Policy configuration

To protect your network against threats arising from the web, Web Gateway enforces a web security policy, which is implemented during the initial setup. You can configure this policy later on to adapt it to your requirements.

When performing this configuration, you are dealing with several fields of web security that your policy should cover. You can also extend the filtering process and make it suitable for cloud use.

Web security policy

A web security policy is made up of rules, which are grouped in rule sets on Web Gateway.

When a situation arises where a rule applies, it performs an action to handle this situation. The situation can be an immediate threat, for example, a virus in a file that a user who works within your network attempts to download. In this case, the rule would block the attempt.

Other situations might be that a user requests access to an online shopping site during work hours or tries to download a very large streaming file. Both activities could be blocked by suitable rules.

You can modify all rules on Web Gateway to let them perform the actions that you consider appropriate.

Fields of web security

A web security policy usually covers different fields of web security. Such fields are, for example:

  • Anti-malware filtering — Protects your network against viruses and other malware
  • URL filtering — Controls access to web objects based on URLs, for example, to block inappropriate content
  • Media type filtering — Controls access to web objects based on media types, for example, to prevent users from downloading media that consume overmuch bandwidth

Different fields of web security are usually covered by different rule sets on Web Gateway.

Some fields are already covered by default rule sets after the initial setup. The following are, for example, provided here:

  • Gateway Anti-Malware rule set — Enables protection against viruses and other malware by invoking anti-malware engines for scanning web objects
  • URL Filtering rule set — Enables control of web access by evaluating URLs of web objects with regard to categories and reputation scores retrieved from threat intelligence systems.
  • Media type filtering rule set — Enables control of web access by detecting the media types that web objects belong to.

You can extend the coverage for these fields and also include additional fields by importing rule sets from a built-in or an online library.

Cloud use

The rules of your web security policy are applied to the traffic that is created by the web usage of the users of your organization.

Unless you configure it differently, however, the rules are only applied to the web usage of those users who access the web from inside your local network. This kind of usage is also known as on-premise use.

You can, however, enable one or more rule sets for cloud use. This means that the rules in these rule sets are also enforced when users of our organization access the web from outside your local network.

Filtering process

The activities that are performed by rules on Web Gateway can be seen as parts of a comprehensive filtering process. This process filters web traffic that is caused by the web usage of the users within your network.

The process blocks attempts to access the web that do no comply with your web security policy and allows those that are compliant.

The process is performed in different cycles.

  • Request cycle — Filters requests for web access submitted by users in your network
  • Response cycle — Filters responses to requests sent by web servers to your network
  • Embedded object cycle — Filters embedded objects, for example, files or archives, sent embedded in requests or responses.

Only one filtering cycle is going on at a particular point in time on Web Gateway.

The rule sets of your web security policy can be differently configured with regard to these cycles. A particular rule set can apply to all cycles, or only to one, or to any combination of them.