What is a Secure Web Gateway Service?

A Secure Web Gateway (SWG) is a security solution that protects organizations from a broad array of internet-borne threats by monitoring, inspecting and filtering traffic flowing to and from the web. A secure web gateway solution blocks viruses, malware and other threats from entering an IT environment, and prevents users from accessing websites and applications deemed suspicious or unacceptable. While a secure web gateway may be deployed on-premises as a software solution or as a web security appliance, the market for cloud-based secure web gateway services has grown rapidly in recent years. 

As the traditional corporate network perimeter has disappeared, secure web gateway services have become an important part of a multilayered approach to security. SWGs enable organizations to improve security for highly distributed networks, employees that work-from-anywhere and mobile users who need fast access to cloud applications and services.

A secure web gateway service is a cloud-based solution that monitors all traffic entering an IT environment from the web as well as all outbound web requests from an organization’s users. Using an array of technologies, secure web gateway services inspect and compare traffic, looking for anything that might be a violation of security policy. This may include known viruses in inbound traffic, sensitive data in outbound traffic, users attempting to access suspicious websites or download malicious content or attempts to access sites deemed unacceptable by the organization.

A secure web gateway service may employ multiple technologies, including:

• URL filtering. URL filtering technology blocks access to websites that meet certain conditions, such as social media, adult content sites or sites that are identified by threat intelligence feeds as malicious.
• Anti-malware scanning. By scanning for known malware signatures, a secure web gateway service can block threats already identified by threat intelligence feeds.
• Application control. SWGs can block access to web-based applications like Tor that are considered unsafe, or applications like YouTube and Spotify that an organization may deem unacceptable for use by employees during business hours.
• Data loss prevention (DLP). DLP technology checks outbound web traffic for specific patterns or sensitive data such as customer credit card information, Social Security numbers, intellectual property and other confidential data. DLP solutions can block content from leaving the organization or require that it is encrypted before it is sent.
• Encrypted traffic analysis. This feature compares all traffic, including SSL-based encrypted traffic, to threat lists and reputation sources to determine whether any content or code contains a threat. Secure web gateway services use HTTPS inspection to decrypt traffic with a sender’s public key, inspect it and re-encrypt it before passing it on.
• Antivirus. Antivirus tools detect, prevent and remove viruses, Trojans and adware from web-based traffic.

Organizations can count on significant benefits when deploying a cloud-based secure web gateway service.

• Detection and prevention of emerging threats. Secure web gateway services constantly monitor web traffic and incorporate data from threat intelligence feeds into detection capabilities, providing a holistic approach to identifying threats in web traffic, emails, files, and endpoints.
• Blocking access to sites deemed high-risk, malicious or unacceptable. A secure web gateway service prevents users from accessing content that may contain malware or visiting websites that may seek to dupe users into revealing login credentials.
• Greater visibility and monitoring. Secure web gateway software eliminates the blind spot of SSL-encrypted traffic, delivering visibility into new attack vectors that may be contained in web traffic. By monitoring and logging all traffic on-premises and in the cloud, SWGs can see how the web is being used and by whom.
• Consistent policy enforcement. SWGs empower security teams to enforce policies across a highly distributed IT environment with greater consistency and less management burden.
• Support for the remote workforce. With a cloud-based web security gateway service, remote workers can stay securely connected to corporate IT assets and cloud services no matter where they choose to work from.
• Simplify compliance. The granular control provided by a secure web gateway service enables organizations to comply with regulatory requirements and produce proof of compliance for auditors upon request.
   

These criteria can guide IT teams when comparing and selecting a next-generation secure web gateway.

• A cloud-based service. A cloud-native secure web gateway service can help to enforce security policy for both cloud and web traffic while simplifying management, increasing flexibility and delivering better performance.
• SASE integration. A web secure gateway service is most effective when integrated with other technologies that form the Secure Service Edge (SSE) of a Secure Access Service Edge (SASE) approach to security. These include cloud access service brokers (CASBs), firewall as a service (FWaaS) and Zero Trust Network Access (ZTNA) technology.
• Remote browser isolation (RBI) with content disarm and reconstruction (CDR) capabilities. RBI capabilities render internet content in a sandbox environment to strip webpages of any embedded malware, enabling users to safely access the content they need. CDR capabilities perform the same function for documents, removing executable content and reconstructing the document without any threats.
• Unified control. A solution that enables administrators to manage secure web gateway services and security policies from single console will reduce repetitive and redundant configuration management.
• Device control. A solution that offers endpoint agents for Windows and Mac OS devices will enhance security for remote users who need fast and safe remote access to cloud services and corporate applications.

Forcepoint secure web gateway services are part of Forcepoint ONE, an all-in-one, cloud-native security platform. Forcepoint ONE SWG enables users to securely access any website or download any document while still enjoying the speed and performance required to stay competitive. Forcepoint’s SWG service blocks access to undesirable websites, applies additional protection to unknown websites, protects users from web-borne malware infections and prevents users from uploading sensitive data to personal filesharing accounts. Zero Trust web access is insured by optional RBI and CDR capabilities.

This secure web gateway service leverages the availability of the Forcepoint ONE platform, which has a history of 99.99% uptime since 2015, thanks to 300 points of presence around the world and fast peering with major cloud environments and applications for great performance. Forcepoint’s solution also uses a distributed enforcement architecture that allows the majority of a user’s web traffic to be exchanged directly between the user and the website, rather than having to detour through a service in the cloud. This results in roughly twice the throughput compared to other SWG services.