January 15, 2012

1.1.6 Web Security Gateways


Web security gateway, can be thought of as a proxy server (performing proxy and caching functions) with web protection that can range from a standard virus scanner on incoming packets to monitoring outgoing user traffic.

Potential red flags the gateway can detect/prohibit include inappropriate content, trying to establish a peer-to-peer connection with a file-sharing site, instant messaging, and unauthorized tunneling. You can configure most web security gateways to block known HTTP/HTML exploits, strip ActiveX tags, strip Java applets, and block/strip cookies.

Beyond the basic tasks of a web proxy, it provides content filtering and application-level security to protect end users from accessing dangerous web sites and downloading files that are infected with worms, spyware or malware, or else from connection to servers that host phishing and fraud sites.

Web security gateways can perform deep inspection of web HTTP traffic to prevent end users from accessing dangerous content.

These types of gateways can also scan text content of web sites to search for prohibited words and phrases that indicate offensive content. For maximum effectiveness, all end-user web browser clients must be configured to use the gateway as their web proxy.

References:
CompTIA Security+ Study Guide: Exam SY0-301, Fifth Edition by Emmett Dulaney
Mike Meyers' CompTIA Security+ Certification Passport, Second Edition by T. J. Samuelle

No comments:

Post a Comment