Home>
Secure Web Gateway (SWG)
02
To safeguard endpoints from malicious data traffic, SWGs typically implement a multi-layered, real-time protection system. This system requires that connections based on HTTP, HTTPS, or even FTP pass through a series of steps. These steps include:
Blocklisting: This step analyzes traffic to identify known threats. IP addresses and domains are checked against block lists. Web content on these lists cannot be accessed by users.
Application control: The SWG can also ensure that only approved web applications are used in the enterprise. This reduces the use of shadow IT.
Malware scanning: To protect enterprise IT from threats such as malware, ransomware, and the like, SWGs scan traffic for suspicious patterns.
SSL/TLS termination: It may be necessary to temporarily disable encryption in order to inspect the traffic, depending on the type of connection. This is typically done in the case of HTTPS.
Advanced Threat Protection: A variety of technologies are employed here, including sandboxing, behavioral analysis, and reputation analysis of content.
Data Protection and Compliance: The SWG can also be utilized as a DLP (Data Loss Prevention) system to monitor outgoing data traffic for sensitive information. If necessary, the transfer of data is blocked to prevent data leakage.
SWGs protect against various threats and help managers to enforce company policies. An SWG is particularly advantageous in highly regulated industries with strict compliance requirements. Some of the most pressing risks that an SWG solution can help protect against include:
SWGs scan downloaded files and can analyze suspicious files in sandboxes.
SWGs can identify phishing sites by analyzing URLs and website content.
SWGs detect suspicious communication patterns and block corresponding connections.
By monitoring outgoing traffic, SWGs can be used to block the unauthorized transfer of company data.
SWGs enforce corporate policies by blocking access to certain website categories or URLs.
By decrypting SSL/TLS traffic, SWGs can detect threats in encrypted connections.