Web gateways provide a way to securely connect your company’s internal network to the public Internet. What are secure web gateways?
Secure Web Gateways Overview
Secure Web Gateway is a hardware computer appliance with multiple functions. It provides security, performance, and load balancing. It is used to protect Web servers from different threats and attacks.
The primary function of the Web gateway is to provide security for servers in a network. It does it by filtering out unwanted traffic, hacking attempts, spam, and so forth. Web gateways can be used for several security applications like blocking unwanted Internet traffic.
This includes providing intrusion prevention, DDoS mitigation, load balancing, and other network services protection. Web gateways are used in large networks. Because they provide security to the internetwork as a whole and not just to the servers behind them.
Secure Web Gateway Used
Web gateways can be used to prevent malicious traffic from accessing your network while providing web services to legitimate users. Web gateways are configured in a manner that allows them to inspect data packets. That is before they enter your network or the Web server itself.
This inspection may be made based on IP addresses, port numbers, or application content types (for instance, HTTP or FTP). Web gateways may be configured with security rules. Also, these define what type of traffic must be allowed or blocked at the Web gateway level.
These rules are based on source and destination IP addresses as well as port numbers.
Web Gateways Best Practices
The following points will help you understand how to choose a web gateway. Make sure that the web gateway provides enough throughput for the applications running on your servers. It should be able to handle multiple applications with both standard and high availability configurations.
Find out how many users per second your current load balancer can handle. What if you want to use your current load balancer as a web gateway? Then make sure that it can handle traffic for more users per second than what is currently handled by it.
This will ensure that you don’t end up under-utilizing your load balancer. Check if your current load balancer allows customization of its policy rules. If you can customize its policy rules then use them.
Otherwise request well-defined policy rules from your web gateway vendor.
How Does a Secure Web Gateway Work?
The following steps explain how a Secure Web Gateway works. A client requests data from a server through TCP session establishment. He is using source port “X”.
The source port may vary depending upon application requirements If the TCP session is established successfully then. Now, the data packet is built by encapsulating appropriate upper layer protocol data into the TCP segment. The data packet is forwarded to the destination server through a TCP session.
If TCP session establishment fails for any reason then: The request is discarded by the client. Also, the client tries to re-establish a TCP session with the server. If a TCP session is established successfully then: A data packet comes to the web gateway through a network interface card (NIC).
The data packet is inspected by the web gateway using various methods. These are source IP address, source port number, destination IP address, and destination port number. The data packet is forwarded to the server using the appropriate source port number.