How To Secure Web Gateway & Web Filtering

Uploaded on 2022-01-26 in TECHNOLOGY--Resilience, FREE TO VIEW

In Association with Perimeter81

A secure web gateway offers protection against online security threats by enforcing company security policies and filtering malicious internet traffic in real-time. At a minimum, a secure web gateway offers URL filtering, application controls for web applications and the detection and filtering of malicious code. Data leak prevention features are essential. 

Secure web gateways (SWG) have become increasingly common as cyber criminals have grown more sophisticated in embedding threat vectors into seemingly innocuous or professional-looking websites. 

These counterfeit websites can compromise the enterprise as users access them, unleashing malicious code and unauthorised access in the background without the user's knowledge. The fake, criminal websites can be quite convincing.

Web filters are capable of preventing users from accessing sites that puts malicious code on the user's computer. Even on a small level, web filtering allows companies to block web sites that don't support an effective work day,as well as not fitting the requirements of their security policies.

And now Perimeter 81 has just launched its new Secure Web Gateway which also includes the highly in-demand Web Filtering features that are very popular among Network Security and IT managers. 

Benefits of Web Filtering: 

  •  Protects employees and the corporate network from web-based malicious threats.
  • Increases productivity by decreasing distractions from certain websites.
  • Prevents shadow IT and the use of unauthorized sites for business purposes.

A Secure Web Gateway protects a company’s employees and network from the dangers of the Internet. 
Web filtering is the key feature of SWG that allows the admin to determine who can reach what URL or website, even if they are not connected to the network. Users can be allowed access, denied access, or warned against proceeding.

Pain Points that Web Filtering Addresses:

  • Danger of hacks through phishing attempts of employees or employee access of malicious sites.
  • Employee use of distracting or illicit sites (such as gambling sites) during work hours.
  • Need to provide auditors with tracked web activity for compliance purposes.

How Web Filtering Works

With Perimeter 81, admins can set web filter rules using the same easy interface and quick deployment that the Perimeter 81 platform is known for. Unlike other rules in Perimeter 81, web filtering operates even when the employee is not connected to the network - in other words, the employee device is always protected with the agent running in the background.

Web Filter Rules

Web filter rules can be set per employee or employee group (for example, the marketing department may need access to social media sites to do their job, but the R&D department does not), and can also apply to specific days of the week or times. Admins can choose to block a specific site or an entire category, such as “Gaming” or “Phishing.” Categories are dynamically updated daily as new sites are identified.

Bypass Rules

There are certain cases when web filter rules should be bypassed. 

  • If there are privacy regulations – for example, if employee access of healthcare or financial sites is not allowed to be tracked.
  • If an application, such as Slack or Dropbox, needs unfiltered access.

For this we have Bypass Rules, which can be similarly set for specific employee groups, web categories, and programs.

Monitoring and Tracking

Monitoring and tracking are a fundamental and necessary part of SWG. Perimeter 81 Web Filtering tracks all employee attempted access of “denied” or “warned” sites, so that companies can take action following suspicious activity. Reports can be exported as a CSV file for auditing and analysis purposes.

For more information about Secure Web Gateways and Web Filtering please Contact Cyber Security Intelligence.

You Might Also Read:

Secure Network Access For The Modern Distributed Workforce:

 

« Ransomware Attack On Moncler
Online Daters Must Protect Themselves Against Fraud »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Protective Intelligence

Protective Intelligence

Protective Intelligence brings together a group of information security specialists with a passion for delivering high-quality solutions.

FIRST Conference

FIRST Conference

Annual conference organised by the Forum of Incident Response and Security Teams (FIRST), a recognized global leader in computer incident response.

Cyber Fusion Center - Maryville University

Cyber Fusion Center - Maryville University

Maryville University Cyber Fusion Center is a virtual lab for working on real-world cyber security challenges.

Morphisec

Morphisec

Morphisec Endpoint Threat Prevention blocks zero-days and advanced attacks in real time, before they cause any damage.

JPCERT/CC

JPCERT/CC

JPCERT/CC is the first Computer Security Incident Response Team (CSIRT) established in Japan.

Azeti Networks

Azeti Networks

Azeti Networks is a global provider of IoT technology to a variety of verticals including telecomms, oil/gas, manufacturing, finance and healthcare.

Convercent

Convercent

We offer comprehensive and integrated compliance management, reporting, and analytics. A 360-degree view of compliance drives efficiency by aligning initiatives and data into a single dashboard.

Centurion Information Security

Centurion Information Security

Centurion Information Security is a consulting firm based in Singapore that specialises in penetration testing and security assessment services.

Computest

Computest

Computest security testing services include Mobile app security, Vulnerability assessments, Attack & penetration testing, Security awareness training, Network security assessments.

AVL Mobile Security

AVL Mobile Security

AVL Mobile Security is a market-leading mobile security company for anti-virus and threat intelligence in the mobile Internet.

Bird & Bird

Bird & Bird

Bird & Bird is an international law firm with a focus on helping organisations being changed by technology and the digital world. Areas of expertise include cyber security.

Acuant

Acuant

Acuant is a leading global provider of identity verification, regulatory compliance (AML/KYC) and digital identity solutions.

Insight Partners

Insight Partners

Insight Partners is a leading global private equity and venture capital firm investing in growth-stage technology, software and Internet businesses.

oneclick

oneclick

oneclick is a central access and distribution platform in the cloud, enabling the management of the entire technology stack for application provisioning.

DeepSeas

DeepSeas

DeepSeas is the result of a merger between Security On-Demand (SOD) and the commercial Managed Threat Services (MTS) business of Booz Allen Hamilton.

OSC Edge

OSC Edge

OSC was founded with the vision of providing expert solutions in IT to government and businesses. OSC Edge empowers organizations with solutions that prepare them for today and tomorrow.