Ask most IT or SecOps teams and they’ll tell you that a secure web gateway (SWG) forms the backbone of their cybersecurity stack. That’s why Gartner includes a SWG in their Secure Access Service Edge (SASE) framework, which integrates a wide array of networking and cybersecurity solutions into a single, cloud-delivered service. Secure Access Service Edge may be the future of networking and cybersecurity, but deploying a SASE solution isn’t as simple as flipping a switch. That leaves IT teams in a tricky position when it comes to evaluating the secure web gateways that fit into their own carefully curated cybersecurity stacks.
Increasingly, cybersecurity professionals find that old, siloed secure web gateways don’t meet the needs of their organizations. But how do you upgrade a dysfunctional SWG when you aren’t quite capable of rolling out a fully integrated SASE solution? In this blog, we discuss how to upgrade your secure web gateway with SASE in mind, partnering with a vendor that will help you on your journey towards integration while providing a solution that meets your needs in the present.
Once you’ve finished reading, check out our free webinar, Dissatisfied by your SWG? You’re not alone. In it, our experts discuss secure web gateway trends and show how Cisco Umbrella can help bridge the gap between your current SWG needs and the fully integrated SASE functionality you’re planning for.
What Is a Secure Web Gateway?
If you want to choose a secure web gateway that lays the groundwork for a smooth SASE journey, you need to know which SWG features are essential. Gartner defines secure web gateways, at their most basic, as solutions that:
…protect web-surfing PCs from infection and enforce company policies…filter[ing] unwanted software/malware from user-initiated web/internet traffic and enforc[ing] corporate and regulatory compliance.1
How does this look practically? Well, think of your company network as a secure facility, while the web is the outside word. Every time someone on your company network accesses the web – researching a potential client for a sales pitch, clicking a link in an email, or even just taking a brain break on social media – they move from the secure facility to the outside world and back again. If your enterprise is like most, employees do this constantly.
In this analogy, you can think of a secure web gateway as the security booth situated between the company network and the open web. Without a SWG, web activity is largely unmonitored and employees can unintentionally bring malware, malspam, and other threats from the web back into the company network by downloading the wrong file, clicking the wrong link, or visiting the wrong domain.
When you have a secure web gateway, however, the security booth is active. Employees are prevented from accessing risky web locations, which reduces the risk your network is exposed to. In order to monitor and control web activity, a SWG must be able to:
- Enable web filtering by category, domain, or URL
- Use malware analytics on suspicious files
- Detect and block download of files containing malicious code
- Control web-based applications
Depending on the vendor, a secure web gateway may contain some additional functionality. But so long as your SWG can perform these essential functions, it will fill the right niche in your cybersecurity stack and help make web browsing safer.
How Does a SWG Fit Into a SASE Solution?
A secure web gateway forms the backbone of the cybersecurity part of any SASE solution. It also features prominently in Gartner’s more cybersecurity-focused Security Service Edge (SSE) model. This makes a SWG upgrade into the perfect opportunity to get started on your SASE journey. In fact, many SASE vendors offer secure web gateways designed to integrate seamlessly with other cybersecurity solutions and provide additional functionality. Because of this, sourcing your SWG from a SASE vendor allows you to enjoy:
More Robust Protection
Cyberattacks can come from multiple vectors, many of which require different tools for protection. For example, a cloud access security broker (CASB) allows SecOps teams to improve cloud app security, DNS-layer security prevents users from accessing dangerous domains, and a SWG bolsters security while browsing the open web. The need for multiple cybersecurity solutions is the primary reason for the widespread push to SASE and more cybersecurity-focused Security Service Edge (SSE solutions). Sourcing your secure web gateway from a SASE vendor will set you up to take advantage of more robust protection earlier in your SASE journey.
The recent AV-TEST evaluation of secure web gateways proves this point. When experts evaluated the Cisco Umbrella DNS Security Advantage package – which includes DNS-layer security and limited SWG functionality – they found that Umbrella had a threat blocking rate of roughly 70%. Then, the team tested the Cisco Umbrella SIG Essentials package, which is designed to help customers on their SASE journey by integrating SWG, CASB, DNS-layer security, cloud-delivered firewall, and additional cybersecurity functionality. They found that the more integrated Cisco Umbrella SIG Essentials package boasted a threat-blocking rate of roughly 96% – an industry best.
Both Gartner’s SASE and SSE frameworks feature cloud-based cybersecurity solutions. A SASE solution – and the SWG functionality included in it – must function on a software-as-a-service (SaaS) model. For modern enterprises, where cloud-based software use is the norm, this makes managing a SASE solution simple. It also allows IT and SecOps teams to scale up SWG functionality in order to meet the needs of a growing business.
Upgrading a traditional, on-prem SWG takes time and no small amount of effort – new hardware must be delivered and installed, software must be updated, the solution must be painstakingly maintained. This can take time a growing business doesn’t have. But when your secure web gateway is part of a cloud-based SASE solution, scaling up becomes easier and quicker.
Easier Day-to-Day Management
Managing a secure web gateway as part of a siloed cybersecurity stack isn’t easy. Moving security logs between non-integrated solutions is necessary to make data actionable, but it can be an arduous and time consuming process. What’s more, having a siloed cybersecurity stack can result in your IT or SecOps team fielding a high volume of redundant notifications. In fact, a 2020 Cisco CISO Benchmark study reveals that 16% of enterprise security teams face more than 100,000 alerts on a daily basis.2
When your SWG is part of an integrated SASE solution, management becomes more straightforward. For example, the entire suite of cybersecurity solutions included in Cisco Umbrella – including secure web gateway functionality – are designed to seamlessly share logs. And since they can be managed from a single interface, your team can spend less time managing and more time designing and implementing cybersecurity policies that set your organization up for long-term success.
It’s Time to Update Your Secure Web Gateway
Are you ready for a SWG that meets the needs of your modern enterprise? Learn about industry trends and how Cisco Umbrella can provide the secure web gateway functionality you need in our free webinar: Dissatisfied by your SWG? You’re not alone.
And if you’re ready to get started on your SASE journey, schedule a free demo of Cisco Umbrella today.
See Umbrella in action
Let one of our security experts show you how Cisco Umbrella can help you get started on your SASE journey.
1 Gartner, Secure Web Gateway.
2 Cisco, 2020 Cisco CISO Benchmark Report. 2020.