SafeSquid SWG

An HTTP(S) Proxy server is the core component of most perimeter web security solutions. While larger networks employ dedicated proxy server solutions, most of the small business and enterprise networks depend on proxy services offered by traditional UTM / NGFW solutions. Most of these solutions are based on near-identical adaption of legacy open-source HTTP Proxy server technologies that were originally designed for purposes other than security. Technical limitation in options and capabilities offered by typical perimeter security solutions, thus is also quite similar.

Secure operating practices defined as GRC policies for web security are key to pro-active defence against evolving threats like Ransomware, loss of confidential information, and targeted behavior altering attacks on enterprises. Legacy proxy server solutions require security measures to be defined around their limited capabilities and features. HTTP proxy servers specifically designed for web security have extensively configurable options that enable precise translation of GRC policies defined in vendor-agnostic terminology.

Brief Introduction

SafeSquid is an HTTP(S) Proxy Server specially designed for Deep Content Inspection and Security.

The tight integration of SafeSquid’s protocol and payload security, with the user and client application identification features, makes it an ideal Application Layer Firewall.

SafeSquid’s intuitive user interface offers extreme flexibility in configuration options to ensure accurate implementation of web security GRC policies.
Under the hood, is a state-of-the-art mosaic of neural networks, for Real-Time Deep Traffic Analysis, and feeds off a cloud based intelligence service.
SafeSquid’s open-architecture enables easy integration with a variety of third-party security technologies.

SafeSquid complements your existing network security infrastructure to fortify your perimeter defence. Securely distribute internet access with SafeSquid based secure web gateways to your networked users.

Key Benefits

Gateway-Level Malware Defence
Protects users from phishing attacks
Shields enterprise-wide user privacy
Restricts upload and download of pornographic content
Regulates all uploads to protect against loss of confidential data
Regulates web-site login to curb cyber-slacking
Regulates use of Internet Applications
Ensures high-precision role-based web access
Prevents bandwidth saturation due to unwanted uploads and downloads
Improves users’ web-experience

Technology

100% software based solution distributed as a software appliance
High performance proxy server - handles thousands of concurrent connections
Intelligent connection management for optimized resource utilization
Automatic SSL session caching and management, ensures seamless HTTPS Inspection
Supports all proxy-aware Internet clients like Browsers, and other utilities
Supports transparent proxying of HTTP(S) clients
Real-time content analysis ensures reliable protection against malware, loss of confidential data, and pornography.
Robust multi-threaded SMP-aware neural-network architecture, ensures near-zero latency web-experience
Smart detection of actual uploaded content
Signatures for hundreds of web applications
Categorized database of over 20 Million web-sites
Fully user re-programmable Web 2.0 controls
Easy Integration with OpenLDAP / Microsoft® Directory Services
Real-time multi-cast as SIEM / Threat-Intelligence Feeds
Intrinsic WebUI for policy management and traffic analytics
Cloud-based node management system for enterprise-wide policy requirements and disaster recovery

USP

Improves users’ security awareness levels and facilitates their contribution
Facilitates secure adoption of innovative web technologies
Polymorphic security sieve enables multi-dimension security validation
Precise conversion of your web security GRC requirements into enforced policies
XML based policy storage for easy security audit
Cloud-backed Hybrid Management of cluster nodes
Automatic policy replication across cluster nodes
Built-in disaster recovery and policy restore
Highly scalable architecture
Comprehensive documentation and user guides
Dedicated Technical Support

How it Works

Registration on the SafeSquid Self-Service Portal is free, and instantly gives you a unique Product Activation Key.
Use the SafeSquid Self-Service cloud portal to implement your Enterprise CA SSL certificates, and manage your enterprise-specific web-categorization requirements.
Download the SAB (SafeSquid Appliance Builder) ISO.
Setup your secure web gateway on any virtualization infrastructure like VMware® or Microsoft® Hyper-V OR transform standard Intel® server hardware into secure web gateway appliance.
Use the intrinsic WebUI to integrate your SWG to your Directory Services, and policy requirements.
Configure proxy-aware applications to use SafeSquid Proxy Service, and transparently redirect traffic from other applications to the Proxy Service.
Accord “Bypass” privileges to senior management to enable them in contributing to building up of the policy requirements.
While your Network Layer Firewalls like UTM / NGFW isolate your enterprise network from the Internet, SafeSquid Proxy Service provides the Secure Web Gateway to the underlying web applications
Add any number of gateway nodes to meet your topological and load requirements.

Solution Highlights

User consented web access
Total defence against security breaches launched via third-party web-site components
Cloud-Backed Zero-Day Threat Intelligence And URL Classification
Real-Time Pornographic Content Detection
Real-Time Malware Defence
Custom web-categorization for operational needs
Compliance of policies for cyber-slacking prevention
Compliance of web-site login governance policies
Compliance of SSO regulations for web applications
Compliance of data upload risk-mitigation policies
Compliance of client application risk-mitigation policies
Real-time view of traffic
Automatic Policy Replication across all nodes
Use SafeSquid to distribute web access across large enterprise networks, securely.