Essential Guide

Browse Sections


This content is part of the Essential Guide: Secure Web gateways, from evaluation to sealed deal
Get started Bring yourself up to speed with our introductory content.

Secure Web gateway evaluation: Ten questions enterprises must ask

The benefits of a secure Web gateway are aplenty, but is the technology a fit for your enterprise? Answer these questions to decide.

Once an enterprise understands the benefits and pitfalls of a secure Web gateway appliance, it must evaluate whether...

the technology is a good fit for its environment.

Below are 10 questions that any enterprise should ask itself to help determine if a secure Web gateway (SWG) would be beneficial, as well as a comprehensive list of SWG vendors to consider during its search.

Questions to ask

1. What threats are we worried about? Have we performed a risk assessment? Note that you will need to prioritize features based upon the most pressing issues that need to be addressed.

2. Do we have the expertise in-house to deploy and manage a product? Do we need deployment assistance to "get over the hump," or is it more cost-effective to engage a managed service provider?

3. Does our business produce highly advanced intellectual property? Do we need inbound and outbound content inspection?

4. Are we worried about spear phishing and other targeted attacks? Companies that are targets of foreign nations or need to worry about advanced persistent threats will need to focus on these types of attacks.

5. Does our organization prefer hardware appliances? Software? Is a software as a service-based service more appealing?

6. Are we only interested in keeping users from hostile sites or are we worried about lowered productivity from social applications? These two features highlight the top differences between controlling the user versus controlling the applications.

SearchSecurity Reader's Choice Award Winners

Best of Web security 2013

Best of Web security 2012

Best Web security products of 2011

Best Web security gateway products of 2010

Best Web security gateway products of 2009

7. Are we looking for a product because we are dissatisfied with what we have? Is our current product lagging in performance or functionality? Remember that rip-and-replace requires more effort and preparation than augmentation.

8. Do we need to monitor encrypted traffic and incur its associated overhead and possible performance degradation? Note that this feature requires special deployments and performance analysis.

9. Are we trying to stop internal activities that reduce productivity -- e.g., spam, social media, streaming media -- or are we more focused on keeping attackers out of our network -- e.g., antimalware, phishing?

10. How do we secure remote users, VPNs and mobile devices? How do we provide remote account and mobile services?

Vendors at a glance

About the author:
Adrian Lane is CTO of Phoenix-based analyst firm Securosis. Adrian specializes in database security, data security and software development. He is a former executive at security and software companies such as Ingres, Oracle, Unisys and IPLocks, and is a frequent presenter at industry events. Adrian is a graduate of the University of California at Berkeley with post-graduate work in operating systems at Stanford University. Reach Adrian via email at

This was last published in July 2014

Dig Deeper on Application firewall security

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

Which SWG vendor would your organization recommend and why?