Do you need protection against malware and viruses? Myth debunks about Secure Web Gateway: What A Mistake!
Secure Web Gateway: What A Mistake!
Network Protection and Monitoring is a vital part of any Information Security Management System (ISMS) for protecting your business from cyber-attacks. How to protect your business from cyber-attacks?
This post was about how to protect your business from cyber-attacks. Also, the importance of having a good security program inside the company.
Web Application Proxy Implementation
Here are some of the easy ways to implement this security program, using ManageEngine’s products:
NetFlow Analyzer
Tool to monitor your network traffic in real-time and extract valuable information such as source IP, destination IP, source port, destination port, and protocol used. This information can help the Security Department to identify suspicious activity or misuse of your network.
NOC Tools
With NOC Tools you can monitor your network devices and manage them from a central location. You can also trigger events on NetFlow Analyzer so that when an issue occurs, you will receive an alert via email or SMS message.
Network Configuration Manager
This is a powerful tool that allows you to manage all the devices in your network from one central location. With this tool, you can automate repetitive tasks, and securely manage configurations for multiple devices simultaneously. Also, you can deploy configuration changes across multiple devices instantly.
SWG Architecture
In this post, I would like to share some myths about Secure Web Gateway (SWG). Secure Web Gateway (SWG) is commonly believed to be a silver bullet solution that will help you secure your web applications. This is against threats such as SQL Injection, Cross-site Scripting (XSS), etc.
SWG sits between your users and applications. It filters traffic before it reaches Internet-facing web servers or applications that are hosted inside your company’s perimeter (DMZ). SWG acts as a reverse proxy thus it sits in front of your web servers and intercepts all traffic before they are served.
SWG is capable of detecting and blocking malicious requests such as SQL Injection, Cross-site Scripting, etc. Also, it has a set of rules by which it can perform traffic redirection to a webpage hosted inside your company’s perimeter or it can block the request completely.
The first rule is typically the default configuration that allows all connections to go through to the web server or application. This allows you to develop your web application by using any technology you want. This includes .NET, Java, PHP, Python, IIS, Apache, etc, and hosting it on any OS, Linux/Windows/VMware, etc.
The second rule redirects all traffic from HTTP port 80 to HTTPS port 443 (secure connection). So, you can serve all your web applications over a secure connection only. The third rule redirects all traffic from HTTP source IP address 192.168.1.1 to HTTPS port 443.
So that everybody inside the company uses a secure connection while accessing all applications hosted on the web server behind the SWG gateway. The fourth rule redirects all traffic from HTTPS source IP address 192.168.1.1 back to HTTP port 80 (HTTP protocol). So that everybody inside the company uses HTTP while accessing all applications hosted on the web server behind the SWG gateway.