Secure Web Gateways (SWG) are usually located at the boundary of an organization’s network and provide a secure gateway for internal users to access Internet services. Network traffic entering and exiting is analyzed and processed for malicious content and for organizational policy compliance and appropriately acted upon.
Purpose of Secure Web Gateway Systems
SWG are security firewall systems deployed to control and secure outgoing network access. The main purpose of SWG systems are:
- Prevent malicious network traffic either entering or leaving an organization
- Secure an organization against threats from external networks such as the Internet
- Control and enforce an organizations network policy for network access
- Prevent an organization’s secret or classified data from leaving through the network
Common SWG Features
- URL Filtering – Extensive databases of URLs are available which provide content classifications. These classifications include sexual explicit content, spam websites, virus infected websites, video streaming, social network sites and many others. Corporate policies can be used to enforce content access for security and other threats.
- Data Loss Protection – Data Loss Protection technologies monitor data to detect critical organization information. The types of data may include customer data, credit card data, engineering designs and corporate intellectual properties. Data Loss Protection systems implemented in SWG prevent data from being transported out of the organization
- Virus, Malware, Phishing detection and prevention – Malicious data and other Internet threats are monitored within the network traffic and blocked at the edge of the network.
- SSL Visibility – Malicious data and critical organizational data can transfer across a firewall undetected inside encrypted data packets. SSL visibility technologies un-encrypt data at the edge of the network, allowing other security systems to prevent threats which would otherwise have been hidden.
- Stateful Firewall
- Proxy Firewall
- Caching Gateway
- Forward Proxy
How A10 Networks Can Help
A10 Networks Thunder products are full featured security products with carrier-grade performance platforms. Most of the world’s largest carriers and service providers include A10 products in their infrastructures.
Additional A10 features available for Secure Web Gateways include:
- ICAP extensible – a large group of best-in-class add-on security service products can be added to the A10 Secure Web Gateway
- L7 Traffic Steering is available for advanced traffic and bandwidth management
- Threat Intelligence – The A10 Threat Intelligence provides a realtime threat data including malicious data signatures, dangerous URLs, DDoS threats and other data types. This threat intelligence is constantly streamed to A10 Networks security systems to prevent new and emerging threats at the network edge.