Secure Web Gateway Solution. A web gateway is a software application that allows you to access websites securely.
The main purpose of a web gateway is to encrypt data before sending it over the Internet. This ensures that no third party can intercept your information.
There are several reasons why web gateways don’t work. In this article, we’ll go through some of the common problems and explain why they happen.
1) The certificate is not trusted
The first step when building a secure connection is by obtaining a certificate. Let’s assume you have one, but the user doesn’t. How can they install it? If the certificate is not preinstalled, they will have to download it and install it manually. Unfortunately, many users don’t know how to do this. And even if they do, they may not do it if there are other barriers in their way.
2) The user clicks the wrong link
A user goes to your website and attempts to connect using HTTPS. But the link he clicks does not have “https://” in it. Many browsers will automatically navigate to an HTTPS version of the site if there is one. But some browsers don’t, or will show you an error message like “this page cannot be displayed.” Or “this page is not available in your country” instead.
The user is then left with no choice but to continue on an insecure connection. If he wants to connect at all. This is one of the reasons why Google Chrome shows a lock in the address bar. Even for HTTP sites that are using SSL certificates.
3) The certificate is expired
A certificate has an expiration date and it must be renewed before that date arrives. Or else everything breaks down and your users are unable to access anything on your website. One solution would be the automatic renewal of certificates (if you can afford it). But that’s not always possible and even if it was, users may not renew them after their expiration date passes (see problem #4 below).
4) The certificate has been revoked
Although certificates have expiration dates, sometimes things go wrong and you need to revoke a certificate before its expiration date arrives (e.g., when a malicious actor has obtained it).
However, this revocation process takes time and most users won’t bother checking whether their certificates have been revoked or not (see problem #1 above), which means they will still try to use them.
Eventually, they’ll get an error message like “this page cannot be displayed” or “this page is not available in your country” instead of their content and they’ll quickly move on – but now they’re worried about security because their browser showed them an error.
The solution: Use a single gateway with multiple domains in it
As you can see, there are many reasons why web gateway solutions don’t work out for end users. The reason for this is that most of the time, web gateways don’t consist of a single, unified gateway. Instead, they consist of several different gateways.
This can be done for several reasons: to comply with regulation requirements (e.g., when communicating with external parties), to serve different types of content, or just because a company has not thought about how to solve all the above-mentioned problems together.
One thing is for sure: if you have different gateways for different parts of your organization and/or websites, then you’re not using a single, unified gateway – and that’s going to cause users problems.
The solution is actually very simple: design a single gateway that will manage all your sites and services and use one certificate for all of them. If you have more than one domain name, you can put them all into one certificate (or even better – use wildcard certificates).