Secure Web Gateway Solutions from Comodo | How to Secure Web Gateway?

Hackers like weak links—you need to cover all your bases (including user productivity).

Today's hackers are incredibly sophisticated, and they have a lot of tools and techniques at their disposal. It's not enough to understand past attacks and prevent others just like them—you also need to protect against attacks you don't know about. How do you fight the unknown? Comodo Dome Secure Web Gateway delivers a suite of security capabilities to identify and stop any kind of malicious activity from getting in. And it does so without affecting the experience of your legitimate users. After all, they still need to do their jobs.

Key capabilities

Comprehensive: Leverages the world's largest crowd-sourced threat intelligence. of websites.
Flexible: Lets you create user-based groups for granular policy management.
End user-friendly: Uses portable containment and cloud sandbox technology for zero impact to the end user.
Easy to set up: Downloading and installing the agent is a snap and you'll be up and running before you know it.

Most cybersecurity tools use a "default allow" approach. They let everything in and then determine if something is bad and needs to be blocked. Some tools take a safer "default deny" approach and analyze unknown files before they deliver them to users. The tradeoff, however, is usability as users have to wait for quarantined files that are legit to be released. The Comodo Dome Secure Web Gateway solves this problem using a "default deny" approach that doesn't affect usability.

Auto-containment

Rather than sending unknown files to a sandbox sitting on a server, the Secure Web Gateway runs them in a virtual container right on the user's endpoint while the file is being analyzed. The container allows it to run just as well as it does normally, but prevents the file from accessing the host's resources or user data so it can't damage or infect the system. Comodo's containment technology is extremely lightweight, has no CPU dependencies, and is application-agnostic.

Real-time, cloud-based analysis

While unknown files are running in containment, they are uploaded to the cloud for real-time analysis using Comodo's Valkyrie technology. This global threat cloud, which analyzes 73 billion file queries and 300 million unique unknown files annually, returns a verdict within 45 seconds for 95% of the files submitted. In the 5% of cases where Valkyrie is unable to return a verdict, the file can be sent to researchers for human analysis who make a determination within SLA timelines.

Granular policy management - even off-network

Comodo Dome Secure Web Gateway provides user-, group-, department-, Active Directory-, and location-based web access policy management. Get URL filtering with 80+ categories; build your own black/whitelists; block and delete inappropriate search engine results with safe search enforcement; and block files based on source, category, and file type. You can apply policies to multiple locations and you can even cover roaming users regardless of where they are connecting from.

Managed service option

If desired, we can act as your managed service provider to save you even more time. Our services include installation, set-up, and fine-tuning; creating and refining web access and advanced threat protection policies; monitoring and analyzing risky files; black/whitelisting specific URLs; and more.

Features

Comodo Dome Secure Web Gateway is a 100% cloud-based service. There is a "host it yourself" license available.

Features	Cloud Try it for free	Host it yourself Try it for free
No hardware, no installation required 100% cloud-based, load-balanced, geo-distributed, highly available cloud infrastructure Countries.
Enforce policies and gain visibility Per user, group, location, site, and roaming users; integrates easily with Active Directory and SAML
URL and content filtering 80+ content categories, custom black/whitelists, safe search enforcement, country-based blocking, hash-based blocking
File-type control Granular file-type control rules per true file type, hash, source, and category
Inline advanced threat protection Block phishing, malware, botnets, C&C callback events, spyware, drive-by downloads, XSS-injected websites, cookie stealing, anonymizers, TOR, encrypted files, and all web-borne attacks
Inline static and behavioral analysis, cloud sandbox Analyze all inbound traffic with Valkyrie and dedicated Comodo malware analyst; get in-depth malware analysis reports
Inline antimalware and antispyware Leverage the world's biggest malware signature base
Patented portable containment technology Prevent unknown files from accessing the host system's resources and user data until a good/bad verdict is returned
SSL inspection Inline inspection of encrypted traffic and content filtering
Real-time, fully customizable reporting Monitor web transactions from anywhere, get scheduled reports delivered to your inbox, and generate custom reports using simple widgets
Traffic forwarding Use Comodo's simple traffic forwarding agent, proxy chaining, ICAP, or direct proxy/PAC
Multi-office, multi-location, and roaming user protection Cover all your offices and users no matter where they are
Web data loss prevention Stop exfiltration of sensitive data over web traffic
24x7 phone, chat, and email support
	Try it for free	Try it for free