Protecting your network isn’t enough to keep cyber attackers at bay. Many attackers are using encrypted traffic to launch attacks on unsuspecting companies.
Any companies that use cloud services and online applications need a web security gateway to filter traffic.
Web security gateways stop unsecured traffic from accessing a network. Monitoring encrypted traffic is particularly important because it makes up to 72% of network traffic.
Here is our list of the best web security gateways:
- N-able Mail Assure EDITOR’S CHOICE Cloud-based email threat protection system that also scans outbound emails for data loss events. Start a 30-day free trial.
- Zscaler Web Security Cloud-based web protection system that includes URL and DNS filtering, a firewall, antivirus, and anti-spam.
- Symantec Secure Gateway Hosted web gateway with cloud access security, data loss prevention, advanced threat protection, and email security.
- Forcepoint Web Security Cloud-hosted web access gateway with URL filtering, data loss prevention, and advanced malware detection.
- FortiProxy Great for SMEs, this web threat intelligence service includes web filtering, DNS filtering, antivirus, intrusion prevention, and data loss prevention.
- Barracuda Web Security Gateway Remote content filter that blocks malicious code even when it is encrypted.
- Censornet Web Security A content filter with an emphasis on blocking offensive text and images. Can process encrypted transmissions.
- McAfee Web Gateway Includes antimalware, threat protection, and an outward-bound inspector to block data theft. Integrates with other McAfee security products.
- Sophos Web Gateway This traffic monitor inspects both incoming and outgoing internet transmissions to block threats and prevent data loss.
The best web security gateways
All of the tools mentioned on this list are equipped with advanced threat intelligence capabilities to discover new threats and zero-day malware.
The N-able Mail Assure system is an edge service formerly supplied by SolarWinds MSP. MSPs can offer Mail Assure as an extra service to their clients. The MSP can include the oversight of technicians in its pricing plan when it proposes Mail Assure to its customers. Despite the fact that N-able markets this service to MSPs, there is no reason why in-house IT departments shouldn’t also deploy the Mail Assure system.
The Mail Assure system is hosted on N-able servers so all email traffic from the MSP’s clients needs to be channeled through that system via a VPN. Similarly, all incoming emails go to the Mail Assure server first and then travel on to the client’s system through the VPN.
When an email intended for the client arrives at the Mail Assure server, it scans for security threats, including spam, phishing attempts, address spoofing, impersonation, malicious content, and poisoned links.
N-able collates a threat intelligence database from all of the attacks that it encounters while serving all of its customers around the world. This centralized attack profile means that information on any threat identified in one part of the world is instantly available to protect all of the other Mail Assure users.
Apart from referencing the threat intelligence database, Mail Assure checks for typical attack signatures and also refers to a sourced mail address blacklist.
The edge service also provides continuity services and archiving. Encrypted archives of genuine emails are stored automatically and can be restored on demand. The continuity service extends to online mailboxes for all of the accounts on the protected system, which enables all users to continue to access and send emails even when the main email server is unavailable.
The Mail Assure service will also protect online Office 365 email servers as well as onsite systems. N-able offers a 30-day free trial of Mail Assure.
N-able Mail Assure is our first choice! Much of the work that Mail Assure provides is carried out automatically, so it requires very little human intervention.
Start 30-day Free Trial: solarwindsmsp.com/products/mail
Zscaler Web Security is a cloud-based web security gateway that comes with URL filtering, a firewall, cloud-based application control, antivirus, anti-spam, DNS filtering, and more. One of the perks of being part of the cloud gateway is that any threat detected by any user is automatically blocked for all customers – there are over 120,000 security updates every day to protect against the latest threats. The tool can also inspect SSL traffic that many other platforms struggle to analyze.
The antivirus takes signatures from over 60 threat feeds to identify new threats. However, the software isn’t limited to monitoring security events; you can also optimize your network’s performance. The bandwidth control capabilities of Zscaler Web Security can prioritize important applications over less important traffic.
To protect your files against loss or destruction there are a handful of data protection features. Implement Data Loss Prevention to protect user data. There is also a Cloud Application Security Broker to control user access to applications and File Type Controls to determine what files can enter or exit the network.
