A secure web gateway protects an organization from online security threats and infections by enforcing company policy and filtering Internet-bound traffic. A secure web gateway is an on-premise or cloud-delivered network security service. Sitting between users and the Internet, secure web gateways provide advanced network protection by inspecting web requests against company policy to ensure malicious applications and websites are blocked and inaccessible. A secure web gateway includes essential security technologies such as URL filtering, application control, data loss prevention, antivirus, and https inspection to provide organizations with strong web security.
URL Filtering is a web security solution that controls access to websites based on URL to prevent employees from accessing malicious or inappropriate content and to enforce bandwidth restrictions on streaming services. Internet traffic is either prevented or granted based on URL category, users, groups or machines. With URL filtering, administrators can obtain information on which employee is accessing which websites, and when they are accessing them.
Application Control provides administrators with the ability to create granular web security policies based on users to identify, block or limit usage of web applications and widgets. This ensures that the data being used by and shared between applications is private and secure within an organization.
Data Loss Prevention
Data Loss Prevention (DLP) ensures that critical and sensitive information is not sent outside of an organization’s network. Data loss prevention preemptively protects your business from unintentional loss of valuable and sensitive information by monitoring data movement and adhering to industry compliance regulations and standards.
Antivirus software is designed to prevent, detect, and remove software bugs such as viruses, Trojans, and adware. Antivirus uses real-time virus signatures to proactively stop threats and manage web security services to monitor your network for efficient incident response and attack resolution.
Https inspection on secure web gateways scans and secures SSL encrypted traffic passing through the gateway. Gateways using https inspection decrypt the traffic with the sender’s public key, inspect and protect, then re-encrypt the content to send back to the sender. Encrypted content passing through a gateway that does not have to be inspected such as access to financial or healthcare websites can be bypassed with a simple administrator policy definition.
Secure web gateways and firewalls, especially NGFW, are similar because they both provide advanced network protection and are able to identify friendly vs. malicious traffic. However, secure web gateways mainly identify and protect against advanced Internet-based attacks using web traffic inspection at the application layer. Though Next Generation Firewalls also inspect Internet traffic, these firewalls primarily use deep packet inspection to identify and allow safe applications into the network, while blocking and controlling dangerous applications. In the years to come, the technologies and features of secure web gateways and Next Generation Firewalls will continue to develop and become more sophisticated. Both of these security solutions are essential components for any organization’s security architecture.
According to the 2019 State of IT Security survey conducted by eSecurity Planet, web gateways are one of the top IT security spending priorities, and a security technology that users have the most confidence in.1 Although these gateways have been around for some time, their popularity and the need for strong security while accessing the Internet and web applications remotely, is not expected to diminish any time soon. Analysts expect a 20% growth in the web gateway market, with sales projected to more than double by 2025, reaching $12 billion. Furthermore, leading analysts notice there is a trend in how secure web gateways are deployed. The market for cloud-hosted secure web gateway services is now outgrowing the market for appliance-based secure web gateways as more organizations move to the cloud.
1 Over Half of Companies Are Uping Spending on IT Security: eSecurity Planet Survey
By delivering a full enterprise security stack from the cloud, Check Point’s Harmony Connect Internet Access is able to prevent threats, control access and protect data, so users are equally protected and productive when remote or in the office.