Are you safe from hackers or other malicious attacks? Tips for better protection, never lose your Secure Web Gateway again.
Never Lose Your Secure Web Gateway Again
Secure Web Gateway (SWG) is an application you can install on a laptop or any network devices. You can integrate Microsoft Windows 10 from its several features that provide added security for your computer. One of these features is encryption.
BitLocker Encryption
BitLocker is an encryption feature in Windows 10 that allows you to encrypt entire volumes. This includes the operating system volume, as well as fixed and removable data drives. BitLocker supports the following drive types: basic, dynamic, GPT, and encrypted drives.
These drives you can format with the NTFS file system. To use BitLocker in Windows 10, the computer must have a TPM version 1.2 or 2.0. You can check the TPM version by using the TPM Management console snap-in.
A computer without a compatible TPM will not be able to use BitLocker. You can also check for TPM support by running the Get-TPM cmdlet in Windows PowerShell. If you have your SWG on an encrypted volume, you will never lose course the SWG itself is not encrypted, but the disk containing your SWG is encrypted. So nobody can access it without your encryption key even if they steal the disk. This is how it works:
1. The SWG is stored in the My Documents folder on my laptop and it is located on an encrypted volume. My Documents folder is also encrypted using EFS and there is a recovery key stored somewhere safe offline. You can encrypt a laptop this way: run DiskPart, and create a GPT partition with 100MB of unformatted space at the end of the disk.
This format into NTFS, install windows 10, and encrypt all volumes (even C:\). Always use EFS to protect your SWG from unauthorized access if you store them on a local drive! It does not recommend storing SWGs on network shares when connected to public networks like airports or coffee shops etc – too many security issues for me!
2. When you open my web browser and go to Google, the computer sends an HTTPS request to google over port 443.
3. The request goes to my ISP’s firewall/gateway which decrypts/scans/modifies as needed and then forwards everything including my request over port 80 or 443 to Google’s proxy.
4. Google’s proxy forwards my request to Google, then (hopefully) Google sends me back a response over port 80 or 443.
Application Control Firewall
Application Control Firewall is a new feature that enables you to control and monitor the use of applications. You can define a set of rules for the use of applications and block any application that does not comply with the rules. These rules, based on a hash algorithm, are applied to executable files, DLLs, and scripts.
Application Control Firewall can be configured using Group Policy or by using Windows PowerShell cmdlets. You can also use AppLocker to configure these rules. Web application Firewall is a feature of Application Control Firewall (called AppFW) that allows you to create rules for applications that are downloaded from the Internet.