth of the internet. Netsweeper has accrued and strategically categorized over 4 billion URLs to add and adds millions every single day.



Application programming interface – this is the interface used by software components to communicate.


Bring your own device – visitors or employees own device on the network.

CIPA (Children’s Internet Protection Act)

This act requires that K-12 schools and libraries in the United States use internet filters and enable other measures to protect children from harmful content as a condition of receiving federal funding.


Client Filter

The Netsweeper Client Filter is an application installed on individual Windows or Apple OSX workstations. It intercepts internet traffic and communicates with a centralized Netsweeper Policy Service to make allow and deny policy decisions.



The Netsweeper Category Name Service (CNS) is a distributed cache of categorized URLs. There are two types of Category Name Servers: a public CNS (which is a CNS that is hosted by Netsweeper and available to multiple customers) and a private CNS (which is a CNS that is dedicated to an individual customer). Both CNS deployments operate in the same manner – taking categorization requests and processing them.


Content Filtering

Content filtering (also known as category filtering) is the sorting of URLs into subject categorys for subsequent filtering based on that subject content. It forms one of the core technologies used in the Netsweeper filtering system.



Counter Terrorism Internet Refferal Unit – list of URLs gathered by Metropolitan police force with links to extremist websites.

DNS-Based Web Filtering

Filtering web traffic using DNS queries. To deny the web traffic, the Netsweeper DNS server will respond with the IP address of a webserver hosting the deny page, instead of the real IP address of the website being queried.

Endpoint Device

Devices that are used by the users that are being filtered e.g. laptop, Chromebooks, tablets.


Explicit Proxy

In an explicit proxy configuration, the client (browser) is explicitly configured to use a proxy server, meaning the browser knows that all requests will go through a proxy. The browser is given the proxy address and port number of the proxy service.

GRE Tunnel

Similar to a VPN. Point-to-point link between a site and Netsweeper’s platform. Also referrs to methods used to point traffic at Netsweeper platform.


List provided by the IWF which contains URLs linked to child exploitation.


Malware is malicious software, program, or file that is considered harmful to a computer user. Malware can include computer viruses, worms, Trojan horses, and spyware. Malware can steal, encrypt, or delete sensitive data. It can also alter, hijack, and monitor a computer user’s activity without their knowledge or permission.


Man-in-the-middle Attack

Method used to by web filtering providers to decrypt encrypted HTTPS web traffic.

NS Proxy

Netsweeper proxy used in proxy-based filtering deployment. NSProxy is inline and behaves like a “man-in-the middle”. A web request is proxied to the NSProxy for inspection and if allowed, NSproxy will make a request to the webserver and pass the response back to the user.

Offline or Out-of-Band Deployment

Filtering deployment where Netsweeper only needs a copy of the outbound web traffic (HTTP and HTTPS). Aka as port-mirror based or passive deployment. Preferred by ISPs because it doesn’t slow down the traffic or become a network risk.



Ofsted is responsible for inspecting a range of educational institutions, including state schools and some independent schools.


Fraudulent attempt to obtain information or gain access under pretense of reputable contact. Occurs mainly via email.



Police Intellectual Property Crime Unit – list of URLs to protect copyright infridgements.



A set of filtering rules that control a group’s browsing access for a specified portion of a week. Policies can be used to assign categories. They can also have local and shared lists as well as their own deny page.


Prevent Duty

Government act to protect and prevent people from being drawn into terrorism.


Ransomware is a malicious software designed to deny access to a computer system or data with either encryptors or screen locks, until the victim pays a ransom fee to the attacker. Ransomware is commonly spread through phishing emails or by victims (both individuals and organizations) visiting an infected website unknowingly.


Real-Time (Dynamic) Categorization

The ability to categorize webpages in real time. Not list based.

SafeSearch Enforcement

Enforcement of SafeSearch functionality on all popular web search engines including Google, Bing, and YouTube.


Selective Decryption

The ability to selectively choose which URLs are decrypted (e.g. excluding banks from decryption).


SSL Decryption

The ability to see into encrypted HTTPS traffic (e.g. Google search terms).


Open source software used to mask an IP address/stay anonymous while searching the internet.


Transparent Proxy Server

Where the proxy setting is set in the network router (vs. explicit proxy where the proxy setting is set in the device).


Unified threat management – firewall, web filter, gateway anti-virus, intrusion detection and inspection, all in one.


Workstation Agent, a software agent installed in Windows & MacOS to update the Netsweeper Policy Server the IP address it’s currently using for the purpose of policy management.


Web Filtering

Web filtering is software that controls or restricts a user’s access to content on the internet. It is also known as URL filtering, content filtering, and internet filtering. There are two different ways to block access to websites — by category, or by URL. For example, you can block categories of websites such as Criminal Skills and Hate speech. Check out the different ways Netsweeper categorizes content on our Live Stats page. Individual URLs can also be blocked. Lists of specific websites to be blocked can be created, which is called a blacklist. Besides controlling the content a user can access, web filters can also prevent malware from infecting a user’s device. They also provide insight into the type of material a user is searching for, and can have timers to shut down access to selected websites for designated time periods.


Web Proxy

Method used to circumvent web filtering solutions.