Configuring policy rules is one of your main activities when working as a Secure Web Gateway administrator.
To protect your network against threats arising from the web, Secure Web Gateway enforces a web security policy, which is implemented during the initial setup. You can configure this policy later on to meet the requirements of your network.
A policy consists of rules, which are grouped in rule sets. Each rule set usually covers a particular field of web security, implementing filtering functions to protect your network.
After the initial setup, default rule sets provide these filtering functions:
- Anti-malware filtering — Protects your network against viruses and other malware.
- URL filtering — Protects your network against threats caused by accessing inappropriate URLs.
- Media type filtering — Protects your network against troubles arising from usage of complex media.
You can exempt web objects, such as hosts and clients, that you consider safe from filtering to make sure they are accessible, using the default rule set for Global Whitelisting.
Some functions that support web filtering, for example, web caching and file opening, are also provided by default rule sets.
More rule sets, which do not run by default on Secure Web Gateway, can immediately be enabled or imported from the built-in or an online library. These rule sets cover other kinds of web filtering or support it. They include, for example:
- HTTPS scanning — Protects your network by scanning web traffic going on over SSL-secured connections.
To enhance web security, private keys for certificates used in secure communication can be stored on a Hardware Security Module.
- Application control — Protects your network against threads arising from usage of various applications.
Policy rules can also improve web security not by filtering web objects, but in other ways, for example, by imposing restrictions on users. These include:
- Authentication — Protects your network by asking users to authenticate when they request web access.
- Usage quotas — Protects your network by imposing quotas for web usage.
Rule sets for these fields of web security and others can be imported from the libraries.
Lists and modules for rules
Rules consist of several elements, which you can configure, including:
- Lists — Support rules by listing objects that are relevant for web security, for example, URLs or media types.
- Modules — Support rules by handling filtering activities, for example, the Anti-Malware module, which calls engines that scan web objects for infections by viruses and other malware. These modules are also known as engines themselves.
You can configure particular settings for each module.
The rules of your web security policy are applied to the traffic that is created when the users of your organization access and use the web.
Unless you configure it differently, however, these rules are only applied to the web usage of those users who access the web from inside your local network. This kind of usage is also known as on-premise use.
You can, however, enable rule sets for cloud use. This means that the rules in these rule sets are also enforced when users of our organization access the web from outside your local network, for example, when traveling or working from home.
Enabling cloud use for the rule sets on Secure Web Gateway is also referred to as the Hybrid Solution. This solution requires that you also run Skyhigh Security Web Security Gateway Service.