Warm greetings from MONITORAPP!
Many organizations have already been using on-premise solutions to ensure safe and healthy Internet access for their employees. However, as many companies have adopted various new work environments such as working from home or flexible work after the pandemic, the use of business applications and data in a cloud environment has also become more essential. Additionally, as the use of SaaS applications increases, security solutions in cloud environments are no longer optional but have become a necessity.
In response to this situation, Gartner introduced the definition of ‘Secure Access Service Edge (SASE)’ in 2019, which is basically a cloud-based platform that provides networking and security services in the cloud in one integrated form. However, at the time, there were few vendors that fully supported SASE, they mainly focused on the concept of a solution that handles services in the security area, excluding network services such as SD-WAN, WAN optimization, SaaS acceleration, etc. In 2021, Gartner introduced the concept of ‘Security Service Edge (SSE)’.
SSE is an integrated security service based on edge computing that ensures secure access to the web, SaaS applications, and private applications. Specifically, according to Gartner, SSE should include at least SWG (Secure Web Gateway), CASB (Cloud Access Security Broker), and ZTNA (Zero Trust Network Access). Additionally, features such as FWaaS (Firewall as a Service), DLP (Data Loss Prevention), and WAF (Web Application Firewall) can be added later.
A work environment without the Internet is unimaginable as we spend most of the day using the Internet. Although we receive countless information and benefits from the Internet, information sent and received over the Internet is not always secure. As we can easily access a site without knowing who created it and for what purpose, we are also exposed to potential cyber threats. Imagine if your workplace computer is infected with malicious code, not only will your company’s sensitive information be leaked, but your company’s network will also be significantly affected.
What service should a company choose to prevent this situation while ensure a safe and healthy Internet usage environment for its employees?
SSE Platform is the answer!
In line with this market trend, MONITORAPP launched the SSE (Security Service Edge) and SIA (Secure Internet Access) platform through the dependent brand – AIONCLOUD - our cloud-based SECaaS platform.
We will explain the main functions of 'SIA' - AIONCLOUD's SSE platform - along with some situations that you might often encounter.
SIA is a Zero-Trust based security solution including 'SWG', 'CASB', 'FWaaS', and 'NG DPI'. Among these functions, ‘SWG’ is the main topic we would like to spend time talking about today.
SWG(Secure Web Gateway)
SWG inspects all traffic heading to the web and prevents unauthorized traffic from accessing the company's network. Key features include ‘URL Filtering’, ‘Malicious Content Scanning’, ‘Anti-Virus’, ‘Web Access Control’, and ‘SSL/TLS Visibility’. There are numerous other functions that lie within these functions, but today we would like to explain two functions included in 'URL filtering'.
The 'URL filtering' function is largely divided into two types. By controlling access to websites classified into specific categories, and by protecting users from websites containing elaborately crafted malicious content such as malware and phishing attacks, this function prevents corporate data loss and protects users.
'URL filtering' in SIA refers to these as 'HTTP Category' and 'Block access risky websites'.
First, 'HTTP Category' is a function that classifies commonly encountered websites into about 100 categories and blocks access to specific categories.
Among these, the 'Block access risky websites' function allows you to classify and block categories that are determined to be dangerous websites.
If you want to prevent employees from accessing non-work sites during work hours due to productivity issues or other reasons, you can use SIA's 'HTTP Category' function.
For example,
"sales team employees working in the U.S Pacific time zone and subject to the 9 to 6 work schedule are prohibited from visiting non-work sites (ads and pop-ups, alcohol and cigarettes, criminal activity, gambling, games, illegal drugs, nudity, obscenity, violence, weapons, hacking, illegal software, and depictions of child abuse etc.) during work hours"
If you want to create this policy, you can set it up very simply as shown below.
You can control access by selecting 'HTTP
Category' as the 'condition' target in Security > Policy > Policy Creation, and selecting specific categories or excluding specific categories from all categories.
Of course, you can also set the policy on the desired day and time by specifying the user, specific department, and time zone to apply to each. The schedule function can be applied equally to workers at overseas branches or on business trips.
Let’s take another example. Most of us must have experienced a situation where not only our desired website opens, but also a malicious website also pops up (a random advertising site or sites that appear to be harmful). If you experience this while using your work PC, you may be especially worried about valuable data stored on your PC. To prevent this situation in advance, try using the 'Block access risky websites' function to prevent being connected to unnecessary sites when using the Internet. This way, you can enjoy a safe and secure Internet environment!
It's also very easy to use.
In Security > Policy > Create Policy, select the user or user group to apply and select 'Block access risky websites' as the 'Condition' target. By simply setting and activating the policy like this, you can prevent all users using SIA from accessing malicious websites as SIA will first recognize and block unintentional access to malicious websites. That’s all we have for you today! In the next post, we will introduce other features of SIA. Thank you very much!!