Business Guide
simplicable technology guide   »  security   »  secure web gateway vendor questions

10 Questions For Your Secure Web Gateway Vendor

        posted by , December 18, 2011

The secure web gateway (SWG) market is reasonably mature but is not yet commodotized. There's a big difference between vendors in the space. These 10 questions will help you to evaluate SWG vendors.

1. Does your product primarily rely on signature-based malware detection?

Signature-base malware detection is reactive. It relies on signatures of known malware. Advanced malware is resistant to signature-based detection — malware can potentially modify it's signature based on complex algorithms. Most SWG tools rely on a cocktail approach – signature-based detection mixed with generic algorithms that detect malware based on generalized factors.

2. How strong is your outbound malware detection?

Detecting outbound messages to malware control centers and external targets is critical to your network security. Most vendors are far better at detecting inbound malware.

3. How strong is your detection of malware for non-web traffic?

Many tools are web-focused and fall down on email and proprietary protocols such as Skype.

4. Does your tool analyze URLs in real-time or rely on a list of known bad URLs?

The first line of defense that SWG products use is to block by URL. There are well established publicly available lists of malware infected and dubious URLs. Blocking these URLs is a commodity service. Where tools can add value is real-time analysis of URLs not already on the public blacklists. There are two methods to achieve this: real-time code analysis (inspection of scripting languages such as Javascript) and site reputation analysis.

5. Does your tool have a geographical focus?

Some tools are focused on threats in a particular location (e.g. English websites in the United States). These tools may fall down when it comes to common web threats in a different location (e.g. Chinese websites).

6. Does your tool provide fine-grained controls for social media?

Most organizations want their network to be open to social media but want fine-grained controls over popular web destinations. For example, an organization may allow Facebook access but may want to block certain Facebook games.

7. Does your tool provide mobile device capabilities?

Your employees probably access applications and websites on third party mobile networks. Some vendors offer tools that force mobile web access through your web security gateway. This requires special malware detection that can analyze mobile apps across diverse mobile platforms.

8. What reports are available out-of-the-box?

Reporting is a significant SWG vendor differentiator.

9. Do you provide fine grained controls for enterprise SaaS applications?

Organizations may deploy SaaS applications but restrict certain functionalities. Secure Web Gateways are one way to achieve this.

10. What data leak prevention capabilities does your product have?

Data often leaks through approved websites. Some SGW products have capabilities to detect large outgoing files or prevent certain file types from being uploaded.

3 Shares Google Twitter Facebook

Related Articles

Enterprise Architecture
How to architect an organization.

All systems need to be replaced with time. However, just because a system is legacy — doesn't mean it needs to be replaced immediately.

Don't worry about people stealing your ideas. If your ideas are any good, you'll have to ram them down people's throats. ~ Howard Aiken

Extending ITIL metrics into the cloud — a concrete example.

Why risks and even vulnerabilities aren't necessarily bad.

Recently on Simplicable

Security Through Obscurity

posted by Anna Mar
Security through obscurity is generally considered a bad idea ...

Zombie Armies of The Digital Frontier

posted by Anna Mar
An quick explanation of botnets.

IT Security Guide

posted by John Spacey
A guide to information security including cheat sheets, best practices and checklists.

Principle of Least Privilege

posted by Anna Mar
A look at least privilege and need to know.


about     contact     sitemap     privacy     terms of service     copyright