Router based solution for block csai URL:s in high performance networks without affecting the ISP-core and with the possibility to share one appliance among several ISP:s.

Control access to illegal sites across multiple networks
The Netclean WhiteBox System is designed for ISPs and carriers who wishes to block access to web sites containing child sexual abuse images (csai). The system can be used to block unwanted web access throughout networks or even groups of networks such as across multiple ISPs within a country or a region.

Technical description
The NetClean WhiteBox fetches a blocklist and converts it into a list of IP-addresses. These addresses are announced via BGP to the ISP-routers with the intent of redirecting this traffic via the NetClean WhiteBox. A deep packet inspection device matches the requests in the traffic against the blocklist, and if there is a match, a blockpage is displayed instead of the
requested page, otherwise, the traffic is forwarded to the destination unaltered. From a network point of view, the WhiteBox is installed as a router which announces suspected IP-numbers through BGP to the core network.

Possible installation
The solution is very flexible and can easily be deployed and managed in several ways to grow with the organisation.

One central appliance can be installed in the core network to implement blocking in that network.

The architecture of NetClean WhiteBox enables others ISPs or branches to tunnel to the centrally located appliance, even over country borders, creating flexibility and scalability.

The setup is possible due to that the WhiteBox is not proxying any traffic and that http-responses are routed the normal way which creates very low latency and load on the NetClean WhiteBox.

I am interested in learning more.