member sign-in
Forgot password? Create new account Close

Secure Web Gateway

Definition

Secure Web Gateway (SWG) technology combines anti-malware, URL filtering, Web content filtering, bandwidth management, application control and caching capabilities in order to SECURE, MONITOR and CONTROL Web 2.0 traffic, whether it is encrypted or not.

User Benefits

Browsers are the least-protected and therefore easiest medium for transferring malware, which helps to explain the increase in browser-based attacks. Cybercriminals are constantly creating innovative attacks such as spear phishing and bogus “money-saver” websites to take advantage of employees and inadequate IT safeguards. Employees themselves are sometimes guilty of visiting sites that are dangerous or simply inappropriate. In either case, the web can seem like a minefield for organizations trying to conduct legitimate business. Secure Web Gateway technologies defuse the bombs.

The most important feature to be considered for a Secure Web Gateway solution is security. Real-time detection that goes beyond file signatures is an important differentiator. Vendors that can appeal to a cloud infrastructure that constantly analyze the traffic from different geographical areas through sensors, can offer better protection against new and unknown form of malware by immediately updating the URL databases and virus definition database for all customers in real time.

The technology offers protection against threats arising from Internet browsing. In this way, the network is protected, because each page viewed is analyzed before being displayed (if it is not already indexed in the database).

Application control is an increasing requirement as organization tries to reduce costs and to improve the performance of business applications.

Reporting capabilities for Web usage, based on user/user group, IP level, time frame, malware detected, URL categories accessed, will offer a broad view on user activity and will also to quickly identify problems and to take measures to mitigate them.

Business Impact

Web became a platform for business and social activities and many employees require access for daily business operations. Although there are great benefits for an organization from using Web as a business driver, there are also some downsides: legal liabilities and losing of information can have a major business impact: losing market position, customer trust and so on.

 Secure Web Gateway technology offers protection, cost optimization and increase productivity by:

  • Minimizing the risk of exposure to malware;
  • Eliminate problems of legal liability due to inappropriate surfing of employees;
  • Prevent the transmission of confidential information outside the network through protocols which are analyzed: HTTP/S, FTP;
  • Providing and improving application performance by prioritizing traffic capabilities;
  • Reporting user activity.

Secure Web Gateway technology can be found in different forms: hardware based, software based, SaaS or hybrid and can be deployed in various ways in order to fit business needs.


Products supporting this technology

Forcepoint McAfee Zscaler

Secure web gateway is the next logical step on the road to upgrade from your standard URL filtering solution because it offers more capabilities and protection filters. A simple URL filtering solution can block or allow users to access internet resources. It also offers some security features and it is a good technology when it we are talking about productivity.

In addition, a Secure Web Gateway solution offers anti-virus scanning for Web traffic, caching capabilities to accelerate internet traffic and minimize the bandwidth usage and content inspection to mitigate the loss of confidential data through Web channels, HTTP/HTTPS and FTP.

Popular and trusted web sites continue to be the leading source for hidden malware downloads from injection attacks. The malware attacks are moved from the e-mail side to the browser side.

Web users don’t have to explicitly click on or download any content to have their own machines infected. Simply browsing an infected site enables these injection attacks to download malware enabling hackers to collect information for profit or expand their resource pool of computing devices.

The principal challenges for the network and security teams consist in:

  • Security: a Secure Web Gateway solution should offer continuous protection against online threats, malware and data leaks, including those hiding in encrypted traffic.
  • Visibility: a Secure Web Gateway Solution should offer a complete visibility in the internet activity
  • Reporting capabilities: to identify the usage patterns and to have capabilities to take appropriate measures.
  • Protection for mobile users: mobile users should benefit from the same level of protection even if they are outside organization.

A modern Secure Web Gateway solution should provide all those capabilities and will allow organization to mitigate the threats, cutting cost and to be compliant with standards and regulations.

A Secure Web Gateway solution can be implemented in different modes:

Inline, explicit, SPAN or transparent mode. Every mode has advantages and disadvantages.

  • In an inline implementation, all Web traffic will be intercepted and flow through the gateway. There is no chance of a user bypassing the controls set by the administrator as long as the device is inline and is the only path available to the Internet.

The disadvantages come from the fact that such implementation brings a single point of failure. Even if the solution is designed to failover traffic in case of failure, an organization should prior analyze if such risk is acceptable.

  • Explicit deployment is commonly used when a Web gateway is deployed in a larger network, and the design of the network requires there to be no single point of failure.

The main advantages of deploying a Web gateway in explicit mode include narrowing the amount of traffic processed by the Web gateway and the ability to more easily implement redundancy for Web gateways in your environment. You can redirect to the gateway only HTTP/HTTPS/FTP traffic.

The disadvantage of explicit mode deployment involves IT administrative overhead as each client station needs a configuration change in order to work properly. Even if the workload is reduced by using PAC file distribution through a directory service, any error in configuration of an end-user system will result in a helpdesk call and require an action to rectify the situation.

  • Transparent deployment allows a Web gateway to be deployed in any network location that has connectivity reducing the need for a configuration change to the network to implement.

The main advantages of deploying a Web gateway in transparent mode include narrowing the amount of traffic processed by the proxy, and the ability to more easily implement redundancy of the Web gateway. In addition, transparent deployment does not require changes to end-user systems.

Transparent deployment does depend on the availability of either Web Cache Communication Protocol (WCCP)or policy-based routing (PBR), a technique used to make routing decisions based on policies set by the network administrator, and support for these by the Web gateway. Typically these are available only on more sophisticated Web gateways.

  • SPAN Port Deployment relies on TCP resets to implement the policy of the Web gateway. A Web gateway is deployed by attaching it to a SPAN port on a switch.

SPAN port deployments are advantageous for large scale deployments because the monitoring mode typically uses fewer resources than inline, explicit or transparent. SPAN implementation present a lot of drawbacks and a serious Web gateway deployment should avoid this methodology.

The choice between inline, explicit and transparent, has to be done based on the needs and resources of the organization.

  • manufacturer
  • Proxy Cache
  • Acceleration Capabilities
  • Network DLP