To protect your network against threats arising from the web, Secure Web Gateway enforces a web policy, which is implemented during the initial setup. You can configure this policy, later on, to adapt it to your requirements.
When performing this configuration, you are dealing with different fields of web security that your policy should cover. You can also make the filtering process suitable for cloud use.
Web policy — A web policy is made up of rules, which are grouped in rule sets on Secure Web Gateway.
When a situation arises where a rule applies, it performs an action to handle this situation. The situation can be an immediate threat, for example, a virus in a file that a user who works within your network attempts to download. In this case, the rule would block the attempt.
Other situations might be that a user requests access to an online shopping site during work hours or tries to download a very large streaming file. Both activities could be blocked by suitable rules.
You can modify all rules in the rule sets on Secure Web Gateway to let them perform the actions that you consider appropriate.
When a rule performs an action, the user who requested web access can be informed about this action by a message. For example, the user can be told that a request was blocked because a file that was requested for downloading is malware-infected.
For more information, see Configure a Web Policy and Default Rule Set System.
Fields of web security — The rules of your web policy are grouped in rule sets that cover different fields of web security.
After the initial setup, default rule sets provide filtering functions to cover these fields:
Anti-malware filtering — Protects your network against viruses and other malware
URL filtering — Protects your network against threats caused by users accessing inappropriate websites
Media type filtering — Protects your network against troubles arising from use of large or complex media
Requests to access web objects, such as hosts and clients, that you consider safe and responses sent by them can be exempted from the filtering
process using the default Global Whitelist rule set.
More rule sets can be enabled or imported from the built-in or an online library to cover other fields of web security, for example, the HTTPS
Scanning and Application Control rule sets.
You can also ensure web security by imposing restrictions on users with the Authentication rule set and the rule sets for usage quotas.
Filtering process — The filtering process that runs on Secure Web Gateway uses the implemented rules to ensure web security for your network.
The process blocks attempts to access the web that do not comply with your web security policy and allows those that are compliant. It is performed in different cycles:
Request cycle — Filters requests for web access submitted by users from your network
Response cycle — Filters responses to requests sent by web servers to your network
Embedded object cycle — Filters embedded objects, for example, files or archives, sent embedded in requests or responses
Only one filtering cycle is going on at a particular point in time on Secure Web Gateway.
Cloud use — The rules of your web security policy are applied to the traffic that is created by the web usage of the users of your organization
Unless you configure it differently, however, the rules are only applied to the web usage of those users who access the web from inside your local network. This kind of usage is also known as on-premises, also more shortly referred to as on-prem, use.
You can, however, enable one or more rule sets for cloud use. This means that the rules in these rule sets are also enforced when users of our organization access the web from outside your local network.