What is Symantec secure web gateway? In what ways can you use this within your organization? Let us explore below.
What Is Symantec Secure Web Gateway?
Symantec secure web gateway (SWG) is a web security appliance that is used for securing web traffic. It is a high-performance, highly scalable gateway appliance. Symantec SWG is designed to protect against web-based threats and unwanted access to your organization’s network.
Moreover, it can be used by organizations in multiple ways and it is usually used on a network gateway. This is to protect the internal network from unwanted traffic while allowing valid traffic to enter the network.
Further, this is deployed in front of the firewall (which may be a hardware firewall or software firewall) on your network. The firewall and other security software are deployed behind the Symantec SWG appliance. This is for protecting your organization’s internal network from external threats.
The main reason for deploying this SWG behind the firewall is that it can operate in proxy mode or gateway mode. But it cannot operate in both of these modes at the same time. If you deploy Symantec SWG in proxy mode, then you will need a separate load balancer to handle requests from users. And then send them to Symantec SWG.
So, if you use it in gateway mode, then you need to send all requests from user workstations directly to SWG. And then there will be no need for any load balancer.
Using Symantec Secure Web Gateway In Proxy Mode
Symantec’s secure web gateway can be deployed in proxy mode when the firewall is deployed behind this appliance. This approach works well when you want centralized administration of the security policies. These are enforced by both the firewall and the Symantec SWG appliance.
In this approach, all incoming requests are first sent to SWG over HTTPS. And then passed on to the firewall for further filtering as appropriate. This approach works well as long as there are not too many users accessing your network from outside. Because loading all these requests onto SWG can slow down its performance drastically.
So, to avoid such problems, it is better if you deploy a load balancer in front of SWG. So that each incoming request is sent only to one of these two devices for filtering before sending it out again over HTTPS towards the destination server.
You can also use WCCP (Web Cache Communication Protocol) if you have multiple devices deployed in front of the firewall. This will help you to balance the load among these multiple devices.
This approach is best when you have a large number of users accessing your network from outside. And there are also huge amounts of traffic flowing into the network from outside. Then you can use SWG as a gateway device instead of using proxy mode.
Conclusion
As you can see, using Symantec’s secure web gateway in proxy mode is not a good idea as it can slow down the performance of your network. This is because all requests are sent to SWG to be filtered and then sent out again.