How SWG Appliances Are Coping With Sophisticated Threats
A secure web gateway (SWG), in its early rudimentary implementation, is a firewall built at the application layer that performs uncomplicated evaluation of preset rules in order to either allow web content to pass through, or block it. Web connected businesses originally put it in place to restrict employees’ use of the Web according to established company policy – for example, non-use of public email services like Hotmail or Yahoo Mail in corporate workstations – to protect the privacy of online business communication.
Since the beginning, Web access requires the use of a web browser application. Luckily for the users, browsers were made available to the public for free – and have remained free until now. However, the design of the early generations of browsers apparently overlooked three important considerations: the browsers were to be used in a basically unsecure environment; they were prone to running various types of untrusted code; and they could pass data around without checking for possible risks. Some undesirable elements of the Web community saw the weaknesses in browser design as an opportunity to do all sorts of mischief at the expense of well-intentioned users. Web security issues quickly entered the picture. In spite of new security features added into each release of updated web browser versions, security threats persisted.
As Web technologies rapidly developed within only a few years from the time the Worldwide Web first became available to the public, security threats also rapidly increased in number and in level of sophistication. This triggered a rapid evolution of SWG technology and ushered the birth of commercial SWG appliances. Enterprises that depend on the Web for their daily operations need the added level of protection SWG provides.
SWG appliances cope with current known security threats by coming up with appropriate counter-measures in the form of new features and controls; these include, but are not limited to:
- support for data loss prevention (DLP)
- improved URL filtering mechanism
- better malware detection
- behavioral analysis, data “fingerprinting”, content control, reputation analysis, browser code scanning in real time, and other types of analytics
- expanded administrator control of Web/email/data traffic
- analysis and control of dynamic web page elements
- control of access to web services based on parameters such as time of the day or Web activity level
- capability to adjust bandwidth utilization parameters
Enterprises looking for SWG solutions need to be aware that there are many SWG appliance vendors, and SWG appliances don’t have the same features and controls. They need to review product specifications that satisfy most, if not all, of their needs.