An organisation-approved list of domain names, or list of website categories, is implemented for all Hypertext Transfer Protocol and Hypertext Transfer Protocol Secure traffic communicated through gateways.
Topic
Allowing and blocking access to domain names
Applicable to
all
History
Priority
recommended
Mar 2022
An organisation-approved list of domain names, or list of website categories, is implemented for all Hypertext Transfer Protocol and Hypertext Transfer Protocol Secure traffic communicated through gateways.
The recommendation to implement a list of website categories for web content filters (ISM-1170) was merged into the recommendation to implement a list of organisation-approved domain names (ISM-0958) as an alternative approach.
Jan 2020
A whitelist of allowed websites, using either domain name or IP address, is implemented for all Hypertext Transfer Protocol (HTTP) and HTTPS traffic communicated through internet gateways.
Security controls 0958 and 0995 were merged and expanded to cover Hypertext Transfer Protocol Secure (HTTPS) traffic.
Dec 2019
Whitelisting is implemented for all Hypertext Transfer Protocol (HTTP) traffic communicated through internet gateways.
2015
Agencies should implement whitelisting for all Hypertext Transfer Protocol trafficcommunicated through their gateways.
2010
It is recommended agencies implement whitelisting for all HTTP traffic being communicated throughtheir gateways.