• Home
  • /
  • Malware
  • /
  • Secure web gateways, SASE and the vision of AI

Secure web gateways, SASE and the vision of AI

Together, secure web gateways and secure access service edge allow major improvements in networking performance.
Paul Stuttard
By Paul Stuttard, Director, Duxbury Networking.
Johannesburg, 22 Mar 2024
Paul Stuttard, director, Duxbury Networking.
Paul Stuttard, director, Duxbury Networking.

Analysts expect significant growth in the secure web gateway (SWG) market, buoyed by a quantum leap in demand for SWG-based solutions. Published figures point to the market reaching $7.08 billion by 2028, up from $5.71 billion in 2021.

An SWG is described as a cloud-native cyber barrier that protects organisations from the growing volume of sophisticated cloud-enabled threats and data risks.

It is, in essence, an on-premises or cloud-delivered network security technology that filters internet traffic and provides a high degree of network protection through the inspection of web requests which are compared to corporate and legal security policies.

US research firm Future Market Insights confirms that as internet access remains a necessity for today's vast majority of enterprises, stakeholders are putting ever-greater emphasis on security “to stay ahead of the curve”.

The latest generation of SWGs represents the logical evolution of the traditional SWG, which was seen as a web proxy or web filter whose functions were eventually integrated into a concept known as a security service edge (SSE) architecture.

Because traditional network approaches and technologies no longer provide the security and access control digital organisations need, the SSE concept has evolved into the secure access service edge (SASE) cloud-based framework, which provides monitoring and policy enforcement with integrated network controls and application programming interfaces (APIs) augmented by endpoint-based controls.

Because both SASE and SWG technologies are vital to modern cyber security, their connection might be characterised as symbiotic.

SASE was first proposed by Gartner in 2019 as a model which reframes networks and network security architectures to help companies cope with the shifting security requirements facing the distributed enterprise.

More specifically, Gartner, in its technological research and consulting role, created the SASE model “in response to the limitations of conventional networking and security architectures in keeping pace with emerging edge-centric trends in mobility, cloud, SD-WAN and the internet of things”.

SASE is described as a “challenging, far-reaching initiative geared to meet the needs of modern enterprises, while addressing the rise in remote users of cloud-based applications and the increase in data flows towards cloud services and branch offices, rather than back to data centres”.

According to Orange Cyberdefense, the cyber security business unit of the Orange Group, SASE is a mindset, not a single product. And, as highlighted in an Orange-authored white paper, “it unites networking and network security, offering secure access to all users from everywhere. It is not simply a solution that companies can install and forget about. It is a discipline that needs continuous monitoring, detection and response driven by constantly-evolving threat intelligence.”

Because both SASE and SWG technologies are vital to modern cyber security, their connection might be characterised as symbiotic. For instance, SWG offers web traffic security, while SASE represents the convergence of networking and security operations into a single cloud-based service architecture.

Moreover, SWG capabilities are frequently included into the larger cloud-native architecture in the SASE model, providing secure access to online resources from any location.

It’s appropriate to say that SWG and SASE both provide a cloud-native security strategy. While SWG solutions are usually deployed as virtual appliances or cloud-based services, SASE uses the scalability, flexibility and agility of a cloud infrastructure to deliver security services.

Together, these technologies have brought about a number of major improvements in networking performance by making it possible to apply more effective security measures.

For example, the main purpose of SWG technology is to inspect and filter online traffic in order to defend against malicious software, phishing and data exfiltration.

These SWG functions are smoothly included into the overall security posture inside a SASE framework, guaranteeing that all online traffic − regardless of the user's location − is examined and filtered in accordance with the company’s security policies.

The idea of zero trust security − which holds that no entity should be trusted whether it is inside or outside the network boundary − are shared by SASE and SWG whose technologies are noteworthy for their emphasis on user-centric security.

Against this backdrop, the application of artificial intelligence (AI) is becoming more significant, as organisations strive to deploy increasingly-inclusive security solutions that apply and adjust to the changing needs and behaviours of users in a distributed and mobile workforce.

This is confirmed by acclaimed US-based corporate strategy consultant Narasimha Raju, who says “the SASE market is an evolving one and the next stage could be an AI-driven, cloud-based unified securing and networking platform”.

Undoubtedly, the effectiveness and efficiency of security operations will be improved by incorporating AI-driven threat detection capabilities into SASE and SWG solutions.

To illustrate, AI-powered threat detection algorithms can evaluate enormous volumes of network traffic data – and threat intelligence − in real-time and do it more swiftly and precisely than conventional techniques allow.

Then, using AI-based predictive analytics capabilities, emerging security threats or weaknesses can be promptly identified, allowing automatic responses to be initiated without any human intervention.

Looking to the future, SASE and SWG solutions will leverage machine learning and other evolving AI techniques to be able to stay ahead of cyber adversaries and provide ever-increasing levels of ongoing protection.