Are you using CDome Secure Web Gateway?
Does it replace on-premise UTM/Firewall?
What’s the pros and cons?
hi @libretech
SWG is an HTTP/S Proxy Solution. Works in L6 of OSI model. It protects HTTP and HTTPS based traffic blocking malicious payload including Unknown File Containment, Valkyrie, Content Filtering and File Type Filtering.
UTM on the other hand, works starting from L3 of OSI model. Helps to create MAC/IP or Network based rules including L6 rules in application layer.
Traditional UTMs are in fact statefull FW with additional security features like anti-malware, content filter, IPS, and spam protection in a single package. It also covers Traffic shaping, QoS, VPN, Hotspot Wifi by the help of on-prem hardware.
However as network perimeter is vanishing and cloud enforces convergence of networks, the necessity of on-prem only FW solutions is becoming obsolete. Even SMB’s has workloads in the cloud. So Connecting multiple offices with traditional FW solutions become inefficient since you have tı move data back-and forward the prem and the cloud. Soon UTMs will be replaced by cloud native threat protection solutions and Comodo SWG is providing that.
As you know most of the attack vectors are from the protocols like HTTP/S, DNS and by offloading the inspection of such traffic on the cloud, SWG’s are providing much more powerful inspection over proxied traffic , providing SSL Inspection and signature/signatureless analysis gives you better active breach protection considering limited hardware resources on prem. It solves the scability problem completely. Comodo SWG also provides directing the traffic to the closest cloud PoP to eliminate the latency. Recently we have also introduced our intelligent agent where it gives you user-based resolution over accessing web resources, limiting them by policies and also eliminating security threats like browser exploits etc.
If you still need local FW with traffic shaping, wifi or WAN management, we are partnering with SD-WAN (https://www.sdxcentral.com/networkin…fined-sdn-wan/) technology providers where you can have very small footprint on-prem devices on branches and it automatically offloads the necessary traffic to Comodo SWG to in-depth analysis. Basically you dont have to spend your money on hardware but go with SaaS offering.
In the meantime, we are investing a lot on our Shield product. https://cdome.comodo.com/dns-internet-security.php, and merging the technologies on SWG into it. We are direct competitor of Cisco Umbrella (OpenDNS before), with our PoPs over the world (You can see it as NuSEC now https://www.dnsperf.com/#!dns-resolvers,Americas). Shield covers all security functionality of SWG (even user based visibility by its agents) where we will be releasing our patent-pending technology secure cloud browser over DNS filtering. We are categorizing the web as we are doing with the executables into safe, malicious and unknowns and even just setting the DNS resolution to us, we can block the malicious traffic and direct the unknown domains/web sites to our cloud proxies.
Our new solution not only does proxy but also runs cloud browser to render the unknown website, stream back to your browser. So that covers Internet access isolation of critical assets and users from unknown/uncategorized web sites and threats. This is one of the most unique solutions in boundary threat prevention technology area.
Excellent information guys Comodo’s SWG sounds pretty good I will check it out. Would be good to see if SWG AEP along with ASG all tie in together. I believe this all is to come with the new Dragon platform.
Shield product is the future…its hands free and does almost everything for you…
yes all will be integrated into Dragon Platform, initially EDR and AEP then Shield will be next
SWG and ASG will integrate later also I’m assuming or will they both be consolidated under the Shield?