Gartner Research

Using Secure Web Gateway Technologies to Protect Users and Endpoints

Published: 22 February 2018

ID: G00337219

Analyst(s): Patrick Hevesi , Jon Amato

Summary

In this assessment, we will explore the features and functionality of the modern SWG solution and the ways in which technical professionals focused on gateway security can use them to protect enterprise endpoints from web-borne threats.

Table Of Contents

Analysis

  • Introduction
  • Features and Functionality
    • Secure Web Gateway Features
    • SWGs vs. CASB vs. EFW
    • Implementation Architecture
    • Cloud-Based and Hybrid Secure Web Gateways
    • Content Inspection Engines in SWGs
    • SSL Decryption
  • Risks and Issues
    • Certificate Pinning
    • Performance Implications
    • Privacy and Regulatory Issues
  • Strengths
    • Best Available Defense Against Web-Borne Threats
    • Strong Protection Where Endpoint Agents Are Not Practical
    • Strong Enforcement of Acceptable Web Usage Policies at Scale
  • Weaknesses
    • Privacy and Regulatory Concerns
    • Performance Impact
    • Cloud-First Vendor Strategies May Negatively Impact On-Premises Products
    • Protection on Non-HTTP Ports, Especially When the SWG Is Not Deployed In-Line
    • Some On-Premises Deployment Models May Complicate High-Availability and Disaster Recovery Scenarios

Guidance

  • Take a Cloud-First Approach to Evaluating Technologies
  • Partner With Legal and HR to Work Through Privacy and Regulatory Issues
  • Choosing Between SWGs, EFWs and CASBs

The Details

Gartner Recommended Reading

©2019 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Become a client

Learn how to access this content as a Gartner client.