The Internet is an essential tool for employees to effectively do their jobs. This gateway to endless knowledge (and cat videos) also constitutes an infinite attack surface, exposing organizations to malware and other malicious threats.
Protecting users from the perils of the Internet is a critical step towards keeping the corporate network safe from ransomware and other types of Internet-borne attacks.
The most effective and commonly used Internet security solution is Secure Web Gateway (SWG). Existing SWG implementations, however, have drawbacks that can impact an organization’s security posture and network performance.
Current SWG solutions come in two form-factors, on-prem appliances or cloud-based services.
On-prem SWG appliances require deployment and maintenance at each office location, creating significant operational effort and cost. They also require backhauling of remote user traffic through a physical office location, and only then forwarded to the destination website. This so-called “trombone effect” adds latency, which impacts user experience, negatively affects productivity, and creates unnecessary congestion at the office network–also potentially impacting network performance.
Cloud-based SWG solutions solve the above issues, but require all traffic to be routed through the cloud service. This often causes performance issues for certain high demand applications and requires organizations to bypass the cloud service and send traffic directly to the Internet, leaving users unprotected. Cloud-based SWGs also typically require decryption of SSL/TLS traffic (SSL Inspection). But since the location and security level of the cloud provider isn’t always known, this creates a potential attack vector and compliance concern.
Both on-prem and cloud SWGs suffer from significant shortcomings, which can put your organization at risk and negatively impact performance and user productivity.
It’s time for a better way to deploy SWG.
A new and revolutionary SWG deployment model is Hybrid SWG. It consists of a device-based SWG agent that works in concert with a cloud-based SWG.
The device-based SWG deploys as an agent on employee devices. As such, it protects users where they are – home, office, or on the road. It also protects users even when they’re not connected to the corporate network or when accessing bypassed web services (split tunneling).
The cloud-based SWG, meanwhile, protects all traffic passing through the corporate network allowing IT teams to apply an additional layer of access control to connected users. It is a completely cloud-based SaaS solution which requires no deployment or maintenance.
Hybrid SWG combines the advantages of cloud-based and on-prem SWGs while solving their drawbacks.
Hybrid SWG is a novel offering from Perimeter 81 which solves the greatest and most urgent pain points IT teams experience with existing SWG solutions, and adds new and unique capabilities.
Perimeter 81’s Hybrid SWG advantages:
Perimeter 81’s Hybrid SWG eliminates all the major drawbacks traditional cloud SWGs and on-prem appliance SWGs suffer from, and enables organizations to benefit from a higher level of security, improved compliance, better performance and simplified operations.