What are the essential features of a great SWG?

A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
(Image credit: Shutterstock / jijomathaidesigners)

A secure web gateway (SWG) plays an important role in defending your network against online threats. An SWG sits between your company and the internet at large, filtering out malicious websites and giving your IT team more control over what data moves to and from your network.

There are many different SWGs to choose from, and they’re often integrated into more comprehensive secure access service edge (SASE) security platforms. We’ll explain exactly what SWGs do and highlight four essential features every SWG needs to keep your network safe.

Perimeter 81 is one of TechRadar's choices for the best SWG providers

Perimeter 81 is one of TechRadar's choices for the best SWG providers

Protect your employees and network from web-based attacks with a Secure Web Gateway. Filter out malicious threats. Monitor all employee activity. Streamline compliance. Secure your entire workforce, whether on-prem or remote with Perimeter 81. Deploy in minutes. Start now.

What does an SWG do?

An SWG is designed to serve as a dynamic filter that sits between your network and the internet. All web traffic to or from your network passes through the SWG. Unauthorized or malicious traffic detected by the SWG can be automatically blocked or flagged for review by IT administrators.

Importantly, an SWG is distinct from a firewall. An SWG monitors traffic at the level of entire websites or online applications and looks for potentially malicious activity, whereas a firewall inspects each individual data packet that’s being transferred to your network from a website and searches it for malware.

Many organizations use both an SWG and a firewall in combination to give their network the greatest degree of protection.

Here are some of the key features to look for when choosing the right SWG for your network.

Website and application blocking

One of the most basic, but critical features that every SWG should offer is the ability to whitelist and blacklist websites and online applications.

Organizations can use a blacklist to prevent the network from ever accessing specific sites. Your IT team can add any known malicious sites to your SWG blacklist. They can also add non-work-related websites that might harbor malware, such as pornography sites.

Your IT team can use whitelists to streamline connections to trusted sites. For example, if your organization uses a cloud storage platform, adding it to the whitelist will ensure that data transfers to and from your storage space won’t be interrupted by the SWG.

Some SWGs, like Perimeter 81, also offer a third type of list that warns users when they connect to a site on that list. This is a good way to remind employees to be cautious about downloading data from a site that is somewhat suspicious, but which your company still needs to access.

Employee-level permissions

Whitelists and blacklists apply to your entire network, regardless of who in your organization is trying to access a site. However, most businesses need more granular control over which employees are allowed to access what sites.

Employee-level permissions give your IT team the power to restrict or enable access to different types of websites and web applications for each individual employee. For example, your IT team could restrict access to social media sites for employees who aren’t in your marketing division as a way to boost productivity.

Employee-level permissions can also be used to keep your company’s network and data safe. Your IT team can limit certain types of downloads, like executable files, for non-IT employees. In addition, only certain employees may be able to access web applications like a cloud storage platform or an online payment system.

Web activity tracking and reporting

A great SWG should also enable IT teams to track the online activity of users on your network. The tool should keep track of which users accessed which websites and report those employees who tried to access blacklisted or suspicious websites.

This data can be used by your IT team to identify employees who need additional cybersecurity training. It can also be very helpful in pinpointing the source of a data leak or network infection.

Activity tracking features can also provide insight into which employees aren’t as productive as they could be. For example, Perimeter 81 offers reporting on which employees access certain categories of websites such as social media and news sites.

Data loss prevention

Another feature to look for in an SWG is a filter to help prevent data loss from your network. Data loss prevention filters restrict what files can be uploaded to a website or web application. They can be extremely powerful and go a long way in preventing sensitive data from being transferred off your network.

Depending on the specific SWG, the data loss prevention filter might restrict data uploads for all but whitelisted websites. It could also be customized to enable or disable uploads to certain sites for certain employees.

Best of all, some SWGs enable IT administrators to limit data uploads based on the contents of the file being uploaded. The filter can automatically block any file uploads for documents that contain specific keywords or a series of numbers that look like payment information.

If your network is infected with malware or an employee is tricked into giving up data to a malicious website, a data loss prevention filter could potentially prevent an enormous data breach.

Conclusion

An SWG is an important component of your organization’s cybersecurity strategy. This security tool works in conjunction with a business firewall to monitor web traffic and protect your network. 

When choosing an SWG, look for features like website blacklists, granular control over employee access to the web, activity tracking and reporting, and data loss prevention filters. Together, these features can prevent malware from reaching your network and prevent attacks from developing into major data loss events.

TOPICS
Michael Graw

Michael Graw is a freelance journalist and photographer based in Bellingham, Washington. His interests span a wide range from business technology to finance to creative media, with a focus on new technology and emerging trends. Michael's work has been published in TechRadar, Tom's Guide, Business Insider, Fast Company, Salon, and Harvard Business Review.