Users can connect to the program through the Zscaler cloud to browse safely from malicious attacks. The platform is scalable so that you aren’t limited by hardware if you need to manage more traffic. To view a quote for Zscaler you will have to contact the company directly. You can request a demo and a quote.
Symantec Secure Gateway is a cloud-based web gateway designed to fit into an enterprise’s security stack. The solution combines a secure web gateway with data loss prevention, advanced threat protection, email security, and a cloud access security broker. As part of Symantec Secure Gateway’s advanced threat detection capabilities, you can authenticate users and inspect encrypted traffic.
To make sure that you don’t fall behind emerging risk factors, Symantec Secure Gateway uses real-time threat intelligence from the Symantec Global Intelligence Network. The Symantec Global Intelligence Network uses machine learning and image analysis to detect cyberattacks. The service processes more than 1.2 billion web requests every day with nine Security Operations Centers across the globe.
The Symantec Integrated Cyber Defense Platform that comes with Symantec Secure Gateway allows you to automate threat remediation. For example, identified threats can be blacklisted to minimize the network’s exposure to threats. Automation helps to shut down threats as quickly as possible.
Symantec Secure Gateway is a good fit for those organizations that are looking for a security solution equipped to manage a hybrid computing environment. For pricing information, you will have to request a quote from the company directly. You can request a quote.
Forcepoint Web Security is a cloud-driven web security gateway with URL filtering, data loss prevention, and advanced malware detection (AMD). To detect threats, Forcepoint Web Security uses the Advanced Classification Engine (ACE), which has over 10,000 analytics, machine learning, and behavioral baselines.
The AMD feature is Forcepoint Web Security’s main line of defense against malware. AMD uses cloud sandboxing to contain malware outbreaks and minimize disruption to your network. Sandboxing makes it easier to remediate risk factors and return to normal operations.
The solution also has a 100% accuracy at detecting attacks through fingerprinting meaning it is equipped against less obvious threats. In the event, an attack does get through or a disaster takes place, Forcepoint Web Security has data loss prevention to protect your data. You can effectively manage data loss prevention policies through one centralized console.
The license system is highly scalable so that you can increase your needs at any time. However, you need to contact the company directly for a quote. Alternatively, you can schedule a demo.
FortiProxy is Fortinet’s dedicated Secure Web Gateway solution. FortiProxy offers antivirus, web filtering, a DNS filter, application controls, intrusion prevention systems, data leak prevention, content analysis, traffic shaping, caching, ICAP Client/Server integration, and VPN-access. It integrates into Fortinet’s Security Fabric to leverage sandboxing, zero-trust isolated web browsing and central logging & reporting.
The Secure Web Gateway can deep-inspect SSL (hardware accelerated) and SSH traffic to reveal hidden threats. The L2/L3 deployment options are versatile for both transparent and explicit modes for Active/Passive clusters for fail-over and Active/Active clusters (scalable to a maximum of 8) with the option for single cache-collaboration storage.
FortiGuard Labs supports FortiGuard Threat Intelligence and there are over 200 researchers in 31 countries dedicated to discovering new threats. For example, over 150,000 websites are blocked every minute by the FortiGuard web filtering service. There is even the potential to blacklist or whitelist particular websites.
Authenticated web application control enables the user to set access policies to restrict user access. For example, the user can restrict access to social websites by user or group. The tool offers support for 3000 apps. Similarly, there is data loss prevention to stop sensitive files falling into the wrong hands (these files can also be watermarked or fingerprinted).
FortiProxy aims at a high-end market and is purpose-built to support mid-sized and large companies. Its impressive 18Gbps in a single appliance provides protection against advanced threats without impairing network performance. To view a price for Fortinet you can request a quote from the company directly. You can also request a demo.
Barracuda Web Security Gateway is a web filtering tool for companies that want to block malware and viruses. The software can inspect SSL-encrypted traffic and remotely filter content on the internet. Barracuda Web Security Gateway uses threat intelligence, antivirus, and anti-spyware to cover a range of online threats.
