Secure Web Gateways Are The Next-Generation VPN Alternative, Built For A Modern Workforce
Introduction
The seismic shift from on-site workforces to primarily remote workforces due to the pandemic has exacerbated a multitude of inefficiencies and increased risk exposure with how employees work remotely. According to a recent Gartner survey, one-in-four US organizations now plan on moving at least 20% of their on-site employees to permanent remote positions post-pandemic. As the reality of securing the IT environment for a permanently remote workforce sets in, we are seeing expedited demand for Secure Web Gateways (SWGs) to replace traditional VPNs.
Traditional VPNs Don’t Support a Modern Workforce
While the VPN was primarily designed to allow end users to login securely from just about any remote connection, it was not designed to support a massive influx of remote users overnight, provide visibility into user traffic or protect against malware. In fact, most VPNs can only support about 20%-30% of remote access users without experiencing significant performance issues across the entire network which result in sluggish speeds and increasing numbers of dropped connections.
The Next Generation of VPN: Secure Web Gateways
Organizations that support a growing remote workforce need to modernize their infrastructure by moving security into the cloud byway of a Secure Web Gateway, or centralized security control point for all traffic.
Gartner defines a Secure Web Gateway as a solution that filters unwanted software/malware from user-initiated Web/Internet traffic and enforces corporate and regulatory policy compliance. These gateways must, at a minimum, include URL filtering, malicious-code detection and filtering, and application controls for popular Web-based applications, such as Instant Messaging (IM) and Skype. Native or integrated data leak prevention is also increasingly included.
Traffic Visibility
One of the most important features of an SWG is that it offers full network traffic visibility, allowing for in-depth inspection of web and encrypted web traffic to identify and isolate potential threats. The SWG acts as a proxy, or intermediary, between the client and server for SSL decryption, or SSL interception. Which means that It intercepts the inbound connection, terminates it, and then emulates the client to originate a separate outbound connection to a server. Since the SWG has proxied the connection, it can wait to receive and assemble the entire communication. Since proxies are built to decrypt and reassemble encrypted traffic, it effectively eliminates the SSL blindspot. Once the communication has been reassembled, the SWG can either send it along to its destination or pass it to other solutions for further inspection or analysis.
Improved Threat Detection
By using advanced Artificial Intelligence (AI), the SWG is able to detect evasive and emerging threats before they result in a full blown Cyber Attack. Because an SWG has the capability to decrypt, inspect and re-encrypt SSL/TLS traffic, threats and sensitive data cannot evade detection by hiding in encrypted traffic. The SWG extends protection against previously known threats, emerging threat vectors, and even highly specialized Malware which can evade detection by antispyware and antimalware software packages deployed at the endpoints.
Granular Controls
The SWG allows organizations deeply granular control which establishes zero-trust, or ‘least privilege access’, to restrict access to networks, applications, and environment. Granular controls allow network administrators to configure policies and compliance requirements based on either time or content-based access which ensures that users have access to only the resources they need, when they need them.
The legacy VPN architecture simply was not created in a way which allows it to secure today’s modern cloud-based environment that provides ‘anytime, anywhere access’ to both remote and on-site workers. Conversely, the SWG addresses the failings of the legacy VPN as it is designed for a cloud-based environment which offers visibility and consistent controls across endpoints, users, clouds, and networks. While a move towards Secure Web Gateways has steadily progressed in response to the disappearing network perimeter, the global pandemic and resulting work from home trends have expedited demand for a more centralized solution which better aligns with the needs of users.
