A secure web gateway is used to protect an organization from online security threats and infections by enforcing company policy and filtering Internet-bound traffic. Sitting between users and the Internet, secure web gateways inspect web requests against company policy to ensure that malicious applications and websites are blocked and cannot be accessed. A secure web gateway includes features such as URL filtering, application controls, data loss prevention, antivirus, and https inspection.
URL Filtering controls access to websites based on URL to prevent employees from accessing malicious or inappropriate content and to enforce bandwidth restrictions on streaming services. Internet traffic is either prevented or granted based on URL category, users, groups or machines. With URL filtering, administrators can obtain information on which employee is accessing which websites, and when they are accessing them.
Application control provides administrators with the ability to create granular security policies based on users to identify, block or limit usage of web applications and widgets. This ensures that the data being used by and shared between applications is private and secure within an organization.
Data Loss Prevention
Data loss prevention (DLP) ensures that critical and sensitive information is not sent outside of an organization’s network. Data loss prevention preemptively protects your business from unintentional loss of valuable and sensitive information by monitoring data movement and adhering to industry compliance regulations and standards.
Antivirus software is designed to prevent, detect, and remove software bugs such as viruses, Trojans, and adware. Antivirus uses real-time virus signatures to proactively stop threats and manage security services to monitor your network for efficient incident response and attack resolution.
Https inspection on secure web gateways scans and secures SSL encrypted traffic passing through the gateway. Gateways using https inspection decrypt the traffic with the sender’s public key, inspect and protect, then re-encrypt the content to send back to the sender. Encrypted content passing through a gateway that does not have to be inspected such as access to financial or healthcare websites can be bypassed with a simple administrator policy definition.
According to the 2019 State of IT Security survey conducted by eSecurity Planet, web gateways are one of the top IT security spending priorities, and a security technology that users have the most confidence in.1 Although these gateways have been around for some time, their popularity and the need for strong security while accessing the Internet and web applications remotely, is not expected to diminish any time soon. Analysts expect a 20% growth in the web gateway market, with sales projected to more than double by 2025, reaching $12 billion. Furthermore, leading analysts notice there is a trend in how Secure Web Gateways are deployed. The market for cloud-hosted secure web gateway services is now outgrowing the market for appliance-based secure web gateways as more organizations move to the cloud.
1 Over Half of Companies Are Upping Spending on IT Security: eSecurity Planet Survey