For example, Barracuda Advanced Threat Protection (ATP) checks incoming files against a cryptographic hash database and blocks any content with malicious activity. Any files that don’t match are sent to a virtual sandbox where they can be verified at no risk to the wider network.
The platform also offers dashboards where you can not only monitor threats but also monitor user activity. There is also an alert feature so you receive notifications when a security event is kicking off. For post-event follow up there is a reporting feature that you can use to review the aftermath.
There are several versions of Barracuda Web Security Gateway to choose from including 210, 310, 410, 610, 810, 910, and 1010. Versions range from 150-250 Mbps throughput and 300-800 concurrent users to 3,000-5,000 Mbps and 15,000-25,000 concurrent users. You need to contact the company directly for pricing information. You can request a free trial version.
Censornet Web Security is a web security cloud service that filters online content. The software blocks offensive content, illegal content, malware, and inappropriate images from being downloaded. The Image Content Analysis (ICA) add-on uses AI and deep learning to identify offensive, extremist, or adult images automatically with minimal false positives.
Advanced anti-malware and threat intelligence address more complex threats. In addition, encrypted SSL / TLS traffic can also be processed giving protection against more complex threats. Censornet Web Security has an average response time of 35 ms meaning the end-user experience is highly responsive for employees.
To control security throughout the network, Censornet Web Security has Guest and Captive portals. The user can create policies and apply them to individual devices in the network. Policies can block or allow users to access particular devices by category, group, or keyword.
Censornet Web Security is a viable tool for organizations that want to protect employees from interacting with problematic and malicious content. To view pricing information you will have to contact the company directly. You can arrange a free trial.
McAfee Web Gateway is one of the most recognized web filtering solutions known for its strong anti-malware features. McAfee Web Gateway can inspect HTTP, HTTPS, and SSL traffic to identify malicious code. In other words, the tool can detect threats hidden beneath the surface of online content.
The antivirus protection of McAfee Web Gateway is also strong. McAfee Global Threat Intelligence (GTI) can look up the reputation of files and identify viruses. McAfee GTI creates a catalog of online websites, emails, and IP addresses and assigns a reputation score to distinguish entities with the highest risk.
To stop important data being leaked from the network, McAfee Web Gateway has data loss prevention. Data loss prevention scans outward bound traffic to protect against the loss of business assets. Similarly, data stored in the cloud is protected by encryption to prevent unauthorized access.
McAfee Web Gateway is an excellent tool for environments that use other McAfee solutions due to its integration capabilities. The software can integrate with McAfee Endpoint Security, McAfee Advanced Threat Defense, and McAfee Threat Intelligence Exchange. You can request a free trial version.
Sophos Web Gateway is an advanced web gateway product. The tool detects zero-day threats and can read HTTP / HTTPS traffic. To detect advanced threats, the program has SophosLabs Threat Intelligence, a team of threat researchers who identify the latest malware threats. There are also features like behavioral analysis to detect malicious behavior and block it.
Unlike many other web gateways, Sophos Web Gateway has a detailed dashboard function. From the dashboard, you can monitor incoming and outgoing traffic, alongside other performance data. The dashboard gives you a top-down perspective of security events when they occur. For example, you can view graphs on Web Application Usage and Top Web Application Users to see if there are any performance issues you need to address.
You can even create your own security policies in the platform. You have a range of options such as blocking inappropriate content, implementing a bandwidth quota, and setting applications to allow or block. To help with event management there are also over 100 different report templates to help you document security events in detail.
The advanced threat detection capabilities and ease of use make Sophos Web Gateway a product that meshes nicely in most companies. To get the pricing information for Sophos Web Gateway you will have to contact the company directly. You can start the 30-day free trial.
Top web security gateways can inspect encrypted traffic
Staying safe online isn’t a question of setting an antivirus solution and hoping for the best. Sophisticated threats are cropping up all over the place; particularly in online traffic. If your employees are connecting to cloud services or applications a web security gateway is vital for finding threats inside encrypted traffic.
A web security gateway should be a mainstay in any enterprise’s cybersecurity strategy. Content filtering can go a long way towards automating away many risks that employees face online.