A new trend in security Secure Web Gateway in SaaS mode

By Javier Peralta, Optenet Country Manager UK

To centralise the global security of corporate environments, a large number of companies are increasingly opting for a new generation of solutions based on the concept of Software as a Service (SaaS). Thanks to the falling cost and greater availability of fixed-line and mobile broadband services, SaaS solutions are not only viable considerations for small businesses, but for medium and large enterprises looking to streamline and centralise their client and server-side applications and services.

With this new software sales model, security applications are hosted by third party managed service providers and operators, while the actual day-to-day service application service is delivered to customers over the Internet ("in the cloud"). This model offers numerous benefits: a) lower implementation costs; b) fast deployment and service startup; c) "pay per use" pricing model; and d) reduced support requirements.

The traditional "one-to-many" SaaS model for security products, limited in terms of scalability and policy customisation, is facing competition from a new, more advanced model that offers the functionalities of a Secure Web Gateway in SaaS mode and, according to Gartner, promises to take 25% of the security markets by 2012.

The main advantage of deploying the SaaS SWG security model is that large organisations can act as service providers to address the needs of their various offices and their hundreds of thousands of end users, all from a single platform. Few organisations have the resources or space to deploy multiple local software gateways or appliances, and those that do deploy these solutions often lag behind in testing and deploying new versions due to the logistical constraints of servicing multiple remote locations. Such delays can themselves create security issues as known vulnerabilities and issues go unattended either for prolonged periods after updates become public, or are left altogether and thus can be leveraged by internal and external attacks.

The SaaS SWG system offers sufficient flexibility and granularity to be able to specify different security policies according to the criteria of each office or employee, individually or jointly, making the company's global security practices more effective. For example, if in an organisation, the anti-spam or web filtering applications are too restrictive for the performance requirements of a particular user, an administrator with the help of a web console that centrally controls the security application can easily adjust the settings for that user remotely. This supervision capability minimises overblocking and improves end-user productivity. Most importantly, it removes the need for local intervention either by remote staff or by sending IT support personnel to the remote location to reconfigure the application or appliance.

In short, with the SaaS SWG model, organisations can enjoy, through their service provider or trusted operator, a complete and customised security service with a 100% configurable management console, as if it were an exclusive service based on the isolated tenancy model but with the benefits the one-to-many model provides in terms of deployment, management and cost. However, the flexibility of the SaaS SWG means that the company purchasing the service from an ISP can also become a service provider in its own right or maintain an internal market for IT services. This becomes more important when the company, as customer, has a large estate of remote locations and users to manage such as a retail chain estate, franchises or global office locations. Rather than make regional SaaS SWG arrangements, they themselves can also act as service providers and deploy the suggested architecture to centralise the global security of all their offices and workers.

We have already taken advantage of the many-to-many model in our security product portfolio to offer operators, managed service providers and enterprises wishing to provide security centrally to all their offices, factories and other associated locations all the elements they need to enjoy, as a service, all the functionalities of an SWG with a multi-instance/multi-tenant architecture.

One of the main advantages is that SaaS SWG integrates with existing infrastructure using Active Directory, or any other company authentication directory, in order to manage users and access groups and apply settings both globally and individually. In this situation, multi-authentication enables multiple administrators to access the management console and define policies according to the requirements of each office.

Optenet is exhibiting at Infosecurity Europe 2009, the No. 1 industry event in Europe held on 28th – 30th April in its new venue Earl’s Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise. For further information please visit www.infosec.co.uk

Optenet is a global IT security company that provides high-performance security solutions to service providers and large enterprises worldwide. Optenet’s technology protects 75 million end users around the globe, including the customers of many of the world’s leading ISPs and mobile operators, as well as employees of global enterprise organisations. The Company is a socially conscious organisation, committed to eliminating illegal content on the Internet, protecting children and supporting government agencies and non-profit organisations that share the same goal. For more information, visit http://www.optenet.com

Source: Infosecurity PR
<>