What is a Secure Web Gateway and why does my organization need one?

Back in 1999 Michael Capellas, former CEO of Compaq Computer, once said in a mission statement, “everything to the internet” as at that time every company large or small was trying to gain a presence online or start up an ecommerce site. Social media, smart phones, streaming services and the like were either in their infancy, or just an idea in someone’s brain!

Fast forward nearly 25 years we now see this vision become realty.? Everybody and everything are connected.? Heck, my garage door is now connected to the internet!? With the adoption of cloud computing, mobile apps, and other trends, like remote work, we now see a wholesale change in the way organizations conduct even their most routine business.

It has been commonplace over the past decade to see how people and organizations interact with, and leverage internet-based web services, like websites and web applications.? These interactions are now ubiquitous and essential to everything we do either at home or at work.

Research in 2023 by Colorlib found that 94% of all companies globally use cloud computing. WFH Research , a research and survey firm focused on working arrangements and attitudes, discovered that nearly 13% of the working population now exclusively works from home (WFH) with 29% working in a hybrid model. Finally, Apollo Technical’s research found that 16% of companies don’t even have a physical office anymore and operate fully remote.

While these changes provide countless upsides, this also presents cybersecurity challenges that organizations must overcome. With nefarious actors always lurking there are infinite threats perhaps aimed squarely on your organization.? There may also be risky and malicious web services that employees may inadvertently interact. These resources are responsible for spreading ransomware and other malware, stealing sensitive data, providing access to inappropriate content and contributing to a drain on productivity.

Organizations are left trying to determine how to provide their users with access to all the valuable web services that exist on the Internet safely and securely. The solution must be able to provide safeguards for all the threats that exist regardless of a user’s location. The Secure Web Gateway (SWG) solution was designed to solve these challenges.

What is a Secure Web Gateway or SWG?

A SWG (commonly pronounced “swig”) is a service that is positioned between users and the Internet. A SWG is often combined with Zero Trust Network Architecture (ZTNA) as part of a Secure Access Service Edge (SASE) model. The service can be on-premises or cloud-based, providing flexible deployment options to support the needs of today’s dynamic workforce. Its purpose is to provide advanced protections for users accessing internet based web services.

Common features provided by SWGs include the following:

• TLS/SSL inspection to provide the visibility necessary to enable the detection and migration of threats in encrypted web traffic. According to Google Transparency Report, in 2024, approximately 96% of web traffic is encrypted. WatchGuard Technologies determined that for Q4 2022 93% of malware was transmitted in encrypted web traffic.
• URL filtering to allow or deny access to websites based on the category of a website and blocking known malicious web destinations using a website database maintained by the SWG vendor.
• Advanced threat protection to inspect web content and downloads for malicious code, including ransomware, viruses and other malware.
• Application control to allow, deny or restrict the use of web apps based on application categories and known risky applications.
• Data loss prevention to inspect outbound traffic to identify and control the transmission sensitive data.
• Policy enforcement to enforce restrictions on internet usage in alignment with organizational policies and compliance requirements. This can include things such as time-based restrictions, usage and bandwidth quotas and content and applications.
• Logging of user activity and threats identify policy violations and perform forensic analysis as well as monitoring and reporting.

How is a SWG different than a firewall?

The features of a Secure Web Gateway may seem very similar to the features provided by a firewall but there are some key differences. The primary difference is how each of the two solutions work. A firewall functions at the packet level and makes decisions to allow or deny every packet that attempts to pass between the firewall’s zones based on defined rules. A SWG on the other hand operates at the application level, is focused on HTTP and HTTPS traffic and makes decisions to allow to deny communication based on the traffic that is going over the protocol.

Should I use a SWG or a firewall?

The decision to leverage a SWG, firewall, or both depends on your organization’s use case. A SWG can be a great solution if the focus is on web traffic and user activity. The control provided by a SWG can be very granular and offers a great deal of customization. Firewalls are focused on controlling network traffic and tend to provide less granular control and customization when it comes to web traffic.

SWGs can be an perfect solution!

SWG’s are ideal when an organization wants to deliver secure access to web services, including cloud-based applications for bring your own device (BYOD) and remote users. A SWG is also well suited for providing consistent security and access to web services across many locations through a centralized solution.

Firewalls, on the other hand, work great to control and secure network traffic going in and out of a location or between different locations. Organizations looking to secure network traffic and provide granular and customizable control over web traffic may opt to leverage both a firewall and a SWG to provide a layered, zero trust defensive solution.

For more information about 11:11 Systems Managed Security solutions including Secure Web Gateways please check out the following links.

• Application and Zero Trust Services including SWG

• Managed Security Services

• Managed Firewall

Author:?Brandon Leiker

Brandon Leiker is a Principal Solutions Architect, Security at 11:11 Systems. In his role, Brandon supports the global solution architecture team by leading security discussions and designing security solutions. He has over 20 years of experience in IT and security across multiple verticals including energy, financial services, medical, banking, and manufacturing. Brandon’s background includes solution architecture, implementation, administration, security operations, and strategy, as well as governance, risk management, and compliance. He holds a master’s degree in Information Assurance Management and a bachelor’s in Information Networking and Telecommunications, both from Fort Hays State University in Kansas. In addition, Brandon holds numerous industry certifications, including CCSP, CISSP, CISA, CISM, CRISC, and CCISO.