How To Secure Web Gateway & Web Filtering

Uploaded on 2022-01-26 in TECHNOLOGY--Resilience, FREE TO VIEW

In Association with Perimeter81

A secure web gateway offers protection against online security threats by enforcing company security policies and filtering malicious internet traffic in real-time. At a minimum, a secure web gateway offers URL filtering, application controls for web applications and the detection and filtering of malicious code. Data leak prevention features are essential. 

Secure web gateways (SWG) have become increasingly common as cyber criminals have grown more sophisticated in embedding threat vectors into seemingly innocuous or professional-looking websites. 

These counterfeit websites can compromise the enterprise as users access them, unleashing malicious code and unauthorised access in the background without the user's knowledge. The fake, criminal websites can be quite convincing.

Web filters are capable of preventing users from accessing sites that puts malicious code on the user's computer. Even on a small level, web filtering allows companies to block web sites that don't support an effective work day,as well as not fitting the requirements of their security policies.

And now Perimeter 81 has just launched its new Secure Web Gateway which also includes the highly in-demand Web Filtering features that are very popular among Network Security and IT managers. 

Benefits of Web Filtering: 

  •  Protects employees and the corporate network from web-based malicious threats.
  • Increases productivity by decreasing distractions from certain websites.
  • Prevents shadow IT and the use of unauthorized sites for business purposes.

A Secure Web Gateway protects a company’s employees and network from the dangers of the Internet. 
Web filtering is the key feature of SWG that allows the admin to determine who can reach what URL or website, even if they are not connected to the network. Users can be allowed access, denied access, or warned against proceeding.

Pain Points that Web Filtering Addresses:

  • Danger of hacks through phishing attempts of employees or employee access of malicious sites.
  • Employee use of distracting or illicit sites (such as gambling sites) during work hours.
  • Need to provide auditors with tracked web activity for compliance purposes.

How Web Filtering Works

With Perimeter 81, admins can set web filter rules using the same easy interface and quick deployment that the Perimeter 81 platform is known for. Unlike other rules in Perimeter 81, web filtering operates even when the employee is not connected to the network - in other words, the employee device is always protected with the agent running in the background.

Web Filter Rules

Web filter rules can be set per employee or employee group (for example, the marketing department may need access to social media sites to do their job, but the R&D department does not), and can also apply to specific days of the week or times. Admins can choose to block a specific site or an entire category, such as “Gaming” or “Phishing.” Categories are dynamically updated daily as new sites are identified.

Bypass Rules

There are certain cases when web filter rules should be bypassed. 

  • If there are privacy regulations – for example, if employee access of healthcare or financial sites is not allowed to be tracked.
  • If an application, such as Slack or Dropbox, needs unfiltered access.

For this we have Bypass Rules, which can be similarly set for specific employee groups, web categories, and programs.

Monitoring and Tracking

Monitoring and tracking are a fundamental and necessary part of SWG. Perimeter 81 Web Filtering tracks all employee attempted access of “denied” or “warned” sites, so that companies can take action following suspicious activity. Reports can be exported as a CSV file for auditing and analysis purposes.

For more information about Secure Web Gateways and Web Filtering please Contact Cyber Security Intelligence.

You Might Also Read:

Secure Network Access For The Modern Distributed Workforce:

 

« Ransomware Attack On Moncler
Online Daters Must Protect Themselves Against Fraud »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Homeland Security Investigations (HSI)

Homeland Security Investigations (HSI)

Homeland Security Investigations (HSI) is a premier federal law enforcement agency within the Department of Homeland Security (DHS).

Guardtime

Guardtime

Guardtime's Black Lantern platform provides real-time cybersecurity and data-centric asset protection.

Thales

Thales

Thales provides solutions, services and products that help its customers in the defence, aeronautics, space, transportation and digital identity and security markets to fulfil their critical missions.

Thomas Miller Specialty

Thomas Miller Specialty

Thomas Miller Specialty is a commercial Managing General Agency providing specialty risks insurance including Cyber & e-crime insurance.

SAS Institute

SAS Institute

SAS is a leader in business analytics software and services providing solutions for a wide range of critical business areas including risk management, compliance and fraud prevention.

Terranova Security

Terranova Security

Terranova is dedicated to providing information security awareness programs customized to your internal policies and procedures.

Cyber Defense Labs

Cyber Defense Labs

Cyber Defense Labs helps companies identify, mitigate and reduce risk as a trusted, reliable partner for cyber risk management.

AXELOS

AXELOS

AXELOS develops best practice frameworks and methodologies used globally by professionals working primarily in IT management and cyber resilience.

C2SEC

C2SEC

C2Sec provides an innovative analytics platform that assesses and quantifies cyber risks in financial terms based on combining patented big data, AI, and cybersecurity technologies.

Critical Start

Critical Start

Critical Start provides Managed Detection and Response services, endpoint security, threat intelligence, penetration testing, risk assessments, and incident response.

Everbridge

Everbridge

Everbridge provides enterprise software applications that automate and accelerate organizations’ operational response to critical events in order to keep people safe and businesses running.

SpireTec Solutions

SpireTec Solutions

SpireTec Solutions is an IT management training company offering 1500+ courses with state of art training facilities backed by a team of industry experts in various domains including cybersecurity.

American Technology Services (ATS)

American Technology Services (ATS)

American Technology Services provides unparalleled services in information technology to support small and mid-sized business. From top-level strategy, to managed services and infrastructure support.

ADNET Technologies

ADNET Technologies

ADNET Technologies is a SOC 2, Type II Compliant IT management and cybersecurity firm.

Moonlock

Moonlock

Cybersecurity tech for humans. At Moonlock, we make software that seamlessly protects you and has your back as you live your life.

Jot Digital

Jot Digital

Jot Digital is a full-service technology company specializing in digital engineering, application modernization and business transformation.