What Is an SWG?

Why Do We Need SWG?

The era of accessing data and applications only through data centers has come to an end. Simply protecting data centers is no longer sufficient to meet today's security requirements. There is an urgent need to regulate online behavior. For example:

• It is difficult to manage employees' online behavior, increasing the security risks. Complex traffic composition (where entertainment generates a lot of the traffic) makes it difficult to ensure the traffic of key services.
• Visiting non-work-related websites during working hours reduces work efficiency.
• Employees can browse, publish, and spread illegal content, which affects the company's image or even causes legal risks.
• Employees may upload or publish confidential information to the Internet.
• Employees can email or browse confidential, gambling-related, pornographic, or other socially unacceptable content, which damages the enterprise network.
• When the intranet is congested, employees fail to access work-related websites, affecting workforce productivity.
• In some special industries, real-name authentication and Internet access are required.
• Some enterprises or organizations have security baseline requirements that mandate the storage of audit logs. Additionally, there are some specific guidelines for online and published content to avoid any negative impacts caused by illegal speech, websites, and other content.

What Are the Benefits of SWG?

• Regulated online behavior:

  Detailed audits and database with massive signatures help manage employees' online behavior by, for example, strictly controlling access permissions and prohibiting illegal or non-work-related behavior. In this way, workforce productivity is improved, and a more secure office environment is created.

• Intelligent bandwidth management:

  Key services are preferentially guaranteed, and P2P behavior is restricted to ensure service continuity and stability. Idle bandwidth resources are automatically allocated to improve bandwidth usage. Moreover, user traffic packages are customized, and applicable bandwidth is provided for users whose package traffic exceeds the quota.

• Egress gateway:

  The SWG offers high-performance NAT that ensures resource access for intranet and Internet users. It also provides various multi-egress uplink selection mechanisms to integrate service requirements and enhance service and data reliability. In addition, the SWG provides border security protection to effectively filter out unauthorized access.

• Auditability:

  Browsed information is stored locally. The stored data is in a clear, easy-to-understand format, so administrators can clearly understand the landscape of activities taking place on their company's network.

• Wireless marketing:

  Application access is accelerated and Internet access is improved. Network account statistics are collected and online behavior tracked in real time to create user profiles which can then be used for more precisely targeted marketing.

• Real-name authentication:

  Various and flexible real-name authentication modes are available to meet regulatory requirements, filter out unauthorized anonymous users, and prevent unauthorized users from stealing key data from the network.

What Are the Differences Between the SWG and Firewall?

An SWG and firewall perform similar tasks, but they have the following differences:

• The firewall inspects data packets.
• The SWG inspects applications.
• The SWG sets and executes rules for users.

The firewall inspects the content of incoming packets and compares them with the "signatures" of known threats on the network. Then, the firewall identifies malware in receiving packets and filters it out.

The SWG runs at the application level. It inspects the actual traffic on protocols to detect malicious intent. Enterprises can flexibly set control and audit policies to block or allow connections.

SWG Products

• Huawei firewalls also provide the URL filtering function to control users' URL access requests, thus regulating online behaviors.

  For more information about products, visit Huawei Firewall Product Documentation.