Web Gateways Need Backstops

New report emphasizes the importance of layered defense.

Ericka Chickowski

February 22, 2016

1 Min Read
NetworkComputing logo in a gray background | NetworkComputing

A new report out this week showed how permeable network gateway protections can be on their own. In a 10-month study of 200 billion communications over one million client devices, Securlert took a deep dive look into the types of malicious activities that initially got past eight leading web gateway products. While some performed better than others, the conclusion was that there were still plenty of threats getting through this layer of defense.

The study looked at whether the gateways were allowing infected, internal devices to communicate outside of the organization to their perpetrators. According to the researchers, almost all of the environments studied were running sophisticated perimeter defense systems that included a secure web gateway and/or next generation firewall, an IPS/IDS, plus fully functioning endpoint protection and SIEM correlation.

According to the report, more than half of the gateways studied allowed more than 40% of the attempted malicious outbound communications to successfully reach C&C servers. And overall, 40% of all attempted malicious communication managed to beat the web gateways in question.

"Today’s enterprises are unknowingly allowing malicious outbound communication to be transmitted through their web gateways on a daily basis,” said Richard Greene, Seculert CEO.

According to the recent IWK Strategic Security Survey, while firewalls remain the security product most valued by security professionals -- 62% of them put them in their top three -- gateway antivirus or anti-malware is only similarly valued by about 12% of security professionals.

Read the rest of the article on Dark Reading.

About the Author

Ericka Chickowski

Contributing Writer, Dark Reading

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights