보안 웹 게이트웨이(SWG)

SWG: 인터넷에서 발생한 위협을 엔터프라이즈급 보호로 방어

Gartner 2018 Magic Quadrant 엔터프라이즈 방화벽 부문
구매 가능 지역 :
  • 어플라이언스
  • 가상 머신
  • 클라우드

Secure Web Gateway (SWG) Overview

Secure Sockets Layer (SSL) adoption is on the rise, with  at least 60% of internet sites using it as of January 2018. While this provides confidentiality, it’s also a great place for cybercriminals to hide malware. Industry reports indicate that 41% of malicious traffic leverages encryption. In addition, administrators lose visibility of data leaving the enterprise and can’t enforce data loss policies.

Fortinet firewalls with Gateway Security protects enterprises against web attacks with URL filtering, visibility and control of encrypted web traffic via SSL inspection, and application of granular web application policies. Fortinet is the first and only gateway security vendor to earn Virus Bulletin’s VBWeb certification for web filtering effectiveness.

 

Secure Web Gateway (SWG) News

Security Services Bridge Gaps Caused by Fragmented Network Environments

5/29/2018: Learn how you can deploy effective security services to reap the maximum benefits from your security devices. Read the blog.

 

FortiOS 6.0

2/27/2018:   FortiOS 6.0 introduces more than 200 features designed to help enterprises embrace cloud adoption without compromising on security. Learn more.

 

Threat Landscape

2/16/2018: Find out about the latest threats trends and what they mean to your organization. Highlights this quarter include analysis on cryptojacking, micro-targeted and personalized malware and zero-day threats on black markets. Find out more

 

Secure Web Gateway (SWG) Videos

Demo of FortiGate SWG Use cases

FortiGate SWG protects against web attacks with URL filtering, visibility and control of encrypted web traffic via SSL inspection, and application of granular web application policies. This demo walks through two key use cases: How to enforce Acceptable Use Policy How to block malicious web pages using FortiGuard Web Filtering

지금 보기
Reclaim Your Freedom to Safely Surf the Web
FortiGate Cookbook - Transparent Web Proxy (5.6)
FortiOS 6.0 and Security Fabric Q&A with Michael Xie

Secure Web Gateway (SWG) Product Details

Fortinet Secure Web Gateway defends users from internet-borne threats and helps enterprises enforce policy compliance for internet applications.   

With FortiGate SWG, you can deploy industry-leading Fortinet Next Generation Firewalls as a proxy.  FortiGate SWG consolidates NGFW and SWG services, helping enterprises manage their network security solution with ease.  It supports all proxy deployment modes, and uses multiple detection techniques such as web filtering, DNS filtering, data loss prevention, antivirus, intrusion prevention and advanced threat protection to protect employees from internet threats.  FortiGate SWG is best suited for enterprises looking to consolidate network security services and optimize the workload of security teams.

Enterprises can also adopt FortiProxy, a dedicated Secure Web Gateway solution.

 

   

Features and Benefits

integration icon

Feature-rich product that consolidates NGFW and SWG services

high performance icon

Powerful hardware that can perform SSL deep inspection

icon vulnerability

Anti-malware techniques updated with the latest threat intelligence

icon benefits management

Reduce security team’s workload by providing a single pane of glass management for both NGFW and SWG

visibility icon

Effectively remove blind spots in encrypted traffic, without compromising on performance

checkmark icon

Stay protected against the latest known and unknown internet-borne attacks 

Secure Web Gateway(SWG) Models and Specifications



SWG is available in different form factors with many different models to choose from to meet your needs ranging from hardware appliances to VM options that be deployed in your datacenter.

Hardware Appliances
Throughput
5 Gbps
Ports
2x 10 GE SFP+, 10x GE RJ45, 8x GE SFP
SSL Inspection
6.8 Gbps
Throughput
4 Gbps
Ports
2x 10 GE SFP+, 10x GE RJ45, 8x GE SFP
SSL Inspection
6.8 Gbps
Throughput
5 Gbps
Ports
2x 10 GE SFP+, 16x GE SFP, 18x GE RJ45
SSL Inspection
4 Gbps
Throughput
6 Gbps
Ports
4x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45
SSL Inspection
6 Gbps
Throughput
7 Gbps
Ports
8x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45
SSL Inspection
10.5 Gbps
Throughput
9 Gbps
Ports
6x 10GE SFP+, 34x GE RJ45
SSL Inspection
12.5 Gbps
Throughput
9 Gbps
Ports
10x 10GE SFP+, 2x 10GE SFP+ bypass, 34x GE RJ45
SSL Inspection
12.5 Gbps
Throughput
22 Gbps
Ports
16x 10GE SFP+/GE SFP, 2x GE RJ45
SSL Inspection
19 Gbps
Throughput
24 Gbps
Ports
48x 10GE SFP+/GE SFP, 2x GE RJ45
SSL Inspection
20 Gbps
Throughput
20 Gbps
Ports
4x 40GE QSFP+, 20x 10GE SFP+/GE SFP, 8x SFP+, 2x GE RJ45
SSL Inspection
24 Gbps
Virtual Machines
FortiGate is supported on VMware, Microsoft Hyper-V, Citrix XenServer, Open Source Xen, KVM, Amazon Web Services (AWS) and Microsoft Azure. Please see the data sheet for more details.

Throughput
2.5 Gbps
Ports
1 / 10 (Minimum/Maximum)
Throughput
4.5 Gbps
Ports
1 / 10 (Minimum/Maximum)
Throughput
9 Gbps
Ports
1 / 10 (Minimum/Maximum)
Throughput
16.5 Gbps
Ports
1 / 10 (Minimum/Maximum)

Actual performance may vary depending on the network and system configuration. Performance metrics were observed using a DELL R740 (CPU Intel Xeon Platinum 8168 2.7 GHz, Intel X710 network adapters), running FOS v5.6.3. Tested with VMware vSphere 6.5 Enterprise Plus. SR-IOV is enabled. 1. IPS performance is measured using 1 Mbyte HTTP and Enterprise Traffic Mix. 2. Application Control performance is measured with 64 Kbytes HTTP traffic. 3. NGFW performance is measured with IPS and Application Control enabled, based on Enterprise Traffic Mix. 4. Threat Protection performance is measured with IPS and Application Control and Malware protection enabled, based on Enterprise Traffic Mix.

Public Cloud
Amazon Web Services (AWS) and Microsoft Azure supported for both BYOL (bring your own license) and On-demand (pay-as-you go). Please see the AWS and Azure Marketplace listings for more information:
Hardware Appliances
모델
FortiProxy 400E
License Capacity
500-2,500 Users
Ports
4x GE RJ45
모델
FortiProxy 2000E
License Capacity
2,500-25,000 Users
Ports
2x 10 GE SFP+, 2x GE SFP ports, 2x GE RJ45 ports
모델
FortiProxy 4000E
License Capacity
15,000-50,000 Users
Ports
4x 10 GE SFP+, 2x GE SFP ports, 4x GE RJ45 ports
Virtual Machines
모델
FortiProxy VM
License Capacity
25-25,000 Users
Ports
1 / 10 (Minimum/Maximum)

FortiGuard Security Services for Secure Web Gateway (SWG)

FortiGate SWG employs multiple FortiGuard services to protect users against the latest web threats and to enforce compliance.  One of the key services is FortiGuard Web Filtering, which is the only web filtering service in the industry that is VBWeb certified for security effectiveness by Virus Bulletin.

FG Web Filtering

웹 필터링

악성 또는 해킹되거나 부적절한 웹사이트 액세스를 차단하여 기관을 보호합니다.

Icon cloudsandbox

FortiSandbox 클라우드

FortiSandbox 클라우드 서비스는 이전에 알려지지 않았던 멀웨어를 동적 분석으로 식별하는 지능형 위협 보호 솔루션입니다. FortiSandbox 클라우드가 생성한 조치 가능한 인텔리전스를 네트워크 내부의 예방적 제어 기능에 입력하여 위협을 무력화합니다.

FG Antivirus

바이러스 백신

FortiGuard 바이러스 백신은 최신 바이러스, 스파이웨어 및 기타 콘텐츠 수준 위협을 방어합니다. 업계 최고의 진보된 탐지 엔진을 사용해 새로운 위협과 지능형 위협이 네트워크 내에서 발판을 마련하고 귀중한 콘텐츠에 액세스하지 못하도록 차단합니다.

FG Application Control

애플리케이션 제어

사용자가 실행하는 애플리케이션에 업계 최고의 실시간 가시성을 제공하여 보안을 개선하고 허용 가능한 사용 정책을 준수합니다. FortiGuard 애플리케이션 제어를 사용하면 애플리케이션 또는 애플리케이션 카테고리에 대한 액세스 허용, 거부 또는 제한 정책을 신속히 설정할 수 있습니다.

FG Intrusion Prevention

침입 방지

FortiGuard IPS는 위협이 네트워크 장치에 도달하기 전에 탐지, 차단함으로써 새로운 네트워크 침입으로부터 보호합니다.

Secure Web Gateway (SWG) Demo

product demo secure web gateway

FortiGate Secure Web Gateway Demo

With the increase in SSL web traffic, zero-day malware and growing number of social websites, enterprises are turning to secure web gateway to protect employees from internet-borne attacks. 

This demo lets you explore the key Secure Web Gateway features such as SSL Inspection, DNS and Web Filtering, Web Application Control, Authenticated Web Access and Detailed Reporting. 

Access the demo

Secure Web Gateway (SWG) FAQs

We recently migrated to Office 365 and our proxy can’t handle the traffic.  Can FortiGate SWG be used?

Yes, this is one of our common deployments.  FortiGate SWG has powerful hardware, and custom-built ASICs to provide high performance.  It can also enforce Office365 tenant restrictions and inspect SSL traffic .

Can FortiGate SWG be deployed in explicit proxy mode?

FortiGate SWG can be deployed in all proxy modes. It includes explicit proxy and transparent proxy for large enterprises, and inline proxy mode for smaller enterprises.    

How is FortiGate SWG licensed?

Unlike other SWG vendors, FortiGate SWG is not licensed per user.  You pay for the hardware and security services such as web filtering, antivirus, IPS, sandboxing, CASB and application control.   This significantly reduces the total cost of ownership.

What are the use cases supported by FortiGate SWG?

FortiGate SWG supports all common authentication methods such as RADIUS, Active Directory, LDAP and SAML.

What techniques does FortiGate SWG use for malware prevention?

FortiGate SWG always receives the latest security protection from FortiGuard Threat Intelligence Service, that collects threat data from more than 200,000 live deployments.   Numerous techniques are used for malware prevention such as AV, website reputation analysis, sandboxing and DLP.

Does FortiGate SWG work with other Fortinet products?

FortiGate SWG is part of the Fortinet Security Fabric, integrating with FortiClient for endpoint protection, FortiCASB for protection cloud applications, FortiSandbox for advanced protection, FortiManager and FortiAnalyzer for management.