Resources > Security Terms Glossary > What is a Secure Web Gateway?

What is a Secure Web Gateway?

What is a secure web gateway?

A secure web gateway is a security solution that prevents unsecured internet traffic from entering an internal network of an organization. It is used by enterprises to protect their employees and users from accessing and being infected by malicious web traffic, websites with vulnerabilities, internet-borne viruses, malware, and other cyberthreats. It also ensures the implementation and compliance of the organization's regulatory policy.

According to Gartner, a secure web gateway must, at a minimum, include URL filtering, malicious-code detection and filtering, and application controls for popular cloud applications, such as instant messaging (IM) and Skype. Native or integrated data loss prevention is also included. More recently, Gartner has identified CASB as a critical component of a security architecture that is increasingly based on the secure access service edge (SASE) framework.

A business imperative

Secure web gateways (SWGs) are necessary because the days of employees accessing data and applications solely through the corporate data center are over. That’s because employees are no longer bound to the corporate headquarters. They are working in branch offices, at home, or at just about any other location. These mobile employees need to access their work applications from their laptop, smartphone, or other endpoint device, and those apps they're accessing are now in the cloud instead of the data center. But traditional network security controls are unable to adequately secure the new cloud and mobile world.

Organizations that rely on a traditional network security infrastructure to secure internet-bound traffic must backhaul traffic over expensive MPLS links back to the secure web gateway in the data center. This slows the flow of traffic, resulting in frustrated and less-productive employees. Legacy secure web gateways were not built for the world of mobility and the cloud.

Furthermore, legacy security can’t provide the cybersecurity necessary in today’s cloud-based landscape. Cybercriminals are developing new malicious code and attack methods at a blistering pace. The exorbitant cost and extraordinary time it would take to update these legacy hardware-based appliances make it a practically impossible task for organizations, leaving your network and your employees vulnerable.

Zscaler is a strong choice for large organizations looking for a cloud-based SWG service.

Zscaler is a strong choice for midsize and larger enterprises looking for a cloud-based SWG service.
Gartner Magic Quadrant for Secure Web Gateways, 2019
Zscaler’s security functionality keeps users safe regardless of what network they are on, which was great for us as more and more users are working out of the office across all government departments.
Nav Pillai, Director of digital transformation, Cenitex

Look to the cloud

This new wave of mobile employees, as well as the rapid adoption of SaaS applications, such as Microsoft 365, is propelling organizations to look for cloud-native security solutions built to enable the modern workforce. In addition to intrusion prevention through firewalls, organizations need advanced threat protection, anti-malware, sandboxing, and they need data protection in the form of cloud access security broker (CASB), DLP, and browser isolation services. And they need the ability to inspect all traffic, including SSL.

To achieve the full benefits of the cloud, the security solution must be purpose-built for the cloud and architected following Gartner’s Secure Access Service Edge (SASE) concept. Security solutions that are still on-premises security with added cloud security services are still limited by their appliance-based architectures, particularly for services that require significant compute resources, such as SSL decryption and inspection. Simply moving hardware-based services to the cloud would be like placing thousands of DVD players into a cloud and calling them a Netflix service.

Only a cloud solution enables users to have identical protection and policy enforcement no matter where they connect or where the cloud services they're using are hosted.

web security

    Move to the cloud securely

    Read the eBook
    what is zero trust report icon

    Zscaler Internet Access in Action

    Watch the video
    ZIA Video

    Gartner Magic Quadrant for Secure Web Gateways

    Download the report
    what is zero trust report icon

    Zscaler Web Security

    Learn More
    Zscaler Web Security

    Zscaler Internet Access

    Read the data sheet
    Zscaler Internet Access

    Thanks to Gartner, We're on Cloud 9

    Read the blog
    Thanks to Gartner, We're on Cloud 9

    The benefits of a SASE platform include:

    • Reduce IT cost and complexity Easy to deploy and manage as an automated, cloud-delivered service, enabling digital transformation without the technical debt of the architectures of the past.
    • Deliver a great user experience Security policies are brought close to the user across more than 150 locations to eliminate unnecessary backhaul and provide optimal bandwidth and low latency.
    • Reduce risk All connections are inspected and secured, no matter what user they are coming from, which app is being accessed, or what encryption may be used.

    Zscaler is the magnum opus of my security stack.

    Brad Moldenhauer, Director of Information Security, Steptoe & Johnson LLP

    Follow the leader

    Zscaler has been positioned as a Leader in the Gartner Magic Quadrant for Secure Web Gateways for 10 consecutive years. And, in the 2020 Magic Quadrant, Zscaler was the ONLY Leader.


    See the difference for yourself

    Still using appliances for your secure web gateway? Could your company be safer with cloud-based secure web gateway? Take this security preview test to find out how well your company is protected against ransomware, phishing, and other threats. The test is safe, free, and informative.