Intrusion Defense School

Choosing a Web security gateway

The Web has become a top threat vector, and organizations must respond by ramping up their gateway protections. Web security gateways, which provide integrated URL filtering, antimalware protection and application controls, are becoming a popular choice, but how does a company choose which product is the best fit for their needs? In this Security School lesson, you'll learn about the different features available in Web security gateways, key product selection considerations and how to ensure the deployment is successful.

About the expert: Michael Cobb, CISSP-ISSAP, is the founder and managing director of Cobweb Applications Ltd., a UK-based application security consultancy.

In this part:

Webcast: An introduction to Web security gateways

Fighting Web-based malware has become a 24x7 battle. The continuous theft of information, security breaches and data loss incidents initiated by this type of malware are forcing organizations to ramp up their defenses. Web security gateways are seen as a network's best layer of defense against this type of threat. Many provide real-time analysis of web pages and scripts, point-of-click protection and integrated data loss prevention. Marketing hype however can make it difficult to understand how they actually work and decide which features you really need. This webcast offers a primer on the basics of Web security gateways, including:

  • How Web security gateways work;
  • Which features are essential;
  • How effective certain features are;
  • How a WSG can improve your overall information security.
Learn how to identify and understand the key features to look for when choosing a Web security gateway product.

Technical tip: Web security gateway implementation best practices

A Web security gateway (WSG) can greatly improve your overall security but it is not a "deploy and forget" technology. How a WSG is deployed, configured, and maintained can greatly affect the level of security it delivers. It needs to work in unison with other security devices, while employees need to appreciate and respect the protection it provides. This technical article will show you how to maximize your investment in a WSG by:

  • Choosing the appropriate deployment strategy;
  • Integrating a WSG with other endpoint security products;
  • Mapping acceptable use and compliance policies to rule set;
  • Counterbalancing policy enforcement with productivity;
  • Developing a procedure for reviewing and investigating alerts and improving rule sets;
  • Educating users about the monitoring and protection a WSG provides.
Bringing this all together into a comprehensive framework for managing your WSG is the key to successfully protecting your company's information and employees.

Podcast: What a Web security gateway can and can't do

Despite what many IT security vendors may say, there's no silver bullet when it comes to protecting an enterprise's information. This podcast will look at what a Web security gateway can and can't do, and the role they play in an IT security program. Learn what's fact and what's fiction before you buy. Listeners will be able to better appreciate the benefits of certain gateway features and how effective they really are.

Quiz: Choosing a Web security gateway

Check you're up to speed and ready to choose and deploy a Web security gateway. This five-question quiz will test you on the key points we've covered in the webcast, podcast and article in this Security School.

take the quiz

Back